urlscan.io logo urlscan.io
SecurityTrails logo

www.lvjili.vip Open in urlscan Pro
2606:4700:3035::6815:3b04  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thekirbyvillebanner.com/
Effective URL: https://www.lvjili.vip/?affiliateCode=amu888
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3035::6815:3b04, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lvjili.vip.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.
This is the only time www.lvjili.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 38.12.196.135 398823 (PEG-LA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
11 2606:4700:303... 13335 (CLOUDFLAR...)
34 5
Apex Domain
Subdomains		 Transfer
17 thekirbyvillebanner.com
thekirbyvillebanner.com
389 KB
11 lvjili.vip
www.lvjili.vip
1 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
261 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
0 baidu.com Failed
ziyuan.baidu.com Failed
34 5
Domain Requested by
17 thekirbyvillebanner.com thekirbyvillebanner.com
11 www.lvjili.vip thekirbyvillebanner.com
www.lvjili.vip
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com thekirbyvillebanner.com
0 ziyuan.baidu.com Failed thekirbyvillebanner.com
34 5

This site contains no links.

Subject Issuer Validity Valid
pinoycasinos.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
lvjili.vip
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.lvjili.vip/?affiliateCode=amu888
Frame ID: 511188FAF9FBA08EC7DC93596179A780
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thekirbyvillebanner.com/ Page URL
  2. https://www.lvjili.vip/?affiliateCode=amu888 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

34
Requests

88 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1832 kB
Transfer

5282 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thekirbyvillebanner.com/ Page URL
  2. https://www.lvjili.vip/?affiliateCode=amu888 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thekirbyvillebanner.com/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
18f2605fb6fe806956aac1d9400236a7de1997140e8265102d7b3aee3814e939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 11:45:35 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
mip.css
thekirbyvillebanner.com/template/news/baike002/th-skin/css/ 		25 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/mip.css
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
b726cbbed9fe153fbda444c8bc66adb75005fa41a7a539ddc76c1f924a4676aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:28 GMT
server
nginx
etag
W/"64c74550-6356"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
auto-style.css
thekirbyvillebanner.com/template/news/baike002/th-skin/css/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/auto-style.css
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
08592b470b3735d3607dd6e849ab4e073c373a1d2b6c6386d65e9669e4bdfb84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:29 GMT
server
nginx
etag
W/"64c74551-898e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
style.css
thekirbyvillebanner.com/template/news/baike002/th-skin/css/ 		69 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/style.css
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
fb757e1444c82037172486526f86f72dec3b64c507b7d452047f040334afb98c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:30 GMT
server
nginx
etag
W/"64c74552-11248"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RMJLJXXVX4
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36e189e3fb83edc574e600100347cef6e3512be2b5aac60dd7e94046a7c72c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102346
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 11:45:38 GMT
mip.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
f1e140852178cf53cd0e8d9840c791e91c08d7a2ef90c2905d6b70c6e6155c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:30 GMT
server
nginx
etag
W/"64c74552-439c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-linksubmit.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-linksubmit.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
3f82acd4d4d1dc3e48bafe0007c6639a4c844451d306ec896134c65386a97143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:30 GMT
server
nginx
etag
W/"64c74552-20b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-stats-baidu.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-stats-baidu.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
9abe08f22aed0d7fa4cdf37960267ff2d3a28f34f8ed3f904181fbc929df9a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:30 GMT
server
nginx
etag
W/"64c74552-4626"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-gototop.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-gototop.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
19dc43f98e7cc852c3c9f1004eb8d9b5e893ee6fcf6ca01b06b791c25217f615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
W/"64c74553-280c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-fixed.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-fixed.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
a32959ee7582552e120689df447557f2f7e647261eb06af99102db0952280576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 06:01:00 GMT
server
nginx
etag
W/"64cc941c-4d82"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-share.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-share.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
a870cf247a4082e710a51921d9a39e5b7be5ed16e16bfe69d45a072e04626507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 05:31:04 GMT
server
nginx
etag
W/"64cc8d18-9730"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-form.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-form.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
ae1ba67c149239a12359c73899c8f268e5175fc3e15d73bd1a0ddcddc5c1482a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:30 GMT
server
nginx
etag
W/"64c74552-5691"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:37 GMT
mip-sidebar.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-sidebar.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
3870bdb9ff8089471911760bd2459d33045fdefaed96ccf4080a54e8ccd67678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
W/"64c74553-1a12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:38 GMT
mip-vd-tabs.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-vd-tabs.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
9a202b0a6a640dc6534c1c81cf8191456024f9d6fd3684bd133ef2f7dc939cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
W/"64c74553-5a47"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:38 GMT
mip-lightbox.js
thekirbyvillebanner.com/template/news/baike002/th-skin/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/js/mip-lightbox.js
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
abe23ab837cc21bf4cd3591bf101f10772d7a50f3e1ff8bf9ffa5c8066dc23ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
W/"64c74553-3007"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 16 May 2024 23:45:38 GMT
image.gif
ziyuan.baidu.com/ 		0
0
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RMJLJXXVX4&gtm=45je45f0v9184314284za200&_p=1715859938608&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=473084821.1715859939&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715859938&sct=1&seg=0&dl=https%3A%2F%2Fthekirbyvillebanner.com%2F&dt=Philippine%20Online%20Casino%20%7C%20Online%20Casino%20Tips%20for%20Beginners%20in%20the%20Philippines&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4241
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMJLJXXVX4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 11:45:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thekirbyvillebanner.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
se.png
thekirbyvillebanner.com/template/news/baike002/th-skin/images/ 		465 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/images/se.png
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
e1ad7af620f254c02bea030bb0243d255e9b4b6714af7d7af06efc9305efd001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
"64c74553-1d1"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
465
expires
Sat, 15 Jun 2024 11:45:38 GMT
banner.jpg
thekirbyvillebanner.com/template/news/baike002/th-skin/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thekirbyvillebanner.com/template/news/baike002/th-skin/images/banner.jpg
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
85c9cd243f237de96a0b0359ab1cec9eabc15a46b7b444eb848507745d0995db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/template/news/baike002/th-skin/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:23:31 GMT
server
nginx
etag
W/"64c74553-13498"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
expires
Sat, 15 Jun 2024 11:45:38 GMT
favicon.ico
thekirbyvillebanner.com/ 		111 KB
111 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thekirbyvillebanner.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.12.196.135 San Jose, United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
8edbfd6a380d4476bcd4b53a63a04c4b3ff47875772fc2f9a4912f67b9ba2bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thekirbyvillebanner.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:39 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 11 May 2024 09:05:48 GMT
server
nginx
etag
"663f34ec-1bb55"
content-type
image/x-icon
accept-ranges
bytes
content-length
113493
Primary Request /
www.lvjili.vip/ 		753 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/?affiliateCode=amu888
Requested by
Host: thekirbyvillebanner.com
URL: https://thekirbyvillebanner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8705a4596b7404e9a77e9a88acdee41f45680c99b27c82622b0e2984bdd9ad70
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thekirbyvillebanner.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
884b1f763a3d1cb5-FRA
content-encoding
br
content-type
text/html
date
Thu, 16 May 2024 11:45:41 GMT
etag
W/"6645bd38-2f1"
last-modified
Thu, 16 May 2024 08:00:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0GH9olGchMTItlyekkFmNWG8nOGDYLXj937A8cYT7sA2EfNxhFGkwsUi3buE9MSgw404EQ4yMFltcv92XI9lCZONLbTK6K%2B5YOM4N5rZjKRsbYVZSUMPc92R0GlOBsJqHN5NKVzy5CmhOP0vg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
aboutMerchant.js
www.lvjili.vip/res/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/aboutMerchant.js?v=3326
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1ce24e57024928ad907da5b122913a7e83d92002d4df8f0cc5743fb6e3bfd5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
11218
tl-standard-proxy-cache-tier2
HIT
last-modified
Thu, 16 May 2024 08:00:55 GMT
server
cloudflare
etag
W/"6645bd37-ef0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8j3lRXgQdIiCVpfL6J6Di3e%2FxNXkJxFzWiQx88U8ChC%2BrcjDcI0qtLv2nbnSLjlV5B4OJCcUzti9M26WcObnFQVSQ30mhbv1PS%2F6unCFzmWySBem3A14cHRI%2Bsgtf8uXyR2o9ndM%2FHeJ57ugEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd901cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 08:38:43 GMT
encrypt.js
www.lvjili.vip/res/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/encrypt.js?v=3326
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cfbf7ede89c72dc1fbde76f6c497792359868de3065242ffefdb5ab5232a4dd
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
tl-standard-proxy-cache-tier2
HIT
last-modified
Thu, 16 May 2024 08:00:56 GMT
server
cloudflare
etag
W/"6645bd38-e9dd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKkPLHLW5ALO4kNqIReVzqy7yagD30NXLM9qCrk9WkonlzOBPEuWOUhYH4D6X9NjejIp9gIShhIL8WuO5enrf3DAE5qqYOPMnSq5JdvDuG%2BQCxBo4a2tOjnWgKJdyLPse%2Bz0U%2FKjIjbc2Lsiew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd951cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 11:45:41 GMT
vendor.93336011e3f5c430bd82.css
www.lvjili.vip/res/css/ 		173 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/css/vendor.93336011e3f5c430bd82.css
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb61e28702d6e9747a99b83be586923e46369135f65cda26a5f463532e534fe5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
tl-standard-proxy-cache-tier2
HIT
last-modified
Thu, 16 May 2024 08:00:55 GMT
server
cloudflare
etag
W/"6645bd37-2b57e"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
text/css
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcZhyPD4737qfd0i4cdV3lL4oOSweHgsfHFYX%2BlAT%2BIKtJgR9UbIiqw4xOc41EuiWmkDR9h0KPAkFM379%2BAtOGn2YAF3RRquQH1frTf51boSBFs2f4m5mGhdna4WPG3Kt0kGiboVCYnBU8OXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd8b1cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 11:45:41 GMT
app.e6e9b73170ecb2d49124.css
www.lvjili.vip/res/css/ 		200 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/css/app.e6e9b73170ecb2d49124.css
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cdb8d06afebf4b84db38978136fe10fa0e21ad48faec06d080a791df695401
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
tl-standard-proxy-cache-tier2
MISS
last-modified
Thu, 16 May 2024 08:00:55 GMT
server
cloudflare
etag
W/"6645bd37-32029"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
text/css
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqWyWMgxEbvWllwKyX0PN15ghb64%2BeGycp6cEBW8aCr3zr3Cmf9V9IGsO0PrJMojabet%2FAeZdQXipHm6a6OuEpeASAZ7LCnKyCM6X4eAfXpSk5h61vz181QwJk1IXnDiZ6akwJQFQ0l3QS1aBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd8d1cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 11:45:41 GMT
vendor.2.0a1e00e.js
www.lvjili.vip/res/js/ 		2 MB
588 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/js/vendor.2.0a1e00e.js
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd860fb051cdc4766d21b375439707b88be87b16458b095495c1418e2556f213
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
tl-standard-proxy-cache-tier2
MISS
last-modified
Thu, 16 May 2024 08:00:56 GMT
server
cloudflare
etag
W/"6645bd38-1d8593"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pixfAsJN8G%2BSviQ1NKx0v47YprFYS9ktsndQitfoU8CtX8CyxHC4fQ48Jdp6cZwt4X%2FoUviwwpgX42xMgavAMQAe6g8z2niYG8GyW%2B4iMPkx26EH3UwJgmgLu96a3Ld%2B0bfKmSw3cQBVrsXTlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd981cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 11:45:41 GMT
app.f3936d1.js
www.lvjili.vip/res/js/ 		2 MB
538 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/res/js/app.f3936d1.js
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/?affiliateCode=amu888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b160e9db8fe71106a51617c47dde5fea8dc6e8b98bcc98813e8a905c7c5166c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
21802
tl-standard-proxy-cache-tier2
HIT
last-modified
Thu, 16 May 2024 03:34:13 GMT
server
cloudflare
etag
W/"66457eb5-1a8e3b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FCwUjIQeJAMYxFrPsGm5FgxRsyQH3Z9FUFKTce3M4cX%2BPrcs%2FdOY%2BY%2Fl5lOmo5uACR%2FPSu%2FMj9qKc89t22YuIyL2q6euv4pJvl8%2Biy88yaqdI3%2BaZNMNmilPvsrGjyToV5CB1hAOduygs6hYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
access-control-allow-credentials
true, true
x-frame-options
SAMEORIGIN
cf-ray
884b1f78fd991cb5-FRA
access-control-allow-headers
Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,device,encryption,os,x-gateway-version,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 May 2024 05:42:19 GMT
lib.js
www.lvjili.vip/common/v.1.0.1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/res/js/vendor.2.0a1e00e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb1199df40b1e1404ec54a7f2b5f1aed2b20aa0a3048bdfee4e23457959fb43
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
56856
tl-standard-proxy-cache-tier2
MISS
last-modified
Tue, 09 Jan 2024 10:26:57 GMT
server
cloudflare
etag
W/"659d1f71-18e1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w60hXFqwmsScCdNt%2FNSK1DEA8gUBCzWUPb0IVK607LUSL1e4sIFXMJBu3pZoZ2y493LR7CfG8oJH%2BB6DA1NrgWPqNuCsHea7x8laD4UgkicAhjUboUyiJ1dmciESvbUvKMbEUV4L1Ys7PkFwZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
884b1f81794e1cb5-FRA
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 16 May 2024 19:58:06 GMT
index.js
www.lvjili.vip/common/promo-ui/ 		875 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/common/promo-ui/index.js?_=1715859942619
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/res/js/vendor.2.0a1e00e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ce4f03f2a8966b1fe3e24b8c92fc4a5dac4af3282c2f086654d59e43a499ca
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Wed, 15 May 2024 03:25:29 GMT
server
cloudflare
etag
W/"66442b29-36b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIUYtjWMbEMDoUqMmW1BsO%2FI3LJLORWaldzJLKiU%2BDb7ee3Y%2F17Gd3%2Fyc0m9bmXSjdUL2%2BaFKMIFmjZkx13nupH2iHHmOdXJkHnrj%2FvYeCz8KAGZVQ%2BxzLBhT2yP9vgTDpCOCKoknFUe%2B5DWdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
vary
Accept-Encoding
cf-ray
884b1f8179501cb5-FRA
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 16 May 2024 19:45:42 GMT
templates
www.lvjili.vip/wps/system/ 		1 KB
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/wps/system/templates?device=WEB&url=www.lvjili.vip&domain=lvjili
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/res/js/vendor.2.0a1e00e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
864883bb788b05f72c53b6541dc8ae2c1e124f0d251bded221fb6bc749897700
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-Gateway-Version
3
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Language
PT
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Merchant
null
Accept
application/json, text/plain, */*
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Device
web
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:42 GMT
x-module-id
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
vuw3b2d339
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJXZSE2kJtcm7trKp9AQs%2BuHZbTEEZKgEaGWiPLJFS0x5k00jB1hkoMC5sXY6a5Rn0yGuZ8givPvoK9%2FXNduH0H0aaCThYsZcg3LVEmTagLP8wbPL6yW3%2Foj05MkHvcuwvgyPyFSpVA5fDWO5w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
884b1f8189511cb5-FRA
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
1
manifest.json
www.lvjili.vip/common/v.1.0.1/manifest/ 		0
0
status
www.lvjili.vip/wps/system/ 		0
0
main.aCvMz4ae.css
www.lvjili.vip/common/promo-ui/assets/resource/ 		170 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lvjili.vip/common/promo-ui/assets/resource/main.aCvMz4ae.css
Requested by
Host: www.lvjili.vip
URL: https://www.lvjili.vip/common/promo-ui/index.js?_=1715859942619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3b04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e90ce15d59c0ca971961a2031d3b011e51f479939877dec905ebd5c77caa3ec
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lvjili.vip/?affiliateCode=amu888
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
56855
tl-standard-proxy-cache-tier2
MISS
last-modified
Wed, 15 May 2024 03:25:28 GMT
server
cloudflare
etag
W/"66442b28-2a8fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type
text/css
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYem%2BIHJTYTwYIUngUC%2BK6QB1T6kJJtYo6Qte7zRbQi4LhSoHbtoyT%2BSsfX2g9u%2F%2BBa95%2Fmpi3ZfWn%2Bh0ygcKhP6BK5F3sFIFsu1QVGcLvBbwuzaNmLT6ZeTZk%2F5Vnb4q0jAzW4FhDxuft2fDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
884b1f831b701cb5-FRA
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 16 May 2024 19:58:07 GMT
main.a7YKGWXH.js
www.lvjili.vip/common/promo-ui/assets/entry/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ziyuan.baidu.com
URL
https://ziyuan.baidu.com/image.gif
Domain
www.lvjili.vip
URL
https://www.lvjili.vip/common/v.1.0.1/manifest/manifest.json?_1715859942677
Domain
www.lvjili.vip
URL
https://www.lvjili.vip/wps/system/status?url=www.lvjili.vip
Domain
www.lvjili.vip
URL
https://www.lvjili.vip/common/promo-ui/assets/entry/main.a7YKGWXH.js

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| checkDevice object| CryptoJS function| RSAKeyPair function| twoDigit function| encryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| rndString string| publicRsa function| getSend function| processResponse function| createXMLHttpRequest string| message boolean| success function| getPulicRsa function| rsaEncrypt function| rsaEncryptV2 function| desDecrypt function| reRsa function| reRsaV2 object| webpackJsonp function| _ function| detectIncognito function| initBotion number| _checkRecaptchaTimer object| __SVG_SPRITE__ object| core boolean| _IM_DEBUG object| brLang object| $i18n object| cover object| shellAPI number| brand object| tcg function| propertyIsEnumerable

3 Cookies

Domain/Path Name / Value
.thekirbyvillebanner.com/ Name: _ga
Value: GA1.1.473084821.1715859939
.baidu.com/ Name: BAIDUID_BFESS
Value: 78933A8BF95AF155FECA530FBD5B80AB:FG=1
.thekirbyvillebanner.com/ Name: _ga_RMJLJXXVX4
Value: GS1.1.1715859938.1.0.1715859941.0.0.0

1 Console Messages

Source Level URL
Text
other warning URL: https://thekirbyvillebanner.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.google-analytics.com
thekirbyvillebanner.com
www.googletagmanager.com
www.lvjili.vip
ziyuan.baidu.com
www.lvjili.vip
ziyuan.baidu.com
2001:4860:4802:32::36
2606:4700:3035::6815:3b04
2a00:1450:4001:80f::2008
38.12.196.135
08592b470b3735d3607dd6e849ab4e073c373a1d2b6c6386d65e9669e4bdfb84
18f2605fb6fe806956aac1d9400236a7de1997140e8265102d7b3aee3814e939
19dc43f98e7cc852c3c9f1004eb8d9b5e893ee6fcf6ca01b06b791c25217f615
2b160e9db8fe71106a51617c47dde5fea8dc6e8b98bcc98813e8a905c7c5166c
36e189e3fb83edc574e600100347cef6e3512be2b5aac60dd7e94046a7c72c8f
3870bdb9ff8089471911760bd2459d33045fdefaed96ccf4080a54e8ccd67678
3e90ce15d59c0ca971961a2031d3b011e51f479939877dec905ebd5c77caa3ec
3f82acd4d4d1dc3e48bafe0007c6639a4c844451d306ec896134c65386a97143
58ce4f03f2a8966b1fe3e24b8c92fc4a5dac4af3282c2f086654d59e43a499ca
7cfbf7ede89c72dc1fbde76f6c497792359868de3065242ffefdb5ab5232a4dd
85c9cd243f237de96a0b0359ab1cec9eabc15a46b7b444eb848507745d0995db
864883bb788b05f72c53b6541dc8ae2c1e124f0d251bded221fb6bc749897700
8705a4596b7404e9a77e9a88acdee41f45680c99b27c82622b0e2984bdd9ad70
8edbfd6a380d4476bcd4b53a63a04c4b3ff47875772fc2f9a4912f67b9ba2bcf
9a202b0a6a640dc6534c1c81cf8191456024f9d6fd3684bd133ef2f7dc939cac
9abe08f22aed0d7fa4cdf37960267ff2d3a28f34f8ed3f904181fbc929df9a9d
a32959ee7582552e120689df447557f2f7e647261eb06af99102db0952280576
a870cf247a4082e710a51921d9a39e5b7be5ed16e16bfe69d45a072e04626507
abe23ab837cc21bf4cd3591bf101f10772d7a50f3e1ff8bf9ffa5c8066dc23ab
adb1199df40b1e1404ec54a7f2b5f1aed2b20aa0a3048bdfee4e23457959fb43
ae1ba67c149239a12359c73899c8f268e5175fc3e15d73bd1a0ddcddc5c1482a
af1ce24e57024928ad907da5b122913a7e83d92002d4df8f0cc5743fb6e3bfd5
b3cdb8d06afebf4b84db38978136fe10fa0e21ad48faec06d080a791df695401
b726cbbed9fe153fbda444c8bc66adb75005fa41a7a539ddc76c1f924a4676aa
bb61e28702d6e9747a99b83be586923e46369135f65cda26a5f463532e534fe5
dd860fb051cdc4766d21b375439707b88be87b16458b095495c1418e2556f213
e1ad7af620f254c02bea030bb0243d255e9b4b6714af7d7af06efc9305efd001
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e140852178cf53cd0e8d9840c791e91c08d7a2ef90c2905d6b70c6e6155c70
fb757e1444c82037172486526f86f72dec3b64c507b7d452047f040334afb98c