dorianfotheringhamihcw7.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c59  Public Scan

Submitted URL: http://dorianfotheringhamihcw7.pages.dev/
Effective URL: https://dorianfotheringhamihcw7.pages.dev/
Submission: On December 15 via api from US — Scanned from US

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 33 HTTP transactions. The main IP is 2606:4700:310c::ac42:2c59, located in United States and belongs to CLOUDFLARENET, US. The main domain is dorianfotheringhamihcw7.pages.dev.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time dorianfotheringhamihcw7.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.240.127.234 7979 (SERVERS-COM)
2 3.220.52.112 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:33:1... 8075 (MICROSOFT...)
1 2 192.243.59.12 39572 (ADVANCEDH...)
1 2 192.243.61.227 39572 (ADVANCEDH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:b48:8301::1 39572 (ADVANCEDH...)
1 149.56.240.31 16276 (OVH OVH SAS)
2 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
2 23.212.251.25 20940 (AKAMAI-AS...)
1 3.128.213.107 16509 (AMAZON-02)
1 104.18.12.146 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 67.202.105.31 32748 (STEADFAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 35.173.157.167 14618 (AMAZON-AES)
2 34.86.110.8 396982 (GOOGLE-CL...)
33 24
Apex Domain
Subdomains
Transfer
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19954
ic.tynt.com — Cisco Umbrella Rank: 16377
de.tynt.com — Cisco Umbrella Rank: 1582
8 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14533
t.dtscout.com — Cisco Umbrella Rank: 12485
4 KB
2 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 4244
6 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
832 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 4260
2 KB
2 storageimagedisplay.com
cdn.storageimagedisplay.com — Cisco Umbrella Rank: 23247
156 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14713
s4.histats.com — Cisco Umbrella Rank: 12589
5 KB
2 flusoprano.com
flusoprano.com
6 KB
2 achieveweakness.com
achieveweakness.com
6 KB
2 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
624 B
2 curioushingefast.com
curioushingefast.com
24 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
26 KB
2 adslnews.biz.id
adslnews.biz.id
2 KB
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 13358
760 B
1 dtsan.net
p.dtsan.net — Cisco Umbrella Rank: 35838
4 KB
1 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 30951
197 B
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3054
1 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 1821
798 B
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 24789
664 B
1 pages.dev
dorianfotheringhamihcw7.pages.dev
7 KB
0 bidberry.net Failed
bidberry.net — Cisco Umbrella Rank: 6881 Failed
33 21
Domain Requested by
2 i.simpli.fi dorianfotheringhamihcw7.pages.dev
2 bcp.crwdcntrl.net 1 redirects dorianfotheringhamihcw7.pages.dev
2 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
2 t.dtscout.com e.dtscout.com
2 cdn.storageimagedisplay.com dorianfotheringhamihcw7.pages.dev
2 flusoprano.com 1 redirects dorianfotheringhamihcw7.pages.dev
2 achieveweakness.com 1 redirects dorianfotheringhamihcw7.pages.dev
2 proftrafficcounter.com curioushingefast.com
2 curioushingefast.com adslnews.biz.id
2 cdnjs.cloudflare.com dorianfotheringhamihcw7.pages.dev
2 adslnews.biz.id dorianfotheringhamihcw7.pages.dev
1 de.tynt.com cdn.tynt.com
1 t.dtscdn.com e.dtscout.com
1 ic.tynt.com dorianfotheringhamihcw7.pages.dev
1 p.dtsan.net e.dtscout.com
1 cdn.tynt.com e.dtscout.com
1 pd.sharethis.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com dorianfotheringhamihcw7.pages.dev
1 tse1.mm.bing.net dorianfotheringhamihcw7.pages.dev
1 suggestqueries.google.com dorianfotheringhamihcw7.pages.dev
1 3.bp.blogspot.com dorianfotheringhamihcw7.pages.dev
1 dorianfotheringhamihcw7.pages.dev
0 bidberry.net Failed dorianfotheringhamihcw7.pages.dev
33 25

This site contains links to these domains. Also see Links.

Domain
curioushingefast.com
Subject Issuer Validity Valid
dorianfotheringhamihcw7.pages.dev
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
misc-sni.blogspot.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
adslnews.biz.id
WE1
2024-10-29 -
2025-01-27
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.curioushingefast.com
R11
2024-11-30 -
2025-02-28
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M03
2024-10-21 -
2025-11-19
a year crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 08
2024-10-27 -
2025-04-25
6 months crt.sh
s10.histats.com
WE1
2024-10-05 -
2025-01-03
3 months crt.sh
cdn.storageimagedisplay.com
R11
2024-11-12 -
2025-02-10
3 months crt.sh
histats.com
R11
2024-10-30 -
2025-01-28
3 months crt.sh
dtscout.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
cert2-prod.aut.a24365.net
R11
2024-11-04 -
2025-02-02
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-21 -
2025-05-20
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
dtsan.net
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
dtscdn.com
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-11-13 -
2025-12-14
a year crt.sh

This page contains 5 frames:

Primary Page: https://dorianfotheringhamihcw7.pages.dev/
Frame ID: 24EBB928B88390A04FB50E59C78E7AED
Requests: 30 HTTP requests in this frame

Frame: https://cdn.storageimagedisplay.com/cti/1a/ba/60/1aba60ed15ec9a757d923658796c771d/1707923285.png
Frame ID: C8F4C6E007D951493FBCA99FD8C54D2D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png
Frame ID: 10EC6481EDF7890D035D078F0DE6F10A
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001734264088B128F00CAD4D652415
Frame ID: 7E3D42A9193E83695136AA64075DC2E0
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Frame ID: E34A8F5E2E03F2955BC2F1F0D253C219
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://dorianfotheringhamihcw7.pages.dev/ HTTP 307
    https://dorianfotheringhamihcw7.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

88 %
HTTPS

52 %
IPv6

21
Domains

25
Subdomains

24
IPs

5
Countries

255 kB
Transfer

366 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dorianfotheringhamihcw7.pages.dev/ HTTP 307
    https://dorianfotheringhamihcw7.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://achieveweakness.com/watch.949702925012.js?key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&tz=-10&dev=r&res=14.31&rb=&uuid=0c6c5925-9726-43a5-a413-4e3b8d2e9247%3A3%3A1 HTTP 307
  • https://achieveweakness.com/watch.949702925012.js?dev=r&key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=fb32807ed8dc5820baf76341f12a93b1722140f1b0f723c0daf0d31ee310ff25902ac7dc9bcf267de957a7b81d6cba382ea7cf0951433963d40e29a209347b4f4150653bfd03a9fa27776309568d9325eb2e2738fa0691d4ec8f30&tz=-10&uuid=0c6c5925-9726-43a5-a413-4e3b8d2e9247%3A3%3A1
Request Chain 13
  • https://flusoprano.com/watch.1318635763423.js?key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&tz=-10&dev=r&res=14.31&rb=&uuid=8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb%3A3%3A1 HTTP 307
  • https://flusoprano.com/watch.1318635763423.js?dev=r&key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=8b64249efd687dc955265e0eec2be885ca775a0a98dedd7444d8b6b09d439170219e7e4f9e0de9344f622388c18df63ec5d0dcbf46a9016999f84bc434b8dc6ffe3880d070d4052fb25e71072b79123b3f46cc8eb57968d62eecbd&tz=-10&uuid=8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb%3A3%3A1
Request Chain 28
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415
Request Chain 29
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001734264088B128F00CAD4D652415 HTTP 302
  • https://bidberry.net/?partner=1&mapped=12874604f042bb45&gdpr=0&gdpr_consent=&redirect= HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fbidberry.net%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3D HTTP 302
  • https://bidberry.net/?partner=104&icm&cver&mapped=64bec516d33a12876ddf913693685d03&gdpr=0&redirect=

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dorianfotheringhamihcw7.pages.dev/
Redirect Chain
  • http://dorianfotheringhamihcw7.pages.dev/
  • https://dorianfotheringhamihcw7.pages.dev/
18 KB
7 KB
Document
General
Full URL
https://dorianfotheringhamihcw7.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84e7f677c190272e808a4ccacf864d03579037e1f01e7095c7c79ae2d60edf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8f26475f591a4cac-PHL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 15 Dec 2024 12:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3dBq1chI2xghzRl2RSER9JRDHteMjWFxxxew0LCs1jbnYvMNjIQ%2FStGFokEtETG7jPEiPo4WmVwpulJJtexhc0KtgrICH0YUdjIRB6No7%2BjYfgITSC4lRpXW6Lbov%2BCo7lir583RQsZIE0f%2FpQBMX%2FS21kisKMVYAa8EJrcEuU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27764&min_rtt=24174&rtt_var=10477&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4155&recv_bytes=4439&delivery_rate=570&cwnd=12000&unsent_bytes=0&cid=cffce9b43bc7a09b&ts=174&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://dorianfotheringhamihcw7.pages.dev/
Non-Authoritative-Reason
HSTS
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/
362 B
664 B
Image
General
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

access-control-expose-headers
Content-Length
etag
"v1764"
age
6402
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 10:14:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 10:14:43 GMT
content-disposition
inline;filename="btn_close.gif"
content-type
image/gif
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
362
x-xss-protection
0
server
fife
c83cf36b91f37f5ea1ebf428c745ad2b
adslnews.biz.id/get/site/js/
286 B
942 B
Script
General
Full URL
https://adslnews.biz.id/get/site/js/c83cf36b91f37f5ea1ebf428c745ad2b
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:816d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec895828d9fb45d8f8f805ef847b6968cd9506b1fbee3fe91302c3304a85dd69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzEnExijK4Rw29fkIIyxRCsLK0FebE9PxeMeqps7RePy1nsKwb77MidQmWQz%2BHkGHUKmbmUBB7Y1xm8JFfSx9tmQFZRPyEQOp3qmOTEE6s6NCWP5vyZwbv2E81j%2F1fDQCpYiOQcW8ZYI2crzJ9k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2647665f8543fd-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8618&min_rtt=8601&rtt_var=2430&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2332&delivery_rate=474363&cwnd=253&unsent_bytes=0&cid=dbdfa493e42ea080&ts=341&x=0"
date
Sun, 15 Dec 2024 12:01:25 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
d6f51a1ed1d2f145512197f7cd7be46d
adslnews.biz.id/get/site/js/
287 B
698 B
Script
General
Full URL
https://adslnews.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:816d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104bb34c75fe12b43d57788323385df58f42849a5ce05bb9a71b99a96184d43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imzDJj7l5m9C5ykwo67ZIBgPNp427k64pWlLj3%2BwcfAvYAHrcprRSLe7PP%2FfUQ%2F6LziJp%2FJpM7jjtR%2B9uSF%2F%2BE7KkAw%2FEqKvfs7XFC1wRtiye%2FWh6gH3PVX8Gc5Rb0CN41codUBNXHSNPZ5CJRA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2647666f8e43fd-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8618&min_rtt=8601&rtt_var=2430&sent=9&recv=8&lost=0&retrans=0&sent_bytes=5012&recv_bytes=2332&delivery_rate=474363&cwnd=253&unsent_bytes=0&cid=dbdfa493e42ea080&ts=345&x=0"
date
Sun, 15 Dec 2024 12:01:25 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
71 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dorianfotheringhamihcw7.pages.dev
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-11ab4"
age
211324
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTeLIg7mGbRgOiaaOIvgHP%2FFjnXEcT59ejKHbt5BqQ0z6wyXHijGTJmeEYtYGp2NalZQ0eO7IDRH7WqnZBYmzR8L8PeMgTMpZJWF8MN7c%2F5qNyfAX9Kpf4O1Bnjo%2BQyVJL8P%2BKQncBCYi5RdtVMA8Uud"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 12:01:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 15 Dec 2024 12:01:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f264764fbdaefa3-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
22329
server
cloudflare
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/
8 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dorianfotheringhamihcw7.pages.dev
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5ff0b799-1ed1"
age
1121191
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WI%2FyOxADstiMu7NPMdf59uK5x4puxIu%2F%2FsJEN26KRNjCxx8h%2FIBFA3vPfIjJCO3osn47Cs%2FtZOVxBdXRCD3kfaURyBednLZ499dKUM36C%2BtBjHsFOEYgik7r5lSF3xq9a6u%2B0figpguyJFaNgZELVKAv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 12:01:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 15 Dec 2024 12:01:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f2647650be0efa3-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3150
server
cloudflare
invoke.js
curioushingefast.com/df1937ded21c742a7a9fd380ae55ab5e/
24 KB
12 KB
Script
General
Full URL
https://curioushingefast.com/df1937ded21c742a7a9fd380ae55ab5e/invoke.js
Requested by
Host: adslnews.biz.id
URL: https://adslnews.biz.id/get/site/js/c83cf36b91f37f5ea1ebf428c745ad2b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
f3991e3e94c9f63962886b80ea953e88a64295c827a7ea95e0f1691cbfc42b07
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
979e742c683bfdeda62edb2855f38cd4
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:26 GMT
Content-Type
application/javascript
Host
curioushingefast.com
Server
nginx/1.21.6
stats
proftrafficcounter.com/
40 B
312 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: curioushingefast.com
URL: https://curioushingefast.com/df1937ded21c742a7a9fd380ae55ab5e/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.52.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-52-112.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
0cf82b61c6e76dcbcab794adca9d4bd8bc53d5fecb2dd7c5c4f816fd10313ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

access-control-allow-origin
https://dorianfotheringhamihcw7.pages.dev
content-length
40
date
Sun, 15 Dec 2024 12:01:26 GMT
content-type
text/html; charset=UTF-8
vary
Origin
server
fasthttp
access-control-allow-credentials
true
invoke.js
curioushingefast.com/6ad41a8bf22b80791a94df9ff05664db/
24 KB
12 KB
Script
General
Full URL
https://curioushingefast.com/6ad41a8bf22b80791a94df9ff05664db/invoke.js
Requested by
Host: adslnews.biz.id
URL: https://adslnews.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
58254d2734e2684c0917ea053aa15fda8a532f540b1397536148fd7cccf2cb66
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
8ad2e2bcb6125437ea037d8bae79388c
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:26 GMT
Content-Type
application/javascript
Host
curioushingefast.com
Server
nginx/1.21.6
stats
proftrafficcounter.com/
40 B
312 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: curioushingefast.com
URL: https://curioushingefast.com/6ad41a8bf22b80791a94df9ff05664db/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.52.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-52-112.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
01398e436ea244e7dfb3dc32f17898ce0bde27aa8df4d9908d5d8bea3cb28d17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

access-control-allow-origin
https://dorianfotheringhamihcw7.pages.dev
content-length
40
date
Sun, 15 Dec 2024 12:01:26 GMT
content-type
text/html; charset=UTF-8
vary
Origin
server
fasthttp
access-control-allow-credentials
true
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
search
suggestqueries.google.com/complete/
20 B
798 B
Script
General
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-lxdpce57e3dfU3O1r22OLA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

content-encoding
br
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
expires
-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 12:01:27 GMT
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
x-frame-options
SAMEORIGIN
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-lxdpce57e3dfU3O1r22OLA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cache-control
no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
pragma
no-cache
accept-ch
Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy
unload=()
x-xss-protection
0
server
gws
th
tse1.mm.bing.net/
727 B
1 KB
Image
General
Full URL
https://tse1.mm.bing.net/th?q=
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
no-cache
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE772EA86E334C4698BF37D45FC8A752 Ref B: PHL30EDGE0222 Ref C: 2024-12-15T12:01:27Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods
GET, POST, OPTIONS
expires
-1
access-control-allow-origin
*
x-cache
TCP_MISS
content-length
727
date
Sun, 15 Dec 2024 12:01:26 GMT
access-control-allow-headers
*
watch.949702925012.js
achieveweakness.com/
Redirect Chain
  • https://achieveweakness.com/watch.949702925012.js?key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&tz=-10&dev=r&res=14.31&rb=&uuid=0c6c5925-97...
  • https://achieveweakness.com/watch.949702925012.js?dev=r&key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&s...
3 KB
3 KB
XHR
General
Full URL
https://achieveweakness.com/watch.949702925012.js?dev=r&key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=fb32807ed8dc5820baf76341f12a93b1722140f1b0f723c0daf0d31ee310ff25902ac7dc9bcf267de957a7b81d6cba382ea7cf0951433963d40e29a209347b4f4150653bfd03a9fa27776309568d9325eb2e2738fa0691d4ec8f30&tz=-10&uuid=0c6c5925-9726-43a5-a413-4e3b8d2e9247%3A3%3A1
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
660993288f2823a9ff4c829e200b40257f84eed0b3b10e1df5fadace55be7256
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

X-Request-ID
04d30c2c52acc264de909d1cece148a4
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:27 GMT
Content-Type
text/html
Host
achieveweakness.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://dorianfotheringhamihcw7.pages.dev
Access-Control-Allow-Origin
https://dorianfotheringhamihcw7.pages.dev
Server
nginx/1.19.5

Redirect headers

X-Request-ID
76e421e6c957781e5150542b04bf3248
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:27 GMT
Content-Type
text/html
Host
achieveweakness.com
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Location
https://achieveweakness.com/watch.949702925012.js?dev=r&key=df1937ded21c742a7a9fd380ae55ab5e&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=fb32807ed8dc5820baf76341f12a93b1722140f1b0f723c0daf0d31ee310ff25902ac7dc9bcf267de957a7b81d6cba382ea7cf0951433963d40e29a209347b4f4150653bfd03a9fa27776309568d9325eb2e2738fa0691d4ec8f30&tz=-10&uuid=0c6c5925-9726-43a5-a413-4e3b8d2e9247%3A3%3A1
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://dorianfotheringhamihcw7.pages.dev
Access-Control-Allow-Origin
https://dorianfotheringhamihcw7.pages.dev
Content-Length
0
Server
nginx/1.19.5
watch.1318635763423.js
flusoprano.com/
Redirect Chain
  • https://flusoprano.com/watch.1318635763423.js?key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&tz=-10&dev=r&res=14.31&rb=&uuid=8b9736a9-323c-4...
  • https://flusoprano.com/watch.1318635763423.js?dev=r&key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=8...
3 KB
3 KB
XHR
General
Full URL
https://flusoprano.com/watch.1318635763423.js?dev=r&key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=8b64249efd687dc955265e0eec2be885ca775a0a98dedd7444d8b6b09d439170219e7e4f9e0de9344f622388c18df63ec5d0dcbf46a9016999f84bc434b8dc6ffe3880d070d4052fb25e71072b79123b3f46cc8eb57968d62eecbd&tz=-10&uuid=8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb%3A3%3A1
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
HTTP/1.1
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
594fd11fdc1d659eadce57814de9cccbbd71b53cf3d8bd31b299b49a54eab823
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

X-Request-ID
012f067d0a3ec40dc90ad81e20ed9984
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:27 GMT
Content-Type
text/html
Host
flusoprano.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://dorianfotheringhamihcw7.pages.dev
Access-Control-Allow-Origin
https://dorianfotheringhamihcw7.pages.dev
Server
nginx/1.21.6

Redirect headers

X-Request-ID
c029c3cd0f4a2ebafd037a7a504b0fcb
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 12:01:27 GMT
Content-Type
text/html
Host
flusoprano.com
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Location
https://flusoprano.com/watch.1318635763423.js?dev=r&key=6ad41a8bf22b80791a94df9ff05664db&kw=%5B%5D&pst=1734264147&rb=&refer=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&res=14.31&rmtc=t&shu=8b64249efd687dc955265e0eec2be885ca775a0a98dedd7444d8b6b09d439170219e7e4f9e0de9344f622388c18df63ec5d0dcbf46a9016999f84bc434b8dc6ffe3880d070d4052fb25e71072b79123b3f46cc8eb57968d62eecbd&tz=-10&uuid=8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb%3A3%3A1
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://dorianfotheringhamihcw7.pages.dev
Access-Control-Allow-Origin
https://dorianfotheringhamihcw7.pages.dev
Content-Length
0
Server
nginx/1.21.6
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
74121
cf-ray
8f264773af168c60-EWR
accept-ranges
bytes
content-length
4547
date
Sun, 15 Dec 2024 12:01:27 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
1707923285.png
cdn.storageimagedisplay.com/cti/1a/ba/60/1aba60ed15ec9a757d923658796c771d/ Frame C8F4
30 KB
30 KB
Image
General
Full URL
https://cdn.storageimagedisplay.com/cti/1a/ba/60/1aba60ed15ec9a757d923658796c771d/1707923285.png
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
913697d38c42449701edbc9076e47f75adba56e709af47e76c5b71dfa52f95d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=172800
etag
"65ccd75e-76b0"
expires
Tue, 17 Dec 2024 12:01:27 GMT
x-proxy-cache
HIT
accept-ranges
bytes
content-length
30384
date
Sun, 15 Dec 2024 12:01:27 GMT
content-type
image/png
last-modified
Wed, 14 Feb 2024 15:08:14 GMT
server
nginx/1.21.6
x-cdn-host-id
ds7961
1707813675.png
cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/ Frame 10EC
125 KB
126 KB
Image
General
Full URL
https://cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
a6159f3d5a1a2ecf48e7d529a1afe6d2117621ea3cdf536bbfde8f203e1af461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=172800
etag
"65cb2b34-1f567"
expires
Tue, 17 Dec 2024 12:01:27 GMT
x-proxy-cache
HIT
accept-ranges
bytes
content-length
128359
date
Sun, 15 Dec 2024 12:01:27 GMT
content-type
image/png
last-modified
Tue, 13 Feb 2024 08:41:24 GMT
server
nginx/1.21.6
x-cdn-host-id
ds7961
0.php
s4.histats.com/stats/
379 B
514 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4613330&@f16&@g1&@h1&@i1&@j1734264087664&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53737885&@b3:1734264088&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
30d3d289698d5ee331e2f6e95e38efa264f59bed702de0e3bd805b7b5f2653bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

Content-Length
379
Date
Sun, 15 Dec 2024 12:01:14 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
/
e.dtscout.com/e/
8 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4613330&@f16&@g1&@h1&@i1&@j1734264087664&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53737885&@b3:1734264088&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7939f65a9c6afb4729a070d1afc62490ca94c468ee931586e63196041365cf27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2T7CehqtqFbSKQggpQLslpgcaQRPEvawBCJCRCe5TPQ58Wav5bMamVGg5bG5sPKDIpLqFL1qVAOE5M4HthXk%2BAvXEDbcrPET42fZK%2FCUVlldQW0djlfLDvIt2Qlmj91403slpfGaaOXCEo%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.303
cf-ray
8f2647792c957cf0-EWR
expires
Sun, 15 Dec 2024 12:01:27 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=13407&min_rtt=8418&rtt_var=11278&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2226&delivery_rate=321285&cwnd=255&unsent_bytes=0&cid=50ba077e2ec5fc03&ts=152&x=0"
date
Sun, 15 Dec 2024 12:01:28 GMT
content-type
application/javascript
x-s
mtl1
server
cloudflare
/
t.dtscout.com/idg/ Frame 7E3D
0
0
Document
General
Full URL
https://t.dtscout.com/idg/?su=6D001734264088B128F00CAD4D652415
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://dorianfotheringhamihcw7.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f26477d691af3bb-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 15 Dec 2024 12:01:29 GMT
expires
Sun, 15 Dec 2024 12:01:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKM5kbjGmKiKzTMkqQqwe9bhwlsseiz2e2KecuNLqZP%2BYRP4DdEW46rRJwe2q7hJrNZXsSTrlYqfo3RkuzJxSoHIKtzzv%2B21%2FPizpAwypHgZGuF7BklStT2kNAAymhPPe7YcbnMWyDSDDAc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=9758&min_rtt=8741&rtt_var=3813&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2446&delivery_rate=466765&cwnd=255&unsent_bytes=0&cid=a3d6007bdde808a3&ts=550&x=0"
t.dhj
pxdrop.lijit.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=dorianfotheringhamihcw7.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.25 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b928587f62a1d1f5a7b5ad171f87852adbea1d7dc458c75c7ea6bca72eaf794e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sun, 15 Dec 2024 13:01:29 GMT
Content-Length
1397
Date
Sun, 15 Dec 2024 12:01:29 GMT
Content-Type
text/javascript
dtscout
pd.sharethis.com/pd/
0
197 B
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.213.107 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-213-107.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
0
Date
Sun, 15 Dec 2024 12:01:29 GMT
Connection
keep-alive
afwu.js
cdn.tynt.com/
19 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed192-4c00"
age
175235
cf-ray
8f26477d6b38435b-EWR
expires
Wed, 18 Dec 2024 12:01:29 GMT
date
Sun, 15 Dec 2024 12:01:29 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
vary
Accept-Encoding
server
cloudflare
dtsa.js
p.dtsan.net/
9 KB
4 KB
Script
General
Full URL
https://p.dtsan.net/dtsa.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"670f478e-25f4"
age
1653
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qMvFlEbker%2Fl1069zxywrD8oxdsmsq6odJwuqn2x%2FZTkDzxsyXDpTX25eB7wPSssH%2FNIy0DRMvPWhw3%2BDGy4KQALFa39FKsJTA4cs4zf29y%2FylbdR%2F5uXA3eEpjmIP9SRpnEmI6iamReA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29616&min_rtt=29527&rtt_var=11136&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4134&recv_bytes=4223&delivery_rate=106782&cwnd=12000&unsent_bytes=0&cid=5af032692501fb39&ts=415&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 12:01:29 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 04:56:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f26477cbbd04327-EWR
server
cloudflare
/
t.dtscout.com/pv/
51 B
493 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=dorianfotheringhamihcw7.pages.dev&_ss=59uesd053z&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2tl5&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf1a4db1b56021c076299966a26ecb06811fd0a39d8398e3c33d22e8f037f1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXUKjIJbaifidC1JgcZM5l0Yg4cfP5vjGRwbH7zvT7MCO8JubJfSSE27L1rq%2BFiDOa2K9FuyF8efpBt9ALhXxCxYxhDOlxsPaCOYvuL9fzSXW%2BCCyTTVKiUc%2FlJGUpB24GsrVveNCwVYYIo%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.189
cf-ray
8f264779ed0a7cf0-EWR
expires
Sun, 15 Dec 2024 12:01:27 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=12231&min_rtt=8283&rtt_var=8382&sent=15&recv=13&lost=0&retrans=0&sent_bytes=8129&recv_bytes=2456&delivery_rate=968431&cwnd=256&unsent_bytes=0&cid=50ba077e2ec5fc03&ts=275&x=0"
date
Sun, 15 Dec 2024 12:01:28 GMT
content-type
application/javascript
server
cloudflare
t_.htm
pxdrop.lijit.com/a/ Frame E34A
0
0
Document
General
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=dorianfotheringhamihcw7.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.25 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://dorianfotheringhamihcw7.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Sun, 15 Dec 2024 12:01:29 GMT
Expires
Sun, 22 Dec 2024 12:01:29 GMT
X-Robots-Tag
noindex, nofollow
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1734264089295&dn=AFWU&iso=0&pu=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&t=dorianfotheringhamihcw7.pages.dev&chmob=0
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Sun, 15 Dec 2024 12:01:29 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
/
t.dtscdn.com/widget/
0
760 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=6D001734264088B128F00CAD4D652415&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuvuZp60F0UB6Up8tQBmc%2Fvn9gpuY7%2FKMtC8aqkGf0eoikrQM5sIi5qR%2BllHkuGbH%2FUV4EWJ9duUybM64ifSGuAu1DKhErBtfJZJRdqamoCdj3m6Wi6buWRK4UEvk5%2BbHGtDBjgN4ALekw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
4.69
cf-ray
8f26478349a5431f-EWR
expires
Sun, 15 Dec 2024 12:04:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=14249&min_rtt=9693&rtt_var=11109&sent=6&recv=9&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2300&delivery_rate=420358&cwnd=255&unsent_bytes=0&cid=cad9a84dba233797&ts=546&x=0"
date
Sun, 15 Dec 2024 12:01:30 GMT
content-type
application/javascript; charset=UTF-8
x-server
web15.ny1.dtscdn.com
server
cloudflare
tpid=6D001734264088B128F00CAD4D652415
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415
49 B
545 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Server
35.173.157.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-167.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Sun, 15 Dec 2024 12:01:30 GMT
content-type
image/gif
x-server
10.40.54.237
server
Jetty(9.4.38.v20210224)

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001734264088B128F00CAD4D652415
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Sun, 15 Dec 2024 12:01:30 GMT
x-server
10.40.55.63
server
Jetty(9.4.38.v20210224)
/
bidberry.net/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001734264088B128F00CAD4D652415
  • https://bidberry.net/?partner=1&mapped=12874604f042bb45&gdpr=0&gdpr_consent=&redirect=
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fbidberry.net%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3D
  • https://bidberry.net/?partner=104&icm&cver&mapped=64bec516d33a12876ddf913693685d03&gdpr=0&redirect=
0
0

v2
de.tynt.com/deb/
657 B
1 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fdorianfotheringhamihcw7.pages.dev%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
554572ff7a9dc627e08de11878084e9623c7b86868581c43e12204fe4ea3078c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
657
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Sun, 15 Dec 2024 12:01:29 GMT
content-type
application/javascript
dpx
i.simpli.fi/
3 KB
3 KB
Image
General
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1734264089615.1&ref=
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

x-request-id
GBFYAF8aL6lo8u44PSEC
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sun, 15 Dec 2024 12:01:30 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
dpx
i.simpli.fi/
3 KB
3 KB
Image
General
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1734264089615.2&ref=
Requested by
Host: dorianfotheringhamihcw7.pages.dev
URL: https://dorianfotheringhamihcw7.pages.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dorianfotheringhamihcw7.pages.dev/

Response headers

x-request-id
GBFYAF8UEzFseZA6c94F
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sun, 15 Dec 2024 12:01:30 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bidberry.net
URL
https://bidberry.net/?partner=104&icm&cver&mapped=64bec516d33a12876ddf913693685d03&gdpr=0&redirect=

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| baseUrl function| a0p function| a0A object| LieDetector object| atAsyncContainers function| $ function| jQuery object| lazySizes function| autoRelated function| parseSpintax object| seco object| seca object| sece object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi number| char

43 Cookies

Domain/Path Name / Value
dorianfotheringhamihcw7.pages.dev/ Name: isFTime_df1937ded21c742a7a9fd380ae55ab5e
Value: true
dorianfotheringhamihcw7.pages.dev/ Name: isFTime_df1937ded21c742a7a9fd380ae55ab5e_expiry
Value: Sun, 15 Dec 2024 12:01:26 GMT
dorianfotheringhamihcw7.pages.dev/ Name: isFTime_6ad41a8bf22b80791a94df9ff05664db
Value: true
dorianfotheringhamihcw7.pages.dev/ Name: isFTime_6ad41a8bf22b80791a94df9ff05664db_expiry
Value: Sun, 15 Dec 2024 12:01:26 GMT
proftrafficcounter.com/ Name: uid_id2
Value: 8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb:3:1
dorianfotheringhamihcw7.pages.dev/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb%3A3%3A1
achieveweakness.com/ Name: u_pl23815628
Value: 1
achieveweakness.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzgxNTYyOCwiayI6ImRmMTkzN2RlZDIxYzc0MmE3YTlmZDM4MGFlNTVhYjVlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYxMTE1LCJwaWQiOjIzNjc3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0eGthanRkdXRkIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2MTQzNjI4NCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMzYxNDIsImJuIjoiQ2hyb21lIiwiYnYiOiIxMzEiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoyMjMsImMiOiJVUyIsIm4iOiJVbml0ZWQgU3RhdGVzIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiVmVyaXpvbiBJbnRlcm5ldCBTZXJ2aWNlcyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZG9yaWFuZm90aGVyaW5naGFtaWhjdzcucGFnZXMuZGV2LyIsImFyIjpbXX19.zIsnxOizzJSRu8mu-eRkDRWcvWVWZF9nSiK8TKFYNrc
flusoprano.com/ Name: u_pl16599697
Value: 1
flusoprano.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjU5OTY5NywiayI6IjZhZDQxYThiZjIyYjgwNzkxYTk0ZGY5ZmYwNTY2NGRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYxMTE1LCJwaWQiOjIzNjc3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InNqMmlyNHhlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2MTQzNjI4NCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMzYxNDIsImJuIjoiQ2hyb21lIiwiYnYiOiIxMzEiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoyMjMsImMiOiJVUyIsIm4iOiJVbml0ZWQgU3RhdGVzIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiVmVyaXpvbiBJbnRlcm5ldCBTZXJ2aWNlcyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZG9yaWFuZm90aGVyaW5naGFtaWhjdzcucGFnZXMuZGV2LyIsImFyIjpbXX19.ZmF--dt1yEUuqRDcBujLHoaIUFZfAXeVwjaL-eslXU8
achieveweakness.com/ Name: uid_id2
Value: 0c6c5925-9726-43a5-a413-4e3b8d2e9247:3:1
achieveweakness.com/ Name: pdhtkv
Value: true
achieveweakness.com/ Name: uncs
Value: 1
achieveweakness.com/ Name: pdhtkv32
Value: true
achieveweakness.com/ Name: uncs32
Value: 1
flusoprano.com/ Name: uid_id2
Value: 8b9736a9-323c-4687-9ed7-1d6e1ffcdcbb:3:1
flusoprano.com/ Name: pdhtkv
Value: true
flusoprano.com/ Name: uncs
Value: 1
flusoprano.com/ Name: pdhtkv5
Value: true
flusoprano.com/ Name: uncs5
Value: 1
dorianfotheringhamihcw7.pages.dev/ Name: HstCfa4613330
Value: 1734264087664
dorianfotheringhamihcw7.pages.dev/ Name: HstCla4613330
Value: 1734264087664
dorianfotheringhamihcw7.pages.dev/ Name: HstCmu4613330
Value: 1734264087664
dorianfotheringhamihcw7.pages.dev/ Name: HstPn4613330
Value: 1
dorianfotheringhamihcw7.pages.dev/ Name: HstPt4613330
Value: 1
dorianfotheringhamihcw7.pages.dev/ Name: HstCnv4613330
Value: 1
dorianfotheringhamihcw7.pages.dev/ Name: HstCns4613330
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1734264088
.dtscout.com/ Name: l
Value: 6D001734264088B128F00CAD4D652415
.lijit.com/ Name: lijitAcc3PC
Value: 1
.dorianfotheringhamihcw7.pages.dev/ Name: __dtsu
Value: 6D001734264088B128F00CAD4D652415
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1734264089616%7D%5D
.tynt.com/ Name: uid
Value: CoIKTGdexRkiX8BeA/EwAg==
.simpli.fi/ Name: suid
Value: A93BD1107F6242938E67C4110DB56541
.dtscdn.com/ Name: uid
Value: 6D001734264088B128F00CAD4D652415
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 64bec516d33a12876ddf913693685d03
.onaudience.com/ Name: cookie
Value: 12874604f042bb45
.onaudience.com/ Name: done_redirects200
Value: 1
.bidberry.net/ Name: cookie
Value: 12874604f042bb45
.bidberry.net/ Name: done_redirects280414
Value: 1

7 Console Messages

Source Level URL
Text
javascript warning URL: https://adslnews.biz.id/get/site/js/c83cf36b91f37f5ea1ebf428c745ad2b(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://curioushingefast.com/df1937ded21c742a7a9fd380ae55ab5e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adslnews.biz.id/get/site/js/c83cf36b91f37f5ea1ebf428c745ad2b(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://curioushingefast.com/df1937ded21c742a7a9fd380ae55ab5e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adslnews.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://curioushingefast.com/6ad41a8bf22b80791a94df9ff05664db/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adslnews.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://curioushingefast.com/6ad41a8bf22b80791a94df9ff05664db/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dorianfotheringhamihcw7.pages.dev/(Line 155)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dorianfotheringhamihcw7.pages.dev/(Line 155)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://tse1.mm.bing.net/th?q=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
achieveweakness.com
adslnews.biz.id
bcp.crwdcntrl.net
bidberry.net
cdn.storageimagedisplay.com
cdn.tynt.com
cdnjs.cloudflare.com
curioushingefast.com
de.tynt.com
dorianfotheringhamihcw7.pages.dev
e.dtscout.com
flusoprano.com
i.simpli.fi
ic.tynt.com
p.dtsan.net
pd.sharethis.com
proftrafficcounter.com
pxdrop.lijit.com
s10.histats.com
s4.histats.com
suggestqueries.google.com
t.dtscdn.com
t.dtscout.com
tse1.mm.bing.net
bidberry.net
104.18.12.146
149.56.240.31
172.240.127.234
192.243.59.12
192.243.61.227
23.212.251.25
2606:4700:10::6814:345
2606:4700:20::681a:d3c
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2606:4700:3033::ac43:816d
2606:4700:3036::ac43:a74f
2606:4700:310c::ac42:2c59
2606:4700::6811:190e
2607:f8b0:4004:c09::84
2607:f8b0:400d:c03::71
2620:1ec:33:1::10
2a02:b48:8301::1
3.128.213.107
3.220.52.112
34.86.110.8
35.173.157.167
67.202.105.31
01398e436ea244e7dfb3dc32f17898ce0bde27aa8df4d9908d5d8bea3cb28d17
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0cf82b61c6e76dcbcab794adca9d4bd8bc53d5fecb2dd7c5c4f816fd10313ff0
104bb34c75fe12b43d57788323385df58f42849a5ce05bb9a71b99a96184d43e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d3d289698d5ee331e2f6e95e38efa264f59bed702de0e3bd805b7b5f2653bd
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
554572ff7a9dc627e08de11878084e9623c7b86868581c43e12204fe4ea3078c
58254d2734e2684c0917ea053aa15fda8a532f540b1397536148fd7cccf2cb66
594fd11fdc1d659eadce57814de9cccbbd71b53cf3d8bd31b299b49a54eab823
5cf1a4db1b56021c076299966a26ecb06811fd0a39d8398e3c33d22e8f037f1a
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
660993288f2823a9ff4c829e200b40257f84eed0b3b10e1df5fadace55be7256
7939f65a9c6afb4729a070d1afc62490ca94c468ee931586e63196041365cf27
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
913697d38c42449701edbc9076e47f75adba56e709af47e76c5b71dfa52f95d2
a6159f3d5a1a2ecf48e7d529a1afe6d2117621ea3cdf536bbfde8f203e1af461
b928587f62a1d1f5a7b5ad171f87852adbea1d7dc458c75c7ea6bca72eaf794e
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84e7f677c190272e808a4ccacf864d03579037e1f01e7095c7c79ae2d60edf1
ec895828d9fb45d8f8f805ef847b6968cd9506b1fbee3fe91302c3304a85dd69
f3991e3e94c9f63962886b80ea953e88a64295c827a7ea95e0f1691cbfc42b07