www.difficultchin.cyou Open in urlscan Pro
2606:4700:3035::681b:b703  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Page URL
2. http://www.difficultchin.cyou/offer.php?id=86&sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Page URL
3. http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Show response www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/	1 KB 1 KB	154ms 133ms	Document text/html	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.19 Resource Hash 1240f225c5dd796be1d71ae54a2f252a8482f416ce34739b7395524f962337d4 Request headers Host www.difficultchin.cyou Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:38 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d49e79af24a4577308e8bc59c41feffb11598273438; expires=Wed, 23-Sep-20 12:50:38 GMT; path=/; domain=.difficultchin.cyou; HttpOnly; SameSite=Lax X-Powered-By PHP/7.3.19 CF-Cache-Status DYNAMIC cf-request-id 04c21e5a85000017664c8b2200000001 Server cloudflare CF-RAY 5c7d333dac8c1766-FRA Content-Encoding gzip
GET H/1.1	200 OK	jquery-1.11.0.min.js Show response www.difficultchin.cyou/	94 KB 33 KB	150ms 149ms	Script application/javascript	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/jquery-1.11.0.min.js Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Request headers Referer http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:38 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Wed, 15 Jun 2016 01:14:34 GMT Server cloudflare ETag W/"5760abfa-1787d" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d333e7ef01766-FRA cf-request-id 04c21e5b0f000017664c8bc200000001
GET H2	200	js Show response www.googletagmanager.com/gtag/	89 KB 35 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-22484186-3 Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ae1d3d7c47fff2624b3aa69d4cae39fce956e87d5264859ef067ac09586a5ed0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 12:50:38 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35775 x-xss-protection 0 last-modified Mon, 24 Aug 2020 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 24 Aug 2020 12:50:38 GMT
GET H/1.1	200 OK	offer.php Show response www.difficultchin.cyou/	464 B 703 B	115ms 114ms	Document text/html	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/offer.php?id=86&sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.19 Resource Hash 4b48e1c7c6b5e7988fe702853a4563be5a81bcbb62935e1f628c7786f05f4784 Request headers Host www.difficultchin.cyou Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d49e79af24a4577308e8bc59c41feffb11598273438 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.difficultchin.cyou/ncahvwxf/rvwgbw756022thkt/u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Response headers Date Mon, 24 Aug 2020 12:50:38 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.19 CF-Cache-Status DYNAMIC cf-request-id 04c21e5bba000017664c8c2200000001 Server cloudflare CF-RAY 5c7d333f9a4b1766-FRA Content-Encoding gzip
GET H/1.1	200 OK	Primary Request index.php Show response www.difficultchin.cyou/clicks/cb3/d2/	7 KB 3 KB	129ms 128ms	Document text/html	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.19 Resource Hash dc61f1afcea70da52c88dd95d9df39985ca3138febfb8c9bd83ec428126d8979 Request headers Host www.difficultchin.cyou Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.difficultchin.cyou/offer.php?id=86&sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d49e79af24a4577308e8bc59c41feffb11598273438 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.difficultchin.cyou/offer.php?id=86&sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Response headers Date Mon, 24 Aug 2020 12:50:38 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.19 CF-Cache-Status DYNAMIC cf-request-id 04c21e5c36000017664c8c9200000001 Server cloudflare CF-RAY 5c7d33405c7d1766-FRA Content-Encoding gzip
GET H2	200	5d530a7b0e62420012b03c59 Show response api.pushnami.com/scripts/v1/pushnami-adv/	156 KB 47 KB	75ms 31ms	Script application/javascript	143.204.94.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59 Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.94.94 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-94-94.fra50.r.cloudfront.net Software / Resource Hash e5b6fce056d51194f2937ede465b6b34398d93d73c64af6484625938a5b17c92 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 12:47:08 GMT via 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront) age 210 vary accept-encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control no-cache x-amz-cf-pop FRA50-C1 content-encoding gzip x-amz-cf-id Dg0zedqZ-FpdHw1qrnzaNUn4ChHWa0x2MHOOlRuDKCcpmfXB0KkhsA==
GET H2	200	css fonts.googleapis.com/	5 KB 757 B	18ms 15ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 84a82dc25afcc7f43907d1a33a4c2c9e3f086d0d5e46b5e22942d7969019d8a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 24 Aug 2020 12:50:38 GMT server ESF date Mon, 24 Aug 2020 12:50:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 24 Aug 2020 12:50:38 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 658 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,400,700,800 Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8ed26c08870e053600847f4fb99e5ee01458e36024b696524243de6ae2458928 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 24 Aug 2020 12:50:38 GMT server ESF date Mon, 24 Aug 2020 12:50:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 24 Aug 2020 12:50:38 GMT
GET H/1.1	200 OK	bootstrap.min.css www.difficultchin.cyou/clicks/cb3/d2/bootstrap/3.3.5/css/	120 KB 20 KB	216ms 215ms	Stylesheet text/css	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/bootstrap/3.3.5/css/bootstrap.min.css Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag W/"5f14f14c-1deac" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d33413e9b1766-FRA cf-request-id 04c21e5cbf000017664c8d6200000001
GET H/1.1	200 OK	bootstrap-theme.min.css www.difficultchin.cyou/clicks/cb3/d2/bootstrap/3.3.5/css/	23 KB 3 KB	185ms 178ms	Stylesheet text/css	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/bootstrap/3.3.5/css/bootstrap-theme.min.css Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag W/"5f14f14c-5b3d" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d334139810631-FRA cf-request-id 04c21e5cc3000006312c252200000001
GET H/1.1	200 OK	font-awesome.min.css www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/css/	26 KB 6 KB	212ms 206ms	Stylesheet text/css	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/css/font-awesome.min.css Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag W/"5f14f14c-6857" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d33413f84c2b3-FRA cf-request-id 04c21e5cc60000c2b36facc200000001
GET H/1.1	200 OK	style.css www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	6 KB 2 KB	166ms 160ms	Stylesheet text/css	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/style.css Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de398c2d61619a53ee76bde35a834115cd7ea547f66cc85b212168c80759b3e4 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag W/"5f14f14c-16ae" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d33413b3b16f2-FRA cf-request-id 04c21e5cc5000016f2aeb52200000001
GET H/1.1	200 OK	11-min.jpg www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	2 KB 2 KB	134ms 133ms	Image image/jpeg	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/11-min.jpg Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3a376497688f894b2e7b66f15b82484bb9486b129bf3883357c074709febc5d Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag "5f14f14c-7ea" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 5c7d33429a411766-FRA Content-Length 2026 cf-request-id 04c21e5d9d000017664c8dd200000001
GET H/1.1	200 OK	21.gif www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	7 MB 7 MB	223ms 222ms	Image image/gif	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/21.gif Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae098702b8771848d82ec68508a802c833398dca0fa006664b46a5361d68ee5 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag "5f14f14c-6e809f" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 5c7d33429e890631-FRA Content-Length 7241887 cf-request-id 04c21e5d9d000006312c268200000001
GET H/1.1	200 OK	watch-min.png www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	9 KB 10 KB	140ms 140ms	Image image/png	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/watch-min.png Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75e990eea7ed0c22a653be4d8bcc44ded9b1bb4fca6b10e29c4b3d9a7643fed3 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT CF-Cache-Status REVALIDATED Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag "5f14f14c-247f" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 5c7d33429f9b16f2-FRA Content-Length 9343 cf-request-id 04c21e5d9d000016f2aeb6c200000001
GET H/1.1	200 OK	jquery-1.11.3.min.js Show response www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	94 KB 33 KB	220ms 220ms	Script application/javascript	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/jquery-1.11.3.min.js Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag W/"5f14f14c-176d5" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5c7d33428b57c2b3-FRA cf-request-id 04c21e5d930000c2b36fada200000001
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/	36 KB 10 KB	8ms 8ms	Script text/javascript	2001:4de0:ac19::1:b:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 12:50:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:33:51 GMT status 200 etag "1544639631" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 9743
OPTIONS H2	204	track trc.pushnami.com/api/push/	0 0	302ms 99ms	Other	23.20.203.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Protocol H2 Server 23.20.203.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-203-72.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers key Origin http://www.difficultchin.cyou Sec-Fetch-Mode cors Response headers status 204 date Mon, 24 Aug 2020 12:50:39 GMT access-control-allow-origin * access-control-allow-methods POST access-control-allow-headers Accept,Authorization,Content-Type,If-None-Match,key access-control-max-age 86400 access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control no-cache
POST H2	200	track Show response trc.pushnami.com/api/push/	2 B 168 B	101ms 100ms	Fetch text/html	23.20.203.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.20.203.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-203-72.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o key 5d530a7b0e62420012b03c59 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/x-www-form-urlencoded Response headers status 200 date Mon, 24 Aug 2020 12:50:39 GMT cache-control no-cache access-control-allow-origin * content-type text/html; charset=utf-8 content-length 2 access-control-expose-headers WWW-Authenticate,Server-Authorization
OPTIONS H2	204	track trc.pushnami.com/api/push/	0 0	298ms 100ms	Other	23.20.203.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Protocol H2 Server 23.20.203.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-203-72.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers key Origin http://www.difficultchin.cyou Sec-Fetch-Mode cors Response headers status 204 date Mon, 24 Aug 2020 12:50:39 GMT access-control-allow-origin * access-control-allow-methods POST access-control-allow-headers Accept,Authorization,Content-Type,If-None-Match,key access-control-max-age 86400 access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control no-cache
POST H2	200	track Show response trc.pushnami.com/api/push/	2 B 168 B	101ms 101ms	Fetch text/html	23.20.203.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.20.203.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-203-72.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer http://www.difficultchin.cyou/clicks/cb3/d2/index.php?sid=820304&h=u9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE/AjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o key 5d530a7b0e62420012b03c59 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/x-www-form-urlencoded Response headers status 200 date Mon, 24 Aug 2020 12:50:39 GMT cache-control no-cache access-control-allow-origin * content-type text/html; charset=utf-8 content-length 2 access-control-expose-headers WWW-Authenticate,Server-Authorization
GET H/1.1	200 OK	background-shadow-min.png www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/	89 KB 90 KB	209ms 203ms	Image image/png	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/background-shadow-min.png Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/style.css Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7ac9d8ba715de999ebda081cf6c9bc4af372c5dc40ff904fb15721e6849b4cc Request headers Referer http://www.difficultchin.cyou/clicks/cb3/d2/nwh/diet/suitcase/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT CF-Cache-Status REVALIDATED Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag "5f14f14c-16527" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 5c7d3342a95c97d2-FRA Content-Length 91431 cf-request-id 04c21e5da6000097d27eba6200000001
GET H/1.1	200 OK	fontawesome-webfont.woff2 www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/fonts/	63 KB 63 KB	133ms 129ms	Font font/woff2	2606:4700:3035::681b:b703 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: www.difficultchin.cyou URL: http://www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/css/font-awesome.min.css Protocol HTTP/1.1 Server 2606:4700:3035::681b:b703 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://www.difficultchin.cyou Referer http://www.difficultchin.cyou/clicks/cb3/d2/font-awesome/4.4.0/css/font-awesome.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 24 Aug 2020 12:50:39 GMT CF-Cache-Status MISS Last-Modified Mon, 20 Jul 2020 01:20:12 GMT Server cloudflare ETag "5f14f14c-fbd0" Vary Accept-Encoding Content-Type font/woff2 Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 5c7d3342a855bf0a-FRA Content-Length 64464 cf-request-id 04c21e5da50000bf0a5b288200000001
GET H2	200	u-4x0qWljRw-Pd8w__1ImSRu.woff2 fonts.gstatic.com/s/cabin/v14/	13 KB 13 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v14/u-4x0qWljRw-Pd8w__1ImSRu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.difficultchin.cyou Referer https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 09:07:59 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:23:50 GMT server sffe age 13360 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13440 x-xss-protection 0 expires Tue, 24 Aug 2021 09:07:59 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.difficultchin.cyou Referer https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 09:03:54 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 13605 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Tue, 24 Aug 2021 09:03:54 GMT
GET H2	200	u-480qWljRw-PdeL2uhluylEeQ5J.woff2 fonts.gstatic.com/s/cabin/v14/	13 KB 13 KB	5ms 5ms	Font font/woff2	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-PdeL2uhluylEeQ5J.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.difficultchin.cyou Referer https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 09:07:59 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:22:05 GMT server sffe age 13360 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12928 x-xss-protection 0 expires Tue, 24 Aug 2021 09:07:59 GMT
GET H2	200	u-480qWljRw-Pdfv2-hluylEeQ5J.woff2 fonts.gstatic.com/s/cabin/v14/	13 KB 13 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-Pdfv2-hluylEeQ5J.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.difficultchin.cyou Referer https://fonts.googleapis.com/css?family=Cabin:400,600,700|Lato:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 24 Aug 2020 09:14:31 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:17:38 GMT server sffe age 12968 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13668 x-xss-protection 0 expires Tue, 24 Aug 2021 09:14:31 GMT

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami object| currentDate number| day number| month number| year function| $ function| jQuery object| jQuery1113003646666287382838

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.difficultchin.cyou/	1970-01-19 12:41:05	Name: __cfduid Value: d49e79af24a4577308e8bc59c41feffb11598273438

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: Pushnami - error not SSL
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: {"event":"webpush-error-not-ssl","scope":"Website","scopeId":"5d530a7b0e62420012b03c58","l":"http%3A%2F%2Fwww.difficultchin.cyou%2Fclicks%2Fcb3%2Fd2%2Findex.php%3Fsid%3D820304%26h%3Du9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE%2FAjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o"}
console-api	warning	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 3) Message: @babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning.
console-api	error	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: Pushnami - error not SSL
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: {"event":"webpush-error-not-ssl","scope":"Website","scopeId":"5d530a7b0e62420012b03c58","l":"http%3A%2F%2Fwww.difficultchin.cyou%2Fclicks%2Fcb3%2Fd2%2Findex.php%3Fsid%3D820304%26h%3Du9kvhHULTsWnQOAHWPx-UCGzNrO6jCGLuKun3H3_ZuE%2FAjBaJNQqylYPlVpp_PSJ-6DWz-Q8VCLcToSsgs4SQLOW5gl9AUmK2vBtBxhpvnvqi3E_c-KTPEu4rZKUFG2mLdfF-p6oU2h-kIl3_RdDkKd76bC0yoMpLVY0Mv9k7O-NngEXh24wo3ECZX-hvRFU2WAn0_9sOQGDFnO2OKFuK_o"}
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: Tracking OK [object Response]
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d530a7b0e62420012b03c59(Line 4) Message: Tracking OK [object Response]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
trc.pushnami.com
www.difficultchin.cyou
www.googletagmanager.com
143.204.94.94
2001:4de0:ac19::1:b:3a
23.20.203.72
2606:4700:3035::681b:b703
2a00:1450:4001:801::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::200a
1240f225c5dd796be1d71ae54a2f252a8482f416ce34739b7395524f962337d4
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b48e1c7c6b5e7988fe702853a4563be5a81bcbb62935e1f628c7786f05f4784
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d
75e990eea7ed0c22a653be4d8bcc44ded9b1bb4fca6b10e29c4b3d9a7643fed3
84a82dc25afcc7f43907d1a33a4c2c9e3f086d0d5e46b5e22942d7969019d8a8
8ae098702b8771848d82ec68508a802c833398dca0fa006664b46a5361d68ee5
8ed26c08870e053600847f4fb99e5ee01458e36024b696524243de6ae2458928
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
ae1d3d7c47fff2624b3aa69d4cae39fce956e87d5264859ef067ac09586a5ed0
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
d3a376497688f894b2e7b66f15b82484bb9486b129bf3883357c074709febc5d
dc61f1afcea70da52c88dd95d9df39985ca3138febfb8c9bd83ec428126d8979
de398c2d61619a53ee76bde35a834115cd7ea547f66cc85b212168c80759b3e4
e5b6fce056d51194f2937ede465b6b34398d93d73c64af6484625938a5b17c92
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f7ac9d8ba715de999ebda081cf6c9bc4af372c5dc40ff904fb15721e6849b4cc