urlscan.io logo urlscan.io
SecurityTrails logo

yesofcorsa.com Open in urlscan Pro
2606:4700:3030::681c:7b3  Public Scan

Go To Rescan Add Verdict Report
URL: http://yesofcorsa.com/
Submission: On March 20 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3030::681c:7b3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yesofcorsa.com.
This is the only time yesofcorsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:3030::681c:7b3 (United States)

ASN13335 (CLOUDFLARENET, US)
yesofcorsa.com
2    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com
2    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
23 yesofcorsa.com yesofcorsa.com
4 pagead2.googlesyndication.com yesofcorsa.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 maxcdn.bootstrapcdn.com yesofcorsa.com
1 s4.histats.com s10.histats.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 s10.histats.com yesofcorsa.com
1 fonts.gstatic.com yesofcorsa.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com yesofcorsa.com
1 ajax.googleapis.com yesofcorsa.com
42 13

This site contains links to these domains. Also see Links.

Domain
lofrev.net
www.histats.com
Subject Issuer Validity Valid
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://yesofcorsa.com/
Frame ID: 67CC7AB97E0D0E9F54F92FEF1D7712A4
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Frame ID: 2BE9A1BC1D4307AA92C5B2A92505363B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3708471253364307&output=html&h=280&slotname=1717441075&adk=714077903&adf=2369281301&w=1140&fwrn=4&fwrnh=100&lmt=1584677641&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1140x280&url=http%3A%2F%2Fyesofcorsa.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584677641582&bpp=7&bdt=73&fdt=56&idt=56&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7968009511300&frm=20&pv=2&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=8936&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=292&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PYGoc8Knhn&p=http%3A//yesofcorsa.com&dtd=69
Frame ID: C5DE66584F4248AFE454913F75BEE705
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3708471253364307&output=html&adk=1812271804&adf=3025194257&lmt=1584677641&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fyesofcorsa.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1584677641683&bpp=3&bdt=174&fdt=4&idt=4&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=7968009511300&frm=20&pv=1&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=2669059&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=9
Frame ID: BCAEF5EB80FD8DCF6AA6B9DADB413F3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7702F25180D59A86918675F6BCCCE35E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

42
Requests

31 %
HTTPS

78 %
IPv6

10
Domains

13
Subdomains

10
IPs

5
Countries

1015 kB
Transfer

1515 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
yesofcorsa.com/ 		36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d8273fd3550a7ca38dead9de21abfb9f4c07620e7f16224197c66efd4a1032

Request headers

Host
yesofcorsa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbe7b20203f0f221a7ee9c80cd022afbf1584677641; expires=Sun, 19-Apr-20 04:14:01 GMT; path=/; domain=.yesofcorsa.com; HttpOnly; SameSite=Lax
Link
<http://yesofcorsa.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
576c9a9ade071f35-FRA
Content-Encoding
gzip
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19240
style.css
yesofcorsa.com/wp-content/themes/whq/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/wp-content/themes/whq/style.css
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e71983797f024ad9e914b3d0d9818261f7640275f999f8b0b9bb9dfa2e5f5d4

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
12256936
Cf-Polished
origSize=5634
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Mar 2017 20:52:19 GMT
Server
cloudflare
ETag
W/"58bdcc03-1602"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
CF-RAY
576c9a9b7eef1f35-FRA
Cf-Bgj
minify
magnific-popup.css
yesofcorsa.com/wp-content/themes/whq/dist/libs/magnific-popup/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/wp-content/themes/whq/dist/libs/magnific-popup/magnific-popup.css
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bee305d7f15ee625fa7ffd3c191561cd13067b0adca2c813e7f4b734fe84d6b

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
26696805
Cf-Polished
origSize=7015
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 07 Dec 2016 09:22:04 GMT
Server
cloudflare
ETag
W/"5847d4bc-1b67"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
CF-RAY
576c9a9b7845177e-FRA
Cf-Bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 10 Mar 2020 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
816412
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Mar 2021 17:27:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80a7b05e302a2ee6a5b3ec52112bbe4d4f302f39af29ae569c076cca430c80a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
9510845131632207782
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
39018
X-XSS-Protection
0
Expires
Fri, 20 Mar 2020 04:14:01 GMT
pagenavi-css.css
yesofcorsa.com/wp-content/plugins/wp-pagenavi/ 		237 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
12338525
Cf-Polished
origSize=374
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sat, 03 Dec 2016 01:06:37 GMT
Server
cloudflare
ETag
W/"58421a9d-176"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
CF-RAY
576c9a9b7b85d6e9-FRA
Cf-Bgj
minify
logo.png
yesofcorsa.com/wp-content/themes/whq/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/themes/whq/images/logo.png
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fb1ca1ac427d3aa7ae2717f0b9fae31f15104583d2e929164a818e00a63271

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
HIT
Last-Modified
Sat, 06 Jun 2015 18:53:00 GMT
Server
cloudflare
Age
1091506
ETag
"5573418c-28f2"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9b7c2c0ea7-FRA
Content-Length
10482
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Code-Vein-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Code-Vein-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8cfa44b716d52f53eb094df2831e8dea552b4cbd216f6656ee99bccb6555d1c

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 09 Mar 2020 08:00:35 GMT
Server
cloudflare
ETag
"5e65f7a3-11d7d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bcc23d6e9-FRA
Content-Length
73085
Expires
Thu, 31 Dec 2037 23:55:55 GMT
World-Of-Warcraft-Classic-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/World-Of-Warcraft-Classic-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d365bfbdb23985903f8dfeb47860f5951dbc4c42fdb4bdbd71749e6e898198e2

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 13:05:02 GMT
Server
cloudflare
ETag
"5e624a7e-a0e3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bcd150ea7-FRA
Content-Length
41187
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Layers-Of-Fear-2-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Layers-Of-Fear-2-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cf1c7bdef6be13691391d13be91c8dc81dbabc62532619f078e50315574691

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 12:46:10 GMT
Server
cloudflare
ETag
"5e624612-a0a0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bc8a4177e-FRA
Content-Length
41120
Expires
Thu, 31 Dec 2037 23:55:55 GMT
4K-The-Church-Dome-Best-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/4K-The-Church-Dome-Best-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d62a065b3b7b8d7842e0dc3b561f233729c76fc0a0e2d4012f5b73f87bf2af1

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 12:21:02 GMT
Server
cloudflare
ETag
"5e62402e-e302"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bcf831f35-FRA
Content-Length
58114
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Conquerors-Blade-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Conquerors-Blade-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e1b5a22566283465d1f3fa65ae2d98dd909ea4f6384b4e8fbf1d4e46d4c58d

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 12:12:22 GMT
Server
cloudflare
ETag
"5e623e26-a6b8"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bdd590eb3-FRA
Content-Length
42680
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Song-Church-Best-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Song-Church-Best-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086864b4fb9a96ec3110b7a816ee4438c35311bc96912972eb748ca8e3d6c99e

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 11:50:54 GMT
Server
cloudflare
ETag
"5e62391e-7e3c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9bcae4c281-FRA
Content-Length
32316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Boneworks-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Boneworks-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6222a271537b76fe4dcf0a52fddffdc6dad767346ab9ada5e1617b4a0bfee4a

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 11:38:36 GMT
Server
cloudflare
ETag
"5e62363c-9b82"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c18fc177e-FRA
Content-Length
39810
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Efootball-Pes-2020-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Efootball-Pes-2020-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea645f138fda35262d20aea8c719e3f64a89d3f4334f3893f180e12c4113770

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 05 Mar 2020 18:35:46 GMT
Server
cloudflare
ETag
"5e614682-b338"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c1bd8c281-FRA
Content-Length
45880
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Beyond-Two-Souls-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Beyond-Two-Souls-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58086f3006cc957fc4899f06097dfd7093c5a274419cbc5b2db3d87da54199fc

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 05 Mar 2020 18:14:53 GMT
Server
cloudflare
ETag
"5e61419d-950a"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c1dc90eb3-FRA
Content-Length
38154
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Wolfenstein-Youngblood-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Wolfenstein-Youngblood-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e92b7c20b6e6c93b6da7bc672b73d2d9cd09cd3423c0b4ff85f0550abdb11c2

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 05 Mar 2020 14:52:54 GMT
Server
cloudflare
ETag
"5e611246-9c3c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c2db80ea7-FRA
Content-Length
39996
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Total-War-Three-Kingdoms-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Total-War-Three-Kingdoms-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3283546ddac5f012145590277983c458f818f51d1cddf5c16ae680b716c9ec

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 05 Mar 2020 12:01:04 GMT
Server
cloudflare
ETag
"5e60ea00-11247"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c28501f35-FRA
Content-Length
70215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Butterfly-Macro-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Butterfly-Macro-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdc60146c0b01328aa7ba137ddf57df34889ae13b24e791d5a21866d5ea67d2

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 05 Mar 2020 11:46:32 GMT
Server
cloudflare
ETag
"5e60e698-367f"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c3d00d6e9-FRA
Content-Length
13951
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9743
wp-embed.min.js
yesofcorsa.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/wp-includes/js/wp-embed.min.js?ver=4.4.21
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 07 May 2016 00:01:14 GMT
Server
cloudflare
Age
388038
ETag
W/"572d304a-57b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
576c9a9babf8d6e9-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald:400,700,300
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
277d98cc4e6bbba4e7a3628ee1bc6566da2e362cdf089b842c0645ef08b4810a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Mar 2020 04:14:01 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 20 Mar 2020 04:14:01 GMT
wp-emoji-release.min.js
yesofcorsa.com/wp-includes/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yesofcorsa.com/wp-includes/js/wp-emoji-release.min.js?ver=4.4.21
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f0f2b6fb558157e1f065445b213802aae1d65e46cf436098844f0347cafb46

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 07 May 2016 00:01:14 GMT
Server
cloudflare
Age
4131148
ETag
W/"572d304a-848c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
576c9a9c494b177e-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yesofcorsa.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yesofcorsa.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
background.png
yesofcorsa.com/wp-content/themes/whq/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/themes/whq/images/background.png
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c686d1b3f289cb0cdf63c31fdce38399fe32b8bd7366c8ff3f762c9264b4fbc5

Request headers

Referer
http://yesofcorsa.com/wp-content/themes/whq/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 01 Oct 2012 12:22:14 GMT
Server
cloudflare
Age
873980
ETag
"50698af6-6020"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c1d850ea7-FRA
Content-Length
24608
Expires
Thu, 31 Dec 2037 23:55:55 GMT
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v31/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v31/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://yesofcorsa.com
Referer
http://fonts.googleapis.com/css?family=Oswald:400,700,300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 01:43:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 00:19:42 GMT
Server
sffe
Age
1477848
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
25376
X-XSS-Protection
0
Expires
Wed, 03 Mar 2021 01:43:13 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/ 		224 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
85397
x-xss-protection
0
server
cafe
etag
2345445785748755544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Mar 2020 04:14:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/ Frame 2BE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200316/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://yesofcorsa.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://yesofcorsa.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 17 Mar 2020 01:29:30 GMT
expires
Tue, 31 Mar 2020 01:29:30 GMT
content-type
text/html; charset=UTF-8
etag
17714563530871986051
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4497
x-xss-protection
0
cache-control
public, max-age=1209600
age
269071
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
js15.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15.js
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 20 Mar 2020 04:08:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"335776370"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32944
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4381
X-Request-ID
678986622
ads
googleads.g.doubleclick.net/pagead/ Frame C5DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3708471253364307&output=html&h=280&slotname=1717441075&adk=714077903&adf=2369281301&w=1140&fwrn=4&fwrnh=100&lmt=1584677641&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1140x280&url=http%3A%2F%2Fyesofcorsa.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584677641582&bpp=7&bdt=73&fdt=56&idt=56&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7968009511300&frm=20&pv=2&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=8936&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=292&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PYGoc8Knhn&p=http%3A//yesofcorsa.com&dtd=69
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3708471253364307&output=html&h=280&slotname=1717441075&adk=714077903&adf=2369281301&w=1140&fwrn=4&fwrnh=100&lmt=1584677641&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1140x280&url=http%3A%2F%2Fyesofcorsa.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584677641582&bpp=7&bdt=73&fdt=56&idt=56&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7968009511300&frm=20&pv=2&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=8936&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=292&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PYGoc8Knhn&p=http%3A//yesofcorsa.com&dtd=69
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://yesofcorsa.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://yesofcorsa.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Mar 2020 04:14:01 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Mar-2020 04:29:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Fri, 20 Mar 2020 04:14:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c1ca71fa82f349d1bb2b27ca3bddac4edc6de87e4bc7f963892d64c766368b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1584546268461058"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27525
x-xss-protection
0
expires
Fri, 20 Mar 2020 04:14:01 GMT
0.php
s4.histats.com/stats/ 		49 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3297029&@f16&@g1&@h1&@i1&@j1584677641678&@k0&@l1&@mWallpapers%20High%20Quality%20and%20Resolution%20download%20free&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:13197773&@b3:1584677642&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fyesofcorsa.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Server
158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns546644.ip-158-69-251.net
Software
/
Resource Hash
211211b70ec26ace41453af348ce5cd146df24619ccd58804875bac87c5057a8

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Connection
close
Content-Length
49
Content-Type
text/html;charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame BCAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3708471253364307&output=html&adk=1812271804&adf=3025194257&lmt=1584677641&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fyesofcorsa.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1584677641683&bpp=3&bdt=174&fdt=4&idt=4&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=7968009511300&frm=20&pv=1&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=2669059&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3708471253364307&output=html&adk=1812271804&adf=3025194257&lmt=1584677641&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fyesofcorsa.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1584677641683&bpp=3&bdt=174&fdt=4&idt=4&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=7968009511300&frm=20&pv=1&ga_vid=1537207610.1584677642&ga_sid=1584677642&ga_hid=429617128&ga_fc=0&iag=0&icsg=2669059&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363&oid=3&pvsid=4265469134273007&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://yesofcorsa.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://yesofcorsa.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Mar 2020 04:14:01 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Mar-2020 04:29:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Fri, 20 Mar 2020 04:14:01 GMT
cache-control
private
Church-Chandelier-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Church-Chandelier-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303c7ca5f20dca7710c8ffbb46cde3e94aaed7cf269c44f3f845bf845300fa8d

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 13:14:08 GMT
Server
cloudflare
ETag
"5e624ca0-d0b5"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c98fe1f35-FRA
Content-Length
53429
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Spathiphyllum-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Spathiphyllum-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4041e5b4d78676fa7f6f1628ab5872041cd5af5703f4984540f13e6b30f4ab

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 12:56:02 GMT
Server
cloudflare
ETag
"5e624862-12c53"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c9e820ea7-FRA
Content-Length
76883
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Room-Lines-Wallpaper-480x270.jpg
yesofcorsa.com/wp-content/uploads/2020/03/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yesofcorsa.com/wp-content/uploads/2020/03/Room-Lines-Wallpaper-480x270.jpg
Requested by
Host: yesofcorsa.com
URL: http://yesofcorsa.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681c:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7c2648d9d4798e7c73bdb122a4fa59597d2c86f70448ea2a92b3756d6c6fe2

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Mar 2020 12:36:19 GMT
Server
cloudflare
ETag
"5e6243c3-d2c9"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
576c9a9c9d9cd6e9-FRA
Content-Length
53961
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1253592efc98292d831563f822dbc6e6b87e4be11684f86d135509f392cdafa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
Origin
http://yesofcorsa.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Mar 2020 04:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5172
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 04:14:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Fri, 20 Mar 2020 04:14:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7702 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://yesofcorsa.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://yesofcorsa.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 20 Mar 2020 02:35:42 GMT
expires
Sat, 20 Mar 2021 02:35:42 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5899
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200316&jk=4265469134273007&bg=!QEOlQ1tYYUzy9WTsXOMCAAAAMVIAAAAJmQFZdQ8Anrpom6iho3pSfaz__ZhIZjlr4O7jEvgZokHNpVkP0Azn2iXIFbHJDS1R0uADr-ayGv0qpnyHVZc2clSfngqpS16mIQpa1vy1M3yXJU0H__T6tjA2H86micFORtknlaLnSMWUynLF5Dx-4booL7IMEyl-QjO0UPz0lmiGfSuhLrO8PCyVpwTDEOhBf3g10apCrqW6Gxc-oU-4dyq9IHc98CZwzvRhkrHaOpF7_cvu0p1xM9BrDNXRuuCTxdbbSZii9i68Bohng0qCRHW-e3A7RLOwb2H9yznssbTsQ5RloTFQkITr518nR-u2GFLDyu5ceb3dC8EE1IzZwSdUMnHwwCnSMK3N-QPYRIRX1UXFlKRp0WfsftOkQTd7dghzPq1dyp8wmtsrdHHjmSNAuuwrh2jipFuAohTmgz_CzY_nSA7NzGb7XMPmUdyie52uIUTdqO3WhbSx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yesofcorsa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 20 Mar 2020 04:14:02 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| chfh function| chfh2 string| _HST_cntval object| Histats object| wp number| ot object| twemoji function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _HistatsCounterGraphics_0_setValues object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
yesofcorsa.com/ Name: HstCnv3297029
Value: 1
yesofcorsa.com/ Name: HstPt3297029
Value: 1
yesofcorsa.com/ Name: HstCfa3297029
Value: 1584677641678
yesofcorsa.com/ Name: HstCmu3297029
Value: 1584677641678
yesofcorsa.com/ Name: HstPn3297029
Value: 1
yesofcorsa.com/ Name: HstCns3297029
Value: 1
yesofcorsa.com/ Name: HstCla3297029
Value: 1584677641678
.yesofcorsa.com/ Name: __cfduid
Value: dbe7b20203f0f221a7ee9c80cd022afbf1584677641

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.googletagservices.com
yesofcorsa.com
158.69.251.190
2001:4de0:ac19::1:b:3b
2606:4700:3030::681c:7b3
2a00:1450:4001:800::2002
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:824::200a
46.105.201.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
086864b4fb9a96ec3110b7a816ee4438c35311bc96912972eb748ca8e3d6c99e
0fdc60146c0b01328aa7ba137ddf57df34889ae13b24e791d5a21866d5ea67d2
1a4041e5b4d78676fa7f6f1628ab5872041cd5af5703f4984540f13e6b30f4ab
211211b70ec26ace41453af348ce5cd146df24619ccd58804875bac87c5057a8
277d98cc4e6bbba4e7a3628ee1bc6566da2e362cdf089b842c0645ef08b4810a
303c7ca5f20dca7710c8ffbb46cde3e94aaed7cf269c44f3f845bf845300fa8d
3e3283546ddac5f012145590277983c458f818f51d1cddf5c16ae680b716c9ec
40f0f2b6fb558157e1f065445b213802aae1d65e46cf436098844f0347cafb46
47e1b5a22566283465d1f3fa65ae2d98dd909ea4f6384b4e8fbf1d4e46d4c58d
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58086f3006cc957fc4899f06097dfd7093c5a274419cbc5b2db3d87da54199fc
5bee305d7f15ee625fa7ffd3c191561cd13067b0adca2c813e7f4b734fe84d6b
5d62a065b3b7b8d7842e0dc3b561f233729c76fc0a0e2d4012f5b73f87bf2af1
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d
6e71983797f024ad9e914b3d0d9818261f7640275f999f8b0b9bb9dfa2e5f5d4
80a7b05e302a2ee6a5b3ec52112bbe4d4f302f39af29ae569c076cca430c80a5
84cf1c7bdef6be13691391d13be91c8dc81dbabc62532619f078e50315574691
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9e92b7c20b6e6c93b6da7bc672b73d2d9cd09cd3423c0b4ff85f0550abdb11c2
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
be7c2648d9d4798e7c73bdb122a4fa59597d2c86f70448ea2a92b3756d6c6fe2
c1253592efc98292d831563f822dbc6e6b87e4be11684f86d135509f392cdafa
c686d1b3f289cb0cdf63c31fdce38399fe32b8bd7366c8ff3f762c9264b4fbc5
c8cfa44b716d52f53eb094df2831e8dea552b4cbd216f6656ee99bccb6555d1c
d365bfbdb23985903f8dfeb47860f5951dbc4c42fdb4bdbd71749e6e898198e2
d6222a271537b76fe4dcf0a52fddffdc6dad767346ab9ada5e1617b4a0bfee4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
eea645f138fda35262d20aea8c719e3f64a89d3f4334f3893f180e12c4113770
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2fb1ca1ac427d3aa7ae2717f0b9fae31f15104583d2e929164a818e00a63271
f3c1ca71fa82f349d1bb2b27ca3bddac4edc6de87e4bc7f963892d64c766368b
f5d8273fd3550a7ca38dead9de21abfb9f4c07620e7f16224197c66efd4a1032