urlscan.io logo urlscan.io
SecurityTrails logo

mail.134-209-47-157.cprapid.com Open in urlscan Pro
134.209.47.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.134-209-47-157.cprapid.com/
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 34 HTTP transactions. The main IP is 134.209.47.157, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mail.134-209-47-157.cprapid.com.
TLS certificate: Issued by R3 on April 21st 2024. Valid for: 3 months.
This is the only time mail.134-209-47-157.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 134.209.47.157 14061 (DIGITALOC...)
20 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.100 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 7
2    134.209.47.157 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
mail.134-209-47-157.cprapid.com
20    2606:4700:20::681a:ecb (United States)

ASN13335 (CLOUDFLARENET, US)
qj.net
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f100.1e100.net
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
20 qj.net
qj.net
2 MB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
265 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
2 cprapid.com
mail.134-209-47-157.cprapid.com
53 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
856 B
34 5
Domain Requested by
20 qj.net mail.134-209-47-157.cprapid.com
qj.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com mail.134-209-47-157.cprapid.com
2 mail.134-209-47-157.cprapid.com 1 redirects
1 www.gstatic.com www.google.com
1 www.google.com mail.134-209-47-157.cprapid.com
34 6

This site contains links to these domains. Also see Links.

Domain
qj.net
forums.qj.net
roulettealsharq.com
superbthemes.com
Subject Issuer Validity Valid
www.qj.net
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
qj.net
E1		 2024-03-01 -
2024-05-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.134-209-47-157.cprapid.com/
Frame ID: 41BE69FDC4B15421674D199C4A1D2C71
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QuickJump - qj.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

74 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

2318 kB
Transfer

2866 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://mail.134-209-47-157.cprapid.com/favicon.ico HTTP 302
  • https://qj.net/wp-includes/images/w-logo-blue-white-bg.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.134-209-47-157.cprapid.com/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.134-209-47-157.cprapid.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.47.157 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
be9394995feab9a38056d5f04c7b2c9e30b9f5bf1423d3b68f8ad57e0f67fe22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=3, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Apr 2024 21:20:29 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,Cookie
style.min.css
qj.net/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-includes/css/dist/block-library/style.min.css?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:50:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7RocSkrjn2HJ8uPZMBNgs6QjqHeHbkVFBFojQtWKIowS3a0dqcyElMp%2FBBVoST5J8VYYUGEE3ch7%2F4IFGcPO%2Bt8fJmRgAj8umwN5NEa9%2B6OEmC5WIQHnXE4Q%2FAi%2FZNUlp7gLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87806b19dce79b5e-FRA
style.css
qj.net/wp-content/themes/feather-magazine/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-content/themes/feather-magazine/style.css?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb241a0b864b4b4331fb3a2b4af31c99727bb117f72fe9a899d3f03a67cf922

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 17:50:38 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=61932
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8CXMoLr8Q9huw6YvbjO15OHQqmU3EESQ8SYy9z3R7YPtkTi4AaiBZVm6I7ysmStFyFbr9iJQIJYJQSuVBUg5XqI%2BCMWfUgRIBdFRADlfolcOIun41wAU6wfqSIT65NoG6bRkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87806b19dcdf9b5e-FRA
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C500%2C600&ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 21:20:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 21:20:29 GMT
style.css
qj.net/wp-content/themes/news-portaly/ 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-content/themes/news-portaly/style.css?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619eb3aba9cd00f8af8aeaf577ce708cd6a7531f9a4b4683519cbc232cf8c295

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 17:50:42 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=59307
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2B0vfjvwOtZ0XZ8tqP%2Bhml1htdKiTqBKU%2FMUgpIlQ6bkYVFwapJLbT6ElJYyU7rPW1r9nOQ%2BEaDf3Go6HuxBNHTIVToCsKD1msdZR4cizrTdGFNSg%2B39Gdpvr9OP8GmiU38hHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87806b19dce49b5e-FRA
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67bd4983e18bee23901386bb2dbd0d8c2b25d7e5def185f43705c6a0a8f7148a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 19:56:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 21:20:29 GMT
script.js
qj.net/wp-content/plugins/shortcode-for-current-date/dist/ 		976 B
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-content/plugins/shortcode-for-current-date/dist/script.js?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e80e2c741c4a4e4eccaca868c19939699d25e63449f2a7e973d87b89fc057d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 17:50:37 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1011
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQt9HgaF1bi5MmoeSaviUfEpr%2BQEBJX%2FzQ3qUuYc8oV0tPR6%2BYFeueo6HA5tuEv4gdNE6sD2jFfzc2rD%2BwJLD95p3NbT0ee3mcDV8GQ2KZkH%2B0SpsEH%2BWzFNVc%2B13DlIZHiYDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b19dce99b5e-FRA
jquery.min.js
qj.net/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:50:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYiMn0yujF4S%2BaqCLdkf3ao4yiAmhNUEOlm6zU1S0ldZPUds1KJ3qjntiACJWLO5U4buFCyM0f70dSHmiMXXDsyjAVEwxVaPO268Vo2cVYrAKy%2Bu%2FGh2sgiR4EcWurbEb9ET9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b19dcee9b5e-FRA
jquery-migrate.min.js
qj.net/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:50:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47%2FzAp5GiADbTFyBmLueHpioit8GX8EoPS1oqvdZMbIoRkNqgc6clAyDWH%2BUR%2Bs0zOHpdNz3D7nMaQ0fwSvyAtrJeaDhXa%2BaFEr0vRycBGo7yozFy0ccmrx%2FVvCF5L6v5AIK8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b19dceb9b5e-FRA
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f100.1e100.net
Software
GSE /
Resource Hash
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 21 Apr 2024 21:20:30 GMT
cropped-cropped-logo.png
qj.net/wp-content/uploads/2020/05/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2020/05/cropped-cropped-logo.png
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89e680a61077d9c6ca25251300c675d2be704df357079b42a6304d6134b616c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:59:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veUGpeEXY6Lq5a1NE8QitVaJUvPcVs9LbDKha7MENtAdMuOVEgCsb%2FlgdMSN%2B0JnqWiAPCOY1iNk2b19S7HSTQpaztbS1TzIAIH2iQw1vKC4LSDhjmwhv1LYoJbRGB6KW9Xxag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b19dced9b5e-FRA
content-length
207314
8a30836d-69ea-4716-b12a-70e7ea149a0d
https://mail.134-209-47-157.cprapid.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.134-209-47-157.cprapid.com/8a30836d-69ea-4716-b12a-70e7ea149a0d
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
ta.js
qj.net/wp-content/plugins/thirstyaffiliates/js/app/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.10.20
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c173318dc927d3bca23996858d5c1853b342a120859108f28fc456b5172c0f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 17:50:38 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=10792
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6P3QWUiw0ZQF92NQdycqBnRngo1P4bylSHKgijhNpmvhnmU63yL%2FfPDqBhrIf4beeUajhGTz%2BQInDYWT78lzpcJaA4oTGKVzH8ncf%2BakDt1SiJvvqSVj%2BhXLuBz6d9G8oigvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b19dcf09b5e-FRA
customscripts.js
qj.net/wp-content/themes/feather-magazine/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-content/themes/feather-magazine/js/customscripts.js?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19d15fa9a958e8c4885a5f7f76c62263a1ca5b8d509c424e98c5e1b7af857cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 17:50:31 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4418
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2ByYZnFY87mRD6dy9ecadsGxaWHe7nJlTD6RU31HLhz0NFrZCOl3tpT%2F%2BFgXmnHuRf9P%2BIFniCTUhE5ck5htda9%2Fj6pFZOh24SsECiZ9uGARWkLGOiTbo9DCkBvgeyCBijddzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b1a1d219b5e-FRA
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		184 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3867e4a7004c6385f0bf496d05e14a91b2b0e0b15bbd7296a78ad5b21dac2386

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		260 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46a2c967d6b79a722f2dbf188440c0b5ecc3ed41a0e93f55a920351eb30ae7a6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
81232-best-10-online-casino-sites-in-new-jersey.jpg
qj.net/wp-content/uploads/2023/09/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81232-best-10-online-casino-sites-in-new-jersey.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7381561aa3e73d5d6c0cc6e8740b64722ca4dcc63877dc8f3ec737dbf39ac7b8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVg6FSNS%2BWg7yT74B5ExIjd7b5Ivmj%2BM8UzD53zOvDZBnEethNX3zWw5XiMrjEuLaaY9%2FKinfTcHMJgo9ziCPvlEn%2F6AZnG94H5DKUk8ij0j74wak04%2BxZBfQSW4GUwjgZb3qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58009b5e-FRA
content-length
62179
81230-best-12-online-casinos-in-canada.jpg
qj.net/wp-content/uploads/2023/09/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81230-best-12-online-casinos-in-canada.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4001a5879af4d5cc3da53b3068c3f129fad18d647f1cbc2960f2d380b1c565b1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auOLMapZW4%2BqhixqRU5EhRxg0ewh7OLQAZR4kl0rK7cKtktkJo%2BWp%2FnEEdPsD%2ByEm7%2FNOIqEQ8hnU7xsdiGyq58q1NA%2FhdHNpCQWelBm5qC83eucMSvJcGvei7qU3OFYxZUOxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58029b5e-FRA
content-length
125239
81228-best-welcome-bonus-online-casino-in-canada.jpg
qj.net/wp-content/uploads/2023/09/ 		242 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81228-best-welcome-bonus-online-casino-in-canada.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228a5ac8cdc82c979bea0063016eefd6893971c54c0a57fba62981cb10eddefb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u1g0iMVxeGkv381ZNR6Ak8hkn7wutO0ho5W%2BEvx6EUjIJGjqaUtsH2aP8mKBYXUwl0FH2Wg7NHRMX5fBrFsyzLldMyGrdmd877ZW4%2Ft3Bt5ccscv16bdGmHbzUfVoWYLQfybEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58049b5e-FRA
content-length
247620
81226-canadian-best-3-live-blackjack-online-casinos.jpg
qj.net/wp-content/uploads/2023/09/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81226-canadian-best-3-live-blackjack-online-casinos.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a53c6a2a4e685d0c6b5e46b52c09458e022e50a9bc03b145f82b66fac08d1b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hOyxN4sYx6QVgzBp0rQ02DmffAzN8Ok5opFClOvbQsKizc5%2FWiTg%2FnxOANy7FycX1zyMVRHM9Lqx03nfKLBSj%2FcnRX%2Fz0tXyISXFY0j2jygH4zPP644NqVaAyTg3NahoBPGsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58059b5e-FRA
content-length
27709
81224-jackpot-city-casino-review-canada.jpg
qj.net/wp-content/uploads/2023/09/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81224-jackpot-city-casino-review-canada.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820510dbe592a9c896c931a0041c6c3c419450a4b194a90a1f051cae5f9393f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjMVB6HaPclV2ZjXKjqNEbzwzCPFWVeC3tYKqcReOquIpP%2FtMGUFbMDuhV4cgV7rOEeDHjKalMWpvC37KjJO9b7gUMC8%2Fx0WWgVwTEp2HLf0UoRIU5am3dLilAgXQhx20gcGeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58069b5e-FRA
content-length
100893
81222-mastercard-best-3-online-casino-sites-in-canada.jpg
qj.net/wp-content/uploads/2023/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81222-mastercard-best-3-online-casino-sites-in-canada.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969511de831250349d48fdce13a795cc86c37e63c6b4e7c72335b80460470e5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smEQvCvXLCZIZkRsSXlxo15FSyExvk36E2kgUMhlH7wvj%2FmM71f1kHzs5dJz0qa3nCWP41J7ITklGo0MXeRxXo5t7ArNmpVGxiFuYA8ZPq%2FzqbKWPj7k0fwUlquvsZlytscipQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58079b5e-FRA
content-length
27761
81220-15-best-online-casinos-not-on-gamstop-in-the-uk-scaled.jpg
qj.net/wp-content/uploads/2023/09/ 		627 KB
628 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/81220-15-best-online-casinos-not-on-gamstop-in-the-uk-scaled.jpg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392407210a40593a4eba6cbe302cbaa9e5ab05d6f7e56334fdcdcdc3a1a26a8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdO50JWhE6NAT2Ab2P2fqTRfbcJK28Jw8oGtAHpco5pk9xoTq1neCh4yWcL5yLg1FriI92RBlxNtzQ5G4G9wu3ri8Tr757GvrsLkYraZhsbGyC0KdcYOw7hbF%2Bkoch5Hcr3XCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d58099b5e-FRA
content-length
641728
megaparii.webp
qj.net/wp-content/uploads/2023/09/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/megaparii.webp
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9aefe05f4764a3451a68245661248c8f1247df663ed9f66206636fa4d6befd6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjdG4ZhQzXRQ3%2FArAzdOGAdX7SIgiW5g4vQUUnNbQA09WTMvXvcdDFnuEGwiRk9b2H9Q7DCqofLIphyr3AwhshkL%2BLsCbrlVBP0iU0IqvbnVYKhNIyJaCdLahSYbo%2BMWEHZ9pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d580a9b5e-FRA
content-length
263186
argentina2-scaled.jpeg
qj.net/wp-content/uploads/2023/09/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qj.net/wp-content/uploads/2023/09/argentina2-scaled.jpeg
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ecdf3fe474fe508edd65f85046b9ef19e8e171784d4ff761e8c9df8cd2eb9e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 21 Apr 2024 17:59:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jT85%2FBT1Pa8F%2BSmIZCVsB%2B%2F5UO3vQrryg9wiNTN3tphHdSUie1OBlfApPiq4Ad96K84Vis4JgZacfexWBo0IETwS%2FohjWHnh0s%2BBejWdUyEOieNhIBxxTNg9SrJHxswvk4e%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b1d580b9b5e-FRA
content-length
251405
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C500%2C600&ver=6.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://mail.134-209-47-157.cprapid.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
167674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
feather-magazine.woff2
qj.net/wp-content/themes/news-portaly/fonts/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://mail.134-209-47-157.cprapid.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
160507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 00:45:23 GMT
wp-emoji-release.min.js
qj.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-includes/js/wp-emoji-release.min.js?ver=6.3.4
Requested by
Host: mail.134-209-47-157.cprapid.com
URL: https://mail.134-209-47-157.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:20:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:50:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wZMhfBGe99P%2B%2F2LPeYaO61QjNFGzU2VfGXOkPuvy4oIVgq0MzNRqI%2Fa8RHIHMKdGfGfNUcSivWjEnvQz5FbeMnBXQ5atqXKM4%2BswMIenQ4TNjBLkoAwHWkVSppeCuwAl8pf7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87806b1d883e9b5e-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.134-209-47-157.cprapid.com/
Origin
https://mail.134-209-47-157.cprapid.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 12:17:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Apr 2025 12:17:56 GMT
feather-magazine.woff
qj.net/wp-content/themes/news-portaly/fonts/ 		0
0
feather-magazine.ttf
qj.net/wp-content/themes/news-portaly/fonts/ 		0
0
feather-magazine.woff2
qj.net/wp-content/themes/feather-magazine/fonts/ 		0
0
w-logo-blue-white-bg.png
qj.net/wp-includes/images/
Redirect Chain
  • https://mail.134-209-47-157.cprapid.com/favicon.ico
  • https://qj.net/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qj.net/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://mail.134-209-47-157.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 21:20:32 GMT
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2024 17:50:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWWeHQ0SaS52haBBEPZzAoDSVu7mx0oj%2BogpNDxE7jNdhDxrSrGCHOZPcQkdZdaxhaMbxnvN5idsl%2FW4Z9Zeurq0N0PkMDmukAksobr3hDUydIVCvmBnh9ztiqgkjwlCDf5dvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87806b2a0ad99b5e-FRA
content-length
4119

Redirect headers

cf-edge-cache
cache,platform=wordpress
Date
Sun, 21 Apr 2024 21:20:31 GMT
Server
Apache
X-Redirect-By
WordPress
Vary
Accept-Encoding,Cookie
Content-Type
text/html; charset=UTF-8
Location
https://qj.net/wp-includes/images/w-logo-blue-white-bg.png
Connection
Keep-Alive
Link
<https://qj.net/wp-json/>; rel="https://api.w.org/"
Content-Length
0
Keep-Alive
timeout=5, max=99
feather-magazine.woff
qj.net/wp-content/themes/feather-magazine/fonts/ 		0
0
feather-magazine.ttf
qj.net/wp-content/themes/feather-magazine/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
qj.net
URL
https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff2
Domain
qj.net
URL
https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff
Domain
qj.net
URL
https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.ttf
Domain
qj.net
URL
https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff2
Domain
qj.net
URL
https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff
Domain
qj.net
URL
https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.ttf

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| thirsty_global_vars object| thirstyFunctions object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| twemoji object| wp object| recaptcha

1 Cookies

Domain/Path Name / Value
mail.134-209-47-157.cprapid.com/ Name: pll_language
Value: en

12 Console Messages

Source Level URL
Text
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff2' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.ttf' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/news-portaly/fonts/feather-magazine.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff2' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.134-209-47-157.cprapid.com/
Message:
Access to font at 'https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.ttf' from origin 'https://mail.134-209-47-157.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://qj.net/wp-content/themes/feather-magazine/fonts/feather-magazine.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mail.134-209-47-157.cprapid.com
qj.net
www.google.com
www.gstatic.com
qj.net
134.209.47.157
172.217.23.100
2606:4700:20::681a:ecb
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
1e80e2c741c4a4e4eccaca868c19939699d25e63449f2a7e973d87b89fc057d1
228a5ac8cdc82c979bea0063016eefd6893971c54c0a57fba62981cb10eddefb
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
3867e4a7004c6385f0bf496d05e14a91b2b0e0b15bbd7296a78ad5b21dac2386
392407210a40593a4eba6cbe302cbaa9e5ab05d6f7e56334fdcdcdc3a1a26a8a
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cb241a0b864b4b4331fb3a2b4af31c99727bb117f72fe9a899d3f03a67cf922
4001a5879af4d5cc3da53b3068c3f129fad18d647f1cbc2960f2d380b1c565b1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46a2c967d6b79a722f2dbf188440c0b5ecc3ed41a0e93f55a920351eb30ae7a6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
619eb3aba9cd00f8af8aeaf577ce708cd6a7531f9a4b4683519cbc232cf8c295
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67bd4983e18bee23901386bb2dbd0d8c2b25d7e5def185f43705c6a0a8f7148a
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7381561aa3e73d5d6c0cc6e8740b64722ca4dcc63877dc8f3ec737dbf39ac7b8
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae
9a53c6a2a4e685d0c6b5e46b52c09458e022e50a9bc03b145f82b66fac08d1b7
a969511de831250349d48fdce13a795cc86c37e63c6b4e7c72335b80460470e5
be9394995feab9a38056d5f04c7b2c9e30b9f5bf1423d3b68f8ad57e0f67fe22
c4ecdf3fe474fe508edd65f85046b9ef19e8e171784d4ff761e8c9df8cd2eb9e
d19d15fa9a958e8c4885a5f7f76c62263a1ca5b8d509c424e98c5e1b7af857cd
d89e680a61077d9c6ca25251300c675d2be704df357079b42a6304d6134b616c
d9aefe05f4764a3451a68245661248c8f1247df663ed9f66206636fa4d6befd6
f2c173318dc927d3bca23996858d5c1853b342a120859108f28fc456b5172c0f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f820510dbe592a9c896c931a0041c6c3c419450a4b194a90a1f051cae5f9393f