urlscan.io logo urlscan.io
SecurityTrails logo

loritta.website Open in urlscan Pro
2606:4700:20::ac43:47e9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://loritta.website/daily
Effective URL: https://loritta.website/br/daily
Submission Tags: falconsandbox
Submission: On July 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 17 domains to perform 46 HTTP transactions. The main IP is 2606:4700:20::ac43:47e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is loritta.website. The Cisco Umbrella rank of the primary domain is 541563.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time loritta.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 3.129.250.65 16509 (AMAZON-02)
3 3 3.73.7.113 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
2 35.156.206.18 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2.16.186.17 20940 (AKAMAI-ASN1)
46 17
18    2606:4700:20::ac43:47e9 (United States)

ASN13335 (CLOUDFLARENET, US)
loritta.website
4    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:3033::6815:3d17 (United States)

ASN13335 (CLOUDFLARENET, US)
web-analytics.perfectdreams.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6812:24e (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.nitropay.com
4    2606:4700:3035::ac43:a643 (United States)

ASN13335 (CLOUDFLARENET, US)
consent.nit.ro
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    3.73.7.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-7-113.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    35.156.206.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-206-18.eu-central-1.compute.amazonaws.com
a.vidoomy.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
Apex Domain
Subdomains		 Transfer
18 loritta.website
loritta.website — Cisco Umbrella Rank: 541563
2 MB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
236 KB
4 nit.ro
consent.nit.ro — Cisco Umbrella Rank: 238840
57 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 947
174 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 19267
a.vidoomy.com — Cisco Umbrella Rank: 9174
4 KB
3 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 41642
tracker.nitropay.com — Cisco Umbrella Rank: 40426
155 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
541 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2101
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 perfectdreams.net
web-analytics.perfectdreams.net
2 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 633
599 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
41 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
56 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1002 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311
5 KB
46 17
Domain Requested by
18 loritta.website 1 redirects loritta.website
static.cloudflareinsights.com
4 consent.nit.ro s.nitropay.com
4 fonts.gstatic.com loritta.website
4 use.fontawesome.com loritta.website
use.fontawesome.com
3 x.bidswitch.net 3 redirects
2 ups.analytics.yahoo.com 2 redirects
2 a.vidoomy.com
2 ads.betweendigital.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 web-analytics.perfectdreams.net loritta.website
web-analytics.perfectdreams.net
2 s.nitropay.com loritta.website
s.nitropay.com
1 ads.stickyadstv.com
1 ads.vidoomy.com s.nitropay.com
1 tracker.nitropay.com s.nitropay.com
1 www.gstatic.com www.google.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagmanager.com loritta.website
1 pagead2.googlesyndication.com loritta.website
1 www.google.com loritta.website
1 static.cloudflareinsights.com loritta.website
46 20
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.nit.ro
E1		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://loritta.website/br/daily
Frame ID: 713EC51CEE43E568E20C52B40EF82BC3
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/zrt_lookup.html
Frame ID: 64BA2FF08B62CC12E357A5F46A17A51E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daily • Loritta

Page URL History Show full URLs

  1. https://loritta.website/daily HTTP 302
    https://loritta.website/br/daily Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

96 %
HTTPS

70 %
IPv6

17
Domains

20
Subdomains

17
IPs

3
Countries

2841 kB
Transfer

7057 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://loritta.website/daily HTTP 302
    https://loritta.website/br/daily Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=21566950.490563341152341630.2065721 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=21566950.490563341152341630.2065721 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ee178744-1673-52d1-a3c9-5878c1288740&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=06002fee-6f68-4a98-9b72-aba393bde4e4
Request Chain 43
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.GvEpYBE2uEcLHVRriAFLCS.jSyXBfyZ5PkfrJg-~A

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request daily
loritta.website/br/
Redirect Chain
  • https://loritta.website/daily
  • https://loritta.website/br/daily
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loritta.website/br/daily
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f64947e54cb87c288bdd94f6eae1b1dc42f0a36437173a0c3ff487629dc4545

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7319aaa68a0a9b7a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Jul 2022 00:58:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr6hFizOc%2F0Zpmby0TCxCFWK9YMu8IDl2hLSH8IW7nFv%2FIpNO8MxzSmJnP0mVSeyWdc3rKuL3BeS2QvOdOaMbjdvMgqOjbYfVHvrYZwK9YRC9HQNnPLdHKWqOICEKdp46tI6UD3JgM5n82uZXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7319aaa408539b7a-FRA
content-length
0
date
Thu, 28 Jul 2022 00:58:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/br/daily
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqkFQy%2Fhy2DfNAlfZBoXPVDG5iDkYh11AIOvVA6y9VSR%2BHkgqrE%2Fq4OXXxeBY2IPvH8%2Btpf4XygBw5RCyk5p0%2B82hAi2W1XHXyB7MbPa8P6wLZ5im3K3%2ByNuvVI%2Bu4dyVQlTpghRX%2FdBzyZpzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
loritta.website/v2/assets/css/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d44a25f98c3c2cdda01478614705c5990308f13fcb8ede03beb9c11eecf115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mwD5vYl1FgMc6ILxF8E4poVb3f0CoYCqiC1tMfomlgonmKHC8Gl41JIeZPZY%2BcU0%2F7eo0XMyaapKc%2F05VJ4rn%2BPsvC7HNMRYTRshQvN8%2BWqmpth6Mg8Q%2BgazE18TZlr90o0vXOro9yh73ijvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7319aaa76f43bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15860666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KD3S69K00WS3TN0T
x-amz-id-2
0SB5gzFkR6WY9BVyCR2g+6g+Rx5VBnFJJnCeM/RfaseX1wlQOx2LxVi2/RQv6fagaQpGQhtBCqQ=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X41RJU3xdnEHyc8xvZPIa0JA0RzwivRGrQXsTsy2j%2FlxoEl8sADy8qM5e8DTRhbjYkexm6XdBXm%2BV90LAlEXC2iabh2iz2tgrIv0wuDB%2FFhSmudThAD2X%2B3TvOZ%2F%2BEIXg9Q24WOp%2FThG5hvtZQswDNb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7319aaa7ea3a9247-FRA
loritta_loading.png
loritta.website/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/loritta_loading.png
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bf697a3f05de49e32e91287535a875b559b3e7e19f9a88892d4eb9d022c0bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:29 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caSI%2FasgNYFQC3ean%2BPhK6yoQAG998Q9UStaiLKl1mmhW%2Fr2TBlKuIcqgJ4wRQUnlvWs9Vrm8m7IFmdWR04ViFMYKMVFosOcadwWeVa0FFgmjck1gXE81xdCYXWx%2BQIiLOTmYREqfA%2FysI%2B7xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa78f56bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6385
sparklypower_pc.webp
loritta.website/assets/img/sponsors/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/sponsors/sparklypower_pc.webp?v2
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d6013c4cdb997d25a5c8d8c5eada22b11d5787495cd08be7d27241b83244d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jul 2022 12:31:43 GMT
server
cloudflare
age
304005
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58ZjF040KBI07Z6yd0bd7FRjnyT09YdUNZ0w2TbjxnysHAcBrkZyzMtQlS3bntIHs2GJzb0RLhIEarsUrMSE5HQklH3kteRX6gELbWQWtDRLTWQMn84TKoxUlZ%2BR7B70CxGXiqm%2FFwIkRRDTog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa78f57bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1090296
present_side.png
loritta.website/assets/img/daily/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/daily/present_side.png
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6afebe0864577122ed0d5fd153ebc3db71a3afccc4ec8b7b815279917fb662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94092
cf-polished
origFmt=png, origSize=6755
content-disposition
inline; filename="present_side.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5198
last-modified
Tue, 26 Jul 2022 22:50:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5SldIV8mt8rAMoJDHYxbKjAi6gxWaCGNMEO6a3DCab5%2BMS2ixT0w2GhOLoV4Rechd%2F43KCedl50AVqN42143dXbK5pvcoi9in579JJhPvTiaok5tiURXvplQLAv56hy7cv6zLMrIlh3E95LHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7319aaa78f58bb77-FRA
cf-bgj
imgq:85,h2pri
present_top.png
loritta.website/assets/img/daily/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/daily/present_top.png
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deeb4c7c548cd720902227a49ea62ae53b6826e911b31d2ee1c3d837c25f7ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:29 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAoWJUiRLNoEwy97Mkmu9BKcWZkolVv%2Bey5DvK8yP58D0GDKpJUwBBMEwZPZ%2BgrAbMBDNO5Tk2vQoOMD9YeRYBcSIu10Fqh2B0syZ23fefUnPzzVE9puMQggRKUs30mPOtmvqYQzwEQjfJlk4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa78f59bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4120
present_lace.png
loritta.website/assets/img/daily/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/daily/present_lace.png
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e68201db4d52d793e06ca5d7d463564967017ee73bad945047463dca141ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:29 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52kEnsQk9XJNMdF3pJe20cA79y98Xa7T%2Bg%2BXT%2B7xzJANiKXjV8XHoNRe2PMGsxLXsGOOr632iioUmrVCMGxcKFKFGq4atCAVLo787g9ruhahhut08wXDWPUcxfZYl6pUUyXNdW6o764W05JyGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa78f5abb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10817
loritta_money_discord.png
loritta.website/assets/img/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/assets/img/loritta_money_discord.png
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ec76bd35092b8ad3525b6bf5d815295849bb316afa53d823f8c5a9ec807eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jX3dzg%2BuPMFpG5X%2BqUT1FjcLTYxV2IwqAMionvCXBL2dlZeKckUj5AYiXkp0IeF10WEbs2X1nPRGQgJX73IX%2FcR5zl04zuxYiWzKk5MsE6MK2nI3tN8Nhd3rSIoinJ1gbu6HkB6Zra0FE%2FsYiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa78f5bbb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
154438
rocket-loader.min.js
loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Jul 2022 16:05:12 GMT
server
cloudflare
etag
W/"62dacab8-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI86lCNmQvr6UKeywzjpTNyAOhKHGmzQnW4tT6oK36Au%2FFHSxk2aN7Rrg69%2FB%2BG8iSP6DkFYq1g1BNTNKjwotpXoITwTJi1vv%2BA8%2FynY0%2BNepq3Wh5K%2FJ1EUd5g9KxevcuSO5KA9B3tbDQYZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7319aaa78f5cbb77-FRA
vary
Accept-Encoding
expires
Sat, 30 Jul 2022 00:58:28 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: loritta.website
URL: https://loritta.website/br/daily
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7319aaa7fa3f693a-FRA
ads-595.js
s.nitropay.com/ 		376 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-595.js
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eaf4149abc9c88e727649f305c0adab6e7be75899a98d8e1f3817c3cfeeda40
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-goog-reserved-file-mtime
1658333859
x-guploader-uploadid
ADPycdsPwD6DVq1qv-q6gSHcYLIJJ0wdOPiWf9acwABLVo6O932fMOLrOxq-1oRemxqCp8aGRJUHuNoXVS0X5fvg_1TTJ4HKX4Hn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 22:03:29 GMT
server
cloudflare
etag
W/"31c0901bc6537082a75d8306eac15470:1658959409000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=O6ED2g==, md5=McCQG8ZTcIKnXYMG6sFUcA==
x-goog-generation
1658334863095672
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
383001
cf-ray
7319aaa85f09906d-FRA
expires
Thu, 28 Jul 2022 12:58:28 GMT
api.js
www.google.com/recaptcha/ 		924 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=onGoogleRecaptchaLoadCallback
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d713f09055d486163e5ab54588636bc42ebc24376a05a948c96fbbcdbd73f7b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 00:58:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ceb56cc2379689f3742214b302c32328e19c6a4adfc521e1ce3ba193f412061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56689
x-xss-protection
0
server
cafe
etag
10451122497766861458
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Jul 2022 00:58:28 GMT
app.js
loritta.website/v2/assets/js/ 		3 MB
687 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loritta.website/v2/assets/js/app.js?hash=50a02276fca46eb6663d6f53169e35fb
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c034d57a73ff7f8c1ea284290478fcfa57c555db9913b130c4cd8103fb7f955e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155396
cf-polished
origSize=3529206
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Jul 2022 05:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfUOj%2F5hkQI4V3A3Mo2p5gRmEphusWyavFN%2BtA0jvm8Y4m9ZxrkdaWDKSI%2BTTQkKogaiNLF5aYs6oxcjzz8KFfN8pZtA5Vze6m4Y%2F8HzkqKlZVb3oGwvh9l0%2Fj2V0DtS91UtMdjxpg8N7RG2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7319aaa7cf87bb77-FRA
cf-bgj
minify
adsbygoogle.js
loritta.website/v2/ 		21 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loritta.website/v2/adsbygoogle.js
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/br/daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QFyYCdOSCPTiZropn1Jl%2FtIz2RiorlUOzM3R1XPKyfH3BU2l9jBulrjoxFVERSU7Oka8SfWvdsDw%2FMJp42QSM7mDdppWfbQpXEAt%2FiS6N507607nX2kdrFQUY5m839KLX6la%2BpbhZaT%2FPLeXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7319aaa7cf88bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
plausible.js
web-analytics.perfectdreams.net/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-analytics.perfectdreams.net/js/plausible.js
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 11:14:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqtDgKgUBujZobeGK%2Fp3UD4C9GrBQetQL5B7a6lKLhodI4NS6VIyz7LRHZw88juU55mZ3ZDh5bMDqMcCgdXbFA7ZSDjHMqN%2FQFHl8q2qX1ug3SzadXTLSsIKoBd%2BzQA5hIzR9TDLJqcfk%2Fy89l3fZuAhIDOwW9AfKDOp9ynU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
7319aaa88ccb9199-FRA
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-53518408-9
Requested by
Host: loritta.website
URL: https://loritta.website/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a303b14d4846b520bf30ecfcddf144723c40b72d06cc74094778256bf0c3ff81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41626
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 00:58:28 GMT
website_bg.png
loritta.website/v2/assets/img/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/v2/assets/img/website_bg.png
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c7437251cd63540fc9123fe217cb8b5e7185cdab15682f03c2c22f9a66c079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713797
cf-polished
origFmt=png, origSize=110366
content-disposition
inline; filename="website_bg.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58520
last-modified
Tue, 19 Jul 2022 18:41:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABnQhODAZ8t1Mk1ati2bpJFCKxUOrnDiWt%2BiAy4qaSvTWl4LPQ9Z4a%2FhMMKLMhEczOAAZTvfmt4%2FxLGRR%2Fc8t6ZOP76Sh%2B9mf8wpbdwkZc%2FLwQcMwl4if12nAx%2FknFS4xpVaRhiOH8OrTtS00Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7319aab2aec6bb77-FRA
cf-bgj
imgq:85,h2pri
wobby-lines-even-light.svg
loritta.website/v2/assets/img/ 		835 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loritta.website/v2/assets/img/wobby-lines-even-light.svg
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef192830e4f35f56f78dda3379499a564acd02596ab7dc88437586703e8a559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 00:58:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qJCyY%2FJCub1N7CcDg5MAODrGKh0J28EaIJouYwFjwk7smqxx4aoc3Je160j%2Fb7%2FNbOmKUUkU9GFvWKUaFMku4ng%2B1f7zsyx2S%2F5p2UdRObmUFzFZLbYmjh9g8qL6yPglzfggKWCyGM4NBhmgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7319aab2aec7bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v16/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 11:10:55 GMT
x-content-type-options
nosniff
age
136055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 11:10:55 GMT
FwZY7-Qmy14u9lezJ-6H6Mk.woff2
fonts.gstatic.com/s/pacifico/v12/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/pacifico/v12/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee243dd944edf37a4cdba2820691022b71910885954466d205e1639f5eeeac8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:48:46 GMT
x-content-type-options
nosniff
age
58184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30260
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 08:48:46 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
882175
cf-ray
7319aab2fd0f9bc5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74768
x-amz-id-2
MRO8OK9o5GIVu0hI7vCvd8WcmH8HJtDfKwpfbsk0/ZWPFoIAupkRDRY2NmXwIxJ8+Uc9NrNemqc=
last-modified
Wed, 30 Jun 2021 15:46:59 GMT
server
cloudflare
etag
"5e2f92123d241cabecf0b289b9b08d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbRYqGWWv5N%2B3RESGo1%2BX9aVRwNpKvtyB%2FHbYqqq9mabb4BkM7e2kAktXTz9hqf8ofuSe415GZwfa%2BnWKhgHR%2FaS7vNfcv45FtNl05IBKaU9PdhA50oy0puUd5ySzyOE8n1BrsOhrJ%2B2Nm0nsWqmboF8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
2CM0X9VCPD6FGY9R
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b038dfedc262406996d21b97425bf6f36b77c82ab12e23aaf55e7e822bf3a866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 11:11:24 GMT
x-content-type-options
nosniff
age
136026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15248
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:18:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 11:11:24 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4AQ2639F7JP4J4X6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74256
x-amz-id-2
nwYnaP0JiPpNxd79/3bqysP+2hVFvRsjE0NXpw91F53YpBnZxMawD9K9MuNzXSGRjcaT5T6yY3mSF2+ny/yJWQ==
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"418dad87601f9c8abd0e5798c0dc1feb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4YaGciBldW1pK7cvD9rxiPdauYw7KPllRa5LNnS41%2Fj4qWXLwIuR%2Bp4ApzWrT3%2BXzjTHkI9VybbyXrMPcRjUwJcBChz39dku35pZbFwxqOoQg5FaST9H3%2FCiJq4E%2FWGibs3MzvlIkuV6%2F%2BVNhSL%2FEfQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7319aab2fd119bc5-FRA
fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337997
cf-ray
7319aab2fd109bc5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13552
x-amz-id-2
1pepFWsFM+5olSNDBWWrKamZAhQz1R/mCWbfecdjgmTWY43aa5TNYviGors/tXqQLyKS57oUB6E=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"e6257a726a0cf6ec8c6fec22821c055f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j17bVaWLOj7hS%2F%2BUS7k8sUWwl43HyGeFsIWJyFSqsG%2BSiLESFZGOmwhaQQYEkmVOi6HGj2njyXKM68zD%2Fw1cmAVFNcL92%2FRkkCvHlIDDqdkjvUprwm%2FzvMBbosnPSENMXQ0TfWme8LaF0NPHLpOmlLPS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
SNAND6BZ1GX9QJHQ
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v16/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/css/style.css?hash=257d93782dbd767590965955a8ff9528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:45:03 GMT
x-content-type-options
nosniff
age
58407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 08:45:03 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53518408-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6990
date
Wed, 27 Jul 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 28 Jul 2022 01:02:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/ Frame 64BA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 20:03:00 GMT
etag
8616628553774171045
expires
Wed, 10 Aug 2022 20:03:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onGoogleRecaptchaLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loritta.website/
Origin
https://loritta.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 16:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 16:53:21 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1564219978&t=pageview&_s=1&dl=https%3A%2F%2Floritta.website%2Fbr%2Fdaily&ul=en-us&de=UTF-8&dt=Daily%20%E2%80%A2%20Loritta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2069147886&gjid=1888133805&cid=755645805.1658969911&tid=UA-53518408-9&_gid=1426086166.1658969911&_r=1&gtm=2ou7p0&z=210554151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://loritta.website/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 00:58:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://loritta.website
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ncmp-5199404.min.js
s.nitropay.com/ 		216 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ncmp-5199404.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-595.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c8d6ef52c925ed3f0d5a4ca14c9bdc1ee5efc9e50560872ac22a26ba3115d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
384
x-guploader-uploadid
ADPycdvWmZKrrwWGjbUVSrnVxZWDDLb8ticVm1BPPph9rp6MqaG7aIIh4NF3rjNPcyj74FVcrt-af1r4kEtoAh-YhYW7Jw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Jun 2022 15:46:55 GMT
server
cloudflare
etag
W/"47185069ae2d22f6a3cb8d611a0694bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
x-goog-hash
crc32c=encP4g==, md5=RxhQaa4tIvajy41hGgaUvw==
x-goog-generation
1655912815315151
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
221218
cf-ray
7319aab78f439137-FRA
expires
Fri, 28 Jul 2023 00:58:30 GMT
analytics
tracker.nitropay.com/sites/595/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/sites/595/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9sb3JpdHRhLndlYnNpdGUvYnIvZGFpbHkiLCJ2Ijo2MSwiYSI6ZmFsc2V9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7319aab7eddc8fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
event
web-analytics.perfectdreams.net/api/ 		2 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-analytics.perfectdreams.net/api/event
Requested by
Host: web-analytics.perfectdreams.net
URL: https://web-analytics.perfectdreams.net/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://loritta.website/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6kNfpz5%2Bh18XzlacnoV%2FkG8uX0LmyaSNSZ6gQn63nATZigpRGLs2RdgIeuZhDuautNV6Xlyd0Y2EoypaZpdOuj3Fh1H5r%2BkVemhQ7IcxgRHCS19GMLozwO6VrSwVmDcFdTzQ9vcT%2FR4n%2BevJz0CHIKoZD1MH5%2Beb3zVd6f9"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7319aab7a9ce9b8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-request-id
FwXYWEAyYpS_zWcI3rNx
default
loritta.website/api/v1/loritta/locale/ 		248 KB
72 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loritta.website/api/v1/loritta/locale/default
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/js/app.js?hash=50a02276fca46eb6663d6f53169e35fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c845232df83bab4ccbc0aff5b853a4b4c392f78f3e6f6466010a2ab086d207f

Request headers

Accept
*/*
Referer
https://loritta.website/br/daily
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPabMLumcSbdvS9XUwrlkOTYn4cDcO9fA5BvCAPp51ot7OVS5IBImE3IxWhpxo4E6v0ouNsJLdlCDqIJWwxEg2V5w4gWzAy833SVmxjsv8UV3QWcqOiVCng01vYZIb4K%2F77fGnp6jL6WcSzsBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cf-ray
7319aab77953bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
@me
loritta.website/api/v1/users/ 		88 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loritta.website/api/v1/users/@me
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/js/app.js?hash=50a02276fca46eb6663d6f53169e35fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b080ad651f9ac7500aef9e3f0d5593688a527080c529b2d828b3489e91ce985

Request headers

Accept
*/*
Referer
https://loritta.website/br/daily
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Icm3bI5rvdjh4byCFdqE2rXmtHh7f1nV%2Be3qhrG%2FbZNJDd8i%2FYN1wcQYBSOx%2Btr7T7dfReYbuTy8k%2FEyh1aH%2BJINeI%2B8pdtgYYdF4l2E5u3mhy94mZDIbAKfWRzaRml%2BC6T6fBOhA3AuscMCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cf-ray
7319aab77955bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88
rum
loritta.website/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loritta.website/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://loritta.website/br/daily
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

date
Thu, 28 Jul 2022 00:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://loritta.website
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7319aab7795bbb77-FRA
vary
Origin
vendor-list.json
consent.nit.ro/ 		358 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nit.ro/vendor-list.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-5199404.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02bbd4863408b30a84607a06424f745dd36099dc8ab5222a93cf39bfe1602bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=GGcQUA==, md5=JmrtjJyvzdDJ3cd2n49+bg==
date
Thu, 28 Jul 2022 00:58:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143600
x-guploader-uploadid
ADPycdu24wFwSnfHe7uhFUwLysqf6SXG_T-tV_-NTV54SInsxxpdGHLpCRqMmEVmozx62xQVHxcpucMIVW0NMa56wicvqu-SIRHJ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Jul 2022 16:15:03 GMT
server
cloudflare
etag
W/"266aed8c9cafcdd0c9ddc7769f8f7e6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGk4pZirEA1gd0sCgM6v9onCid4f89I87A5qD2%2FdhSU0238okEnfkkYURwdYa9IZlU2FCwCEH1TYd6GFYPv4x3Akuyo2BIfqKMbMsv4YYytNZD3Jfi4VxjXWqvNfx5hkJP5k0088KlHhoPIE3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1658420103322133
access-control-allow-origin
*
content-type
application/json
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
x-goog-stored-content-length
366691
cf-ray
7319aab8ec1992c9-FRA
expires
Tue, 02 Aug 2022 08:59:39 GMT
lang.png
consent.nit.ro/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.nit.ro/lang.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1158
x-guploader-uploadid
ADPycduBdCKH0iCt3sBNKswY3RwFTgczsoqbzh9-I8f9RmX-eCUgQ7UP4P36cBycwNnedVMlgc6ZOQX-b9feotWQr8VWAA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1887
last-modified
Tue, 02 Nov 2021 05:52:01 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbcA4XESH%2FoaTX8mxVvicJkVhJMl2SveecbFquZTCjqxWLXpzS%2B26I36kEih6l3%2BbyI7wp6rScyKLVqNSus52QqalySA0nZcLqikfiCppz51dJ2f77FcrtPdqR%2FycOaB7eFlkUtYQIGoIrTMog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635832321744439
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Type,Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
7319aab9d8a09b63-FRA
expires
Thu, 28 Jul 2022 00:40:15 GMT
cancel.png
consent.nit.ro/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.nit.ro/cancel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31
x-guploader-uploadid
ADPycdsCoDTcec2ElxVB3lbBNrrp9IbH8l8ydKbLhW6wW0J6bsFgQZhnIjujEjXu1Vpx3MwYJ9ms1gPPQWnwJ8Ftt8I2wg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1302
last-modified
Tue, 02 Nov 2021 05:52:06 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Fezz%2FR6iSfh38LiJtrNuGQbZczo5f0PW5X%2BjMkTzWtbwhQWbJsdZ2Iiq%2BOl3pFV3wYW69VhnISjZXdS9VsLA3J6Nl%2FMrUN7ivMfyme5kh5EEn0cBmNsKhu2cM1fgR2PKKEmtRU1BNNRP9LdBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635832326238056
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Type,Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
7319aab9d8a29b63-FRA
expires
Thu, 28 Jul 2022 01:49:49 GMT
logo.png
consent.nit.ro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.nit.ro/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2101
x-guploader-uploadid
ADPycduVV9xX4R5lDDFRvkJAhXrIuZaadC-LbKn19ChJFDSMCjXlZ31vUc73XI3qtvU5-AhjrS9878S-v8J0xl1xXX4rWA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2592
last-modified
Tue, 02 Nov 2021 05:51:53 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X2eqbNyTPSaTDyWjwIYcgOonW5dAgVK4nmCsn8yScXfvGxAP%2F38r1O%2F2ndZ6byR%2BJLCCOl%2FnkIXY5GniAwIlQNWRNRko7lQJzCdgjeZAsS1RaijbW4sHTDalDiM4gf7c1hkyKDuOAwZLgt%2FAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635832313078078
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Type,Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
7319aab9d89f9b63-FRA
expires
Thu, 28 Jul 2022 00:49:47 GMT
lorittawebsite_18569.js
ads.vidoomy.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/lorittawebsite_18569.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-595.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
efd3b5f13565ee264686a7ecdc27c6d52c41d23b9367a91f98a06bcfa33f3dab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 00:58:32 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
2847
daily-reward-status
loritta.website/api/v1/economy/ 		130 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loritta.website/api/v1/economy/daily-reward-status
Requested by
Host: loritta.website
URL: https://loritta.website/v2/assets/js/app.js?hash=50a02276fca46eb6663d6f53169e35fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83c2fbf89242eebe9d2dd9104160f10d750d18cf2cf7e87af298b9251f3043f

Request headers

Accept
*/*
Referer
https://loritta.website/br/daily
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3UBaqkAolI99NAQwCzlTixKqxwgZQlVVkIeJTee6gRO5jVjG4eX%2FcQLvRLvbyoyZS4WH6H9u8SGUKBgPe5FA%2B8xdPpg9YWMsQzXqGkzNtNg9xdzP%2FF0jL9X3SxNJBr2bygyvL0SxRLIWh%2B2jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cf-ray
7319aabcfc91bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=21566950.490563341152341630.2065721
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=21566950.490563341152341630.2065721
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ee178744-1673-52d1-a3c9-5878c1288740&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=06002fee-6f68-4a98-9b72-aba393bde4e4
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=06002fee-6f68-4a98-9b72-aba393bde4e4
Protocol
H2
Server
35.156.206.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-206-18.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:32 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=06002fee-6f68-4a98-9b72-aba393bde4e4
Date
Thu, 28 Jul 2022 00:58:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.GvEpYBE2uEcLHVRriAFLCS.jSyXBfyZ5PkfrJg-~A
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.GvEpYBE2uEcLHVRriAFLCS.jSyXBfyZ5PkfrJg-~A
Protocol
H2
Server
35.156.206.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-206-18.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:58:32 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.GvEpYBE2uEcLHVRriAFLCS.jSyXBfyZ5PkfrJg-~A
date
Thu, 28 Jul 2022 00:58:32 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loritta.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 00:58:32 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1658969911879061-373
Expires
Thu, 28 Jul 2022 00:58:32 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| __cfBeacon function| authenticate function| onGoogleRecaptchaLoadCallback object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| canRunAds function| $ function| jQuery function| CountUp object| showdown object| tingle function| autosize object| toastr function| moment function| JSZip object| coroutineDispatcher object| spicy-morenitta object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| nitroAds function| recaptchaCallback boolean| __cfRLUnblockHandlers object| gaplugins object| gaGlobal object| gaData object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals function| __uspapi object| nitroAdsCustomConsents object| __tcfapi_queue function| __tcfapi function| plausible boolean| spicyMorenittaLoaded object| nitroAdsCMP object| regeneratorRuntime object| np.cmp object| __cmp_queue function| __cmp object| recaptcha function| callPlayers function| __tcfapi_8928924878912

16 Cookies

Domain/Path Name / Value
.nitropay.com/ Name: __cf_bm
Value: mfPeN8Ln77iWxLSuRTVfJjUGf0gOabQiBEXnlkZZCuw-1658969908-0-AVgNX/4BNPt/GcddOTCMEvhzPPzF5zBHLGbkatu2Hvqw17rEZmTMqV5YNWrcyd9jacJCxzJZ5IsVoSohqlv5ams=
.loritta.website/ Name: _ga
Value: GA1.2.755645805.1658969911
.loritta.website/ Name: _gid
Value: GA1.2.1426086166.1658969911
.loritta.website/ Name: _gat_gtag_UA_53518408_9
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBDjf4WICENMcJ6XeiA4OeCJiO--IrBUFEgEBAQEw42LrYgAAAAAA_eMAAA&S=AQAAApJryB-2uVBlx00lS2ebOG8
.analytics.yahoo.com/ Name: IDSYNC
Value: 1982~269c
ads.stickyadstv.com/ Name: UID
Value: a93d493dc48de1f4fc2326d7693b13
ads.stickyadstv.com/ Name: sessionId
Value: ccb820693e42df956c719f4276ea66ea
.bidswitch.net/ Name: tuuid
Value: 06002fee-6f68-4a98-9b72-aba393bde4e4
.bidswitch.net/ Name: c
Value: 1658969912
.bidswitch.net/ Name: tuuid_lu
Value: 1658969912
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: ee178744-1673-52d1-a3c9-5878c1288740
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YuHfOAALkPACWmOy_5h3sCJskmdyLwV4FBCd1A==
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjA2MDAyZmVlLTZmNjgtNGE5OC05YjcyLWFiYTM5M2JkZTRlNCIsImV4cGlyZXMiOjE2NjE1NjE5MTJ9LCJZQUgiOnsidWlkIjoieS0uR3ZFcFlCRTJ1RWNMSFZScmlBRkxDUy5qU3lYQmZ5WjVQa2ZySmctfkEiLCJleHBpcmVzIjoxNjYxNTYxOTEyfX19

2 Console Messages

Source Level URL
Text
network error URL: https://loritta.website/api/v1/users/@me
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://loritta.website/api/v1/economy/daily-reward-status
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
ads.betweendigital.com
ads.stickyadstv.com
ads.vidoomy.com
consent.nit.ro
fonts.gstatic.com
googleads.g.doubleclick.net
loritta.website
pagead2.googlesyndication.com
s.nitropay.com
static.cloudflareinsights.com
tracker.nitropay.com
ups.analytics.yahoo.com
use.fontawesome.com
web-analytics.perfectdreams.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
188.42.196.115
2.16.186.17
2606:4700:20::ac43:47e9
2606:4700:3033::6815:3d17
2606:4700:3033::6815:3f36
2606:4700:3035::ac43:a643
2606:4700:440e::6812:2fe6
2606:4700::6812:24e
2606:4700::6812:34e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
3.126.56.137
3.129.250.65
3.73.7.113
35.156.206.18
00c8d6ef52c925ed3f0d5a4ca14c9bdc1ee5efc9e50560872ac22a26ba3115d0
02bbd4863408b30a84607a06424f745dd36099dc8ab5222a93cf39bfe1602bf0
0c845232df83bab4ccbc0aff5b853a4b4c392f78f3e6f6466010a2ab086d207f
1eaf4149abc9c88e727649f305c0adab6e7be75899a98d8e1f3817c3cfeeda40
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f
4f64947e54cb87c288bdd94f6eae1b1dc42f0a36437173a0c3ff487629dc4545
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8b080ad651f9ac7500aef9e3f0d5593688a527080c529b2d828b3489e91ce985
8ceb56cc2379689f3742214b302c32328e19c6a4adfc521e1ce3ba193f412061
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
94d44a25f98c3c2cdda01478614705c5990308f13fcb8ede03beb9c11eecf115
9f6afebe0864577122ed0d5fd153ebc3db71a3afccc4ec8b7b815279917fb662
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a303b14d4846b520bf30ecfcddf144723c40b72d06cc74094778256bf0c3ff81
a9bf697a3f05de49e32e91287535a875b559b3e7e19f9a88892d4eb9d022c0bd
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
b038dfedc262406996d21b97425bf6f36b77c82ab12e23aaf55e7e822bf3a866
b2d6013c4cdb997d25a5c8d8c5eada22b11d5787495cd08be7d27241b83244d3
c034d57a73ff7f8c1ea284290478fcfa57c555db9913b130c4cd8103fb7f955e
c2ec76bd35092b8ad3525b6bf5d815295849bb316afa53d823f8c5a9ec807eb3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
d713f09055d486163e5ab54588636bc42ebc24376a05a948c96fbbcdbd73f7b9
d83c2fbf89242eebe9d2dd9104160f10d750d18cf2cf7e87af298b9251f3043f
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
deeb4c7c548cd720902227a49ea62ae53b6826e911b31d2ee1c3d837c25f7ea8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c7437251cd63540fc9123fe217cb8b5e7185cdab15682f03c2c22f9a66c079
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ee243dd944edf37a4cdba2820691022b71910885954466d205e1639f5eeeac8e
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
efd3b5f13565ee264686a7ecdc27c6d52c41d23b9367a91f98a06bcfa33f3dab
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f7e68201db4d52d793e06ca5d7d463564967017ee73bad945047463dca141ce4
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fef192830e4f35f56f78dda3379499a564acd02596ab7dc88437586703e8a559