urlscan.io logo urlscan.io
SecurityTrails logo

a8672336.mnoova.com Open in urlscan Pro
2606:4700:3032::681b:a1b4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/34mSMPv#3332325f373930373439385f3332315f636c5f353235385f313030335f52414a6168343372573353526e4539...
Effective URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Submission: On August 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3032::681b:a1b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is a8672336.mnoova.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.
This is the only time a8672336.mnoova.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 17 31.6.70.117 39869 (LIVENET-)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 34.102.211.173 15169 (GOOGLE)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 104.18.26.20 13335 (CLOUDFLAR...)
35 6
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
17    31.6.70.117 (Tarnowskie Gory, Poland)

ASN39869 (LIVENET-, PL)
PTR: news.elfunny.com
news.elfunny.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    34.102.211.173 (United States)

ASN15169 (GOOGLE, US)
PTR: 173.211.102.34.bc.googleusercontent.com
www.hs8iitrk.com
13    2606:4700:3032::681b:a1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
a8672336.mnoova.com
4    104.18.26.20 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
assets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
17 elfunny.com
news.elfunny.com
525 KB
13 mnoova.com
a8672336.mnoova.com
89 KB
4 hcaptcha.com
hcaptcha.com
assets.hcaptcha.com
21 KB
2 hs8iitrk.com
www.hs8iitrk.com
704 B
2 googleapis.com
fonts.googleapis.com
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
2 KB
1 bit.ly
bit.ly
248 B
35 7
Domain Requested by
17 news.elfunny.com 1 redirects news.elfunny.com
13 a8672336.mnoova.com news.elfunny.com
a8672336.mnoova.com
3 assets.hcaptcha.com a8672336.mnoova.com
hcaptcha.com
2 www.hs8iitrk.com 2 redirects
2 fonts.googleapis.com news.elfunny.com
1 hcaptcha.com 1 redirects
1 cdnjs.cloudflare.com news.elfunny.com
1 bit.ly 1 redirects
35 8

This site contains links to these domains. Also see Links.

Domain
lagungroen.com
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh

This page contains 3 frames:

Primary Page: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Frame ID: F0C2010F89A5BA9345E15F3A68D54F87
Requests: 34 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Frame ID: DA957449CF1F15D59651F910BB476203
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Frame ID: 252C01A5B3D427282521FAEDCED5729E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/34mSMPv HTTP 301
    http://news.elfunny.com/ Page URL
  2. http://news.elfunny.com/3332325f373930373439385f3332315f636c5f353235385f313030335f52414a616834337257... HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=RAJah43rW3SRnE9ZeTQgd&s4=7907498&s5=o1ACUveH... HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=62354b9905014f50a3cd4afa4faffc40&__r... HTTP 302
    https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651 Page URL

Page Statistics

35
Requests

54 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

639 kB
Transfer

813 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/34mSMPv HTTP 301
    http://news.elfunny.com/ Page URL
  2. http://news.elfunny.com/3332325f373930373439385f3332315f636c5f353235385f313030335f52414a6168343372573353526e45395a6554516764 HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=RAJah43rW3SRnE9ZeTQgd&s4=7907498&s5=o1ACUveHVNhJzs1ozfjq4 HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=62354b9905014f50a3cd4afa4faffc40&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/34mSMPv HTTP 301
  • http://news.elfunny.com/
Request Chain 29
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
news.elfunny.com/
Redirect Chain
  • https://bit.ly/34mSMPv
  • http://news.elfunny.com/
12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
0183b07493705e138959e7d8b47a25ea435551ae60a3e3e8e998bc8fa44043fc

Request headers

Host
news.elfunny.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

status
301
server
nginx
date
Mon, 24 Aug 2020 12:14:18 GMT
content-type
text/html; charset=utf-8
content-length
111
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://news.elfunny.com/
referrer-policy
unsafe-url
set-cookie
_bit=k7ocei-85f60e63ed91d1a5a2-00N; Domain=bit.ly; Expires=Sat, 20 Feb 2021 12:14:18 GMT
via
1.1 google
alt-svc
clear
bootstrap.min.css
news.elfunny.com/vendor/bootstrap/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1d970-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
121200
font-awesome.min.css
news.elfunny.com/vendor/font-awesome/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/font-awesome/css/font-awesome.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"7187-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29063
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 12:11:47 GMT
server
ESF
date
Mon, 24 Aug 2020 12:14:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Aug 2020 12:14:19 GMT
css
fonts.googleapis.com/ 		16 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 12:03:39 GMT
server
ESF
date
Mon, 24 Aug 2020 12:14:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Aug 2020 12:14:19 GMT
magnific-popup.css
news.elfunny.com/vendor/magnific-popup/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/magnific-popup/magnific-popup.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
creative.min.css
news.elfunny.com/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/css/creative.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
c34418be12eb16bfbec0beff552b34cb3f5de0c1fca220437ee1fd0c70ef1e39

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1ec3-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7875
1.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/1.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"f92c-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
63788
2.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/2.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bbe5-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
48101
3.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/3.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bc64-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
48228
4.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/4.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bf9f-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
49055
5.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/5.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"f37e-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
62334
6.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/6.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"d0b4-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
53428
jquery.min.js
news.elfunny.com/vendor/jquery/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/jquery/jquery.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
225
Content-Type
text/html; charset=iso-8859-1
bootstrap.min.js
news.elfunny.com/vendor/bootstrap/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"90b5-53a6bf66fff80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
37045
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
25937186
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04c1fd1b410000d705c9b0c200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:12 GMT
server
cloudflare
etag
W/"5afd494c-15b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c7cfe0b9ba8d705-FRA
expires
Sat, 14 Aug 2021 12:14:19 GMT
scrollreveal.min.js
news.elfunny.com/vendor/scrollreveal/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/scrollreveal/scrollreveal.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
jquery.magnific-popup.min.js
news.elfunny.com/vendor/magnific-popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
248
Content-Type
text/html; charset=iso-8859-1
creative.min.js
news.elfunny.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/js/creative.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:14:19 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"450-53a6bf66fff80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1104
Primary Request 9e526a4a97
a8672336.mnoova.com/rc/
Redirect Chain
  • http://news.elfunny.com/3332325f373930373439385f3332315f636c5f353235385f313030335f52414a6168343372573353526e45395a6554516764
  • https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=RAJah43rW3SRnE9ZeTQgd&s4=7907498&s5=o1ACUveHVNhJzs1ozfjq4
  • https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=62354b9905014f50a3cd4afa4faffc40&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb295d46846fe7d408bd3c4227d2a462fc9a8b1ffe82bfecb727f4607e4f80
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a8672336.mnoova.com
:scheme
https
:path
/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://news.elfunny.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://news.elfunny.com/#3332325f373930373439385f3332315f636c5f353235385f313030335f52414a6168343372573353526e45395a6554516764

Response headers

status
403
date
Mon, 24 Aug 2020 12:14:20 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=dabdcd1d73506ef5ee86a23ed2c1aea5a1598271260; expires=Wed, 23-Sep-20 12:14:20 GMT; path=/; domain=.mnoova.com; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
04c1fd2036000016eee60c3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c7cfe138c4416ee-FRA
content-encoding
br

Redirect headers

status
302
server
nginx
date
Mon, 24 Aug 2020 12:14:20 GMT
content-type
text/html; charset=utf-8
content-length
120
location
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
set-cookie
uniqueClick_NFC9H=d313b865-6da2-46ad-ad30-7de50286cbe1:1598271260; Path=/; Expires=Wed, 23 Sep 2020 12:14:20 GMT; Secure; SameSite=None transaction_id=3c70ef205cf34270a843dc94de67c496; Path=/; Expires=Sun, 22 Nov 2020 12:14:20 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
502a8b69-43b3-43bd-9e99-f6d1f84b7c7e
via
1.1 google
alt-svc
clear
cf.errors.css
a8672336.mnoova.com/cdn-cgi/styles/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5b724501640c081ba873f3d27b9f547b62ce5a4ef5d594ff630f00ba1eea7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-6d64"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
5c7cfe13ccca16ee-FRA
cf-request-id
04c1fd2058000016eee60c7200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
zepto.min.js
a8672336.mnoova.com/cdn-cgi/scripts/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/scripts/zepto.min.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
etag
W/"5f3ab77a-618f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5c7cfe13cccc16ee-FRA
cf-request-id
04c1fd2058000016eee60c8200000001
expires
Wed, 26 Aug 2020 12:14:20 GMT
cf.common.js
a8672336.mnoova.com/cdn-cgi/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/scripts/cf.common.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
etag
W/"5f3ab77a-1138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5c7cfe13cccd16ee-FRA
cf-request-id
04c1fd2058000016eee60c9200000001
expires
Wed, 26 Aug 2020 12:14:20 GMT
transparent.gif
a8672336.mnoova.com/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5c7cfe138c4416ee
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7cfe13ed3316ee-FRA
content-length
42
cf-request-id
04c1fd206f000016eee60ca200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
browser-bar.png
a8672336.mnoova.com/cdn-cgi/images/ 		715 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-2cb"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7cfe13ed3716ee-FRA
content-length
715
cf-request-id
04c1fd206f000016eee60cb200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
cf-no-screenshot-warn.png
a8672336.mnoova.com/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-a20"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7cfe13ed3916ee-FRA
content-length
2592
cf-request-id
04c1fd206f000016eee60cc200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
opensans-300.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		15 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-300.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3dfc"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7cfe13ed3c16ee-FRA
cf-request-id
04c1fd2070000016eee60cd200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
opensans-400.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		16 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-400.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3e40"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7cfe13ed4416ee-FRA
cf-request-id
04c1fd2070000016eee60ce200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
opensans-600.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		16 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-600.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3eb8"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7cfe13ed4916ee-FRA
cf-request-id
04c1fd2071000016eee60cf200000001
expires
Mon, 24 Aug 2020 14:14:20 GMT
v1
a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3c6b5f6c789fd4fa3201bc73b0a718c3bc3fb9bd2515ed890c90598143ecb1

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5c7cfe143dee16ee-FRA
cf-request-id
04c1fd209f000016eee60d1200000001
hcaptcha.js
assets.hcaptcha.com/captcha/v1/558182b/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23b3fb70919ee3c7f42c2a161dea8d1978c9cee5d398034b3ff8293826792bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
209145
cf-polished
origSize=63599
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9ABD1A19525C9649
x-amz-id-2
2x1VCUyXrSIRkyRNxFyNsYW7c9GgL+zfkMx4MjharMXamldqAzWyCOC6WzPUWPKhsH5TUKvz1tA=
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
server
cloudflare
etag
W/"273f6ffcafc06e0f0ae6241755176c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
04c1fd221b00001e79c4149200000001
cf-ray
5c7cfe169ce21e79-AMS
cf-bgj
minify

Redirect headers

date
Mon, 24 Aug 2020 12:14:21 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5c7cfe158a7a1e79-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04c1fd217800001e79c413b200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
ae70a7fbb9204a1
a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.2257887811071544:1598270820:026aed2a94347322a16b64f4f457c60979a7c5a196277faaeebcc137c145fe89/5c7cfe138c4416ee/ 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.2257887811071544:1598270820:026aed2a94347322a16b64f4f457c60979a7c5a196277faaeebcc137c145fe89/5c7cfe138c4416ee/ae70a7fbb9204a1
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166a7b3c45b7332d6410ebb438b8c320eb46090cd8b71b876ba37c669f5e7163

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
ae70a7fbb9204a1
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 Aug 2020 12:14:20 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c7cfe14cf3616ee-FRA
cf-request-id
04c1fd20fc000016eee60d4200000001
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d780b74f88f99f290244af6578b83d6883d2e0f82f7114bdf654b9f0602fd2a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ae70a7fbb9204a1
a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.2257887811071544:1598270820:026aed2a94347322a16b64f4f457c60979a7c5a196277faaeebcc137c145fe89/5c7cfe138c4416ee/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.2257887811071544:1598270820:026aed2a94347322a16b64f4f457c60979a7c5a196277faaeebcc137c145fe89/5c7cfe138c4416ee/ae70a7fbb9204a1
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da1816fd59041885134ecb9958aa9a9daa66eeb60123884f0074f5940175a6c

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
ae70a7fbb9204a1
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 Aug 2020 12:14:21 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c7cfe18589716ee-FRA
cf-request-id
04c1fd2332000016eee6100200000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame DA95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651

Response headers

status
200
date
Mon, 24 Aug 2020 12:14:22 GMT
content-type
text/html
set-cookie
__cfduid=d414897f33aada8e17457e5c5e04adb621598271261; expires=Wed, 23-Sep-20 12:14:21 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
jINqXFJQIycjpG5DtXJDjuW0rqtNvfaPYAo5yrRhvOC6mjlUxiykeLx8hV2gKFgePeyvRuUGUA0=
x-amz-request-id
E1146A14582DF83C
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
cf-cache-status
DYNAMIC
cf-request-id
04c1fd24c800001e79c4175200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c7cfe1adeb61e79-AMS
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame 252C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=3c70ef205cf34270a843dc94de67c496&pubid=651

Response headers

status
200
date
Mon, 24 Aug 2020 12:14:22 GMT
content-type
text/html
set-cookie
__cfduid=d414897f33aada8e17457e5c5e04adb621598271261; expires=Wed, 23-Sep-20 12:14:21 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
8JQfkcwXMqSj5/heE+XXhAcLZkObSXAupstx07x484tQcWCCUss8ipmSORqkxiOx32OZJ7rLsiE=
x-amz-request-id
8861B33F1FEB801C
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:02 GMT
cf-cache-status
DYNAMIC
cf-request-id
04c1fd24d400001e79c4176200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c7cfe1aeede1e79-AMS
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| Zepto function| $ function| Polyglot object| polyglot object| _cf_chl_opt function| _cf_chl_enter function| a function| b object| _cf_translation function| SHA256 function| _cf_chl_hload boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest object| _cf_chl_ctx function| _ object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded

3 Cookies

Domain/Path Name / Value
a8672336.mnoova.com/ Name: cf_chl_prog
Value: a12
a8672336.mnoova.com/ Name: cf_chl_1
Value: ae70a7fbb9204a1
.mnoova.com/ Name: __cfduid
Value: dabdcd1d73506ef5ee86a23ed2c1aea5a1598271260

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8672336.mnoova.com
assets.hcaptcha.com
bit.ly
cdnjs.cloudflare.com
fonts.googleapis.com
hcaptcha.com
news.elfunny.com
www.hs8iitrk.com
104.18.26.20
2606:4700:3032::681b:a1b4
2606:4700::6811:4f6b
2a00:1450:4001:81d::200a
31.6.70.117
34.102.211.173
67.199.248.11
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0183b07493705e138959e7d8b47a25ea435551ae60a3e3e8e998bc8fa44043fc
166a7b3c45b7332d6410ebb438b8c320eb46090cd8b71b876ba37c669f5e7163
19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
3da1816fd59041885134ecb9958aa9a9daa66eeb60123884f0074f5940175a6c
5f3c6b5f6c789fd4fa3201bc73b0a718c3bc3fb9bd2515ed890c90598143ecb1
87bb295d46846fe7d408bd3c4227d2a462fc9a8b1ffe82bfecb727f4607e4f80
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
c34418be12eb16bfbec0beff552b34cb3f5de0c1fca220437ee1fd0c70ef1e39
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
d23b3fb70919ee3c7f42c2a161dea8d1978c9cee5d398034b3ff8293826792bb
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
d780b74f88f99f290244af6578b83d6883d2e0f82f7114bdf654b9f0602fd2a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff5b724501640c081ba873f3d27b9f547b62ce5a4ef5d594ff630f00ba1eea7e