URL: http://nsosanaky.store/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On June 21 via api from SG — Scanned from SG

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 31 HTTP transactions. The main IP is 14.225.253.154, located in Thanh Hóa, Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is nsosanaky.store.
This is the only time nsosanaky.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 14.225.253.154 135905 (VNPT-AS-V...)
1 2404:6800:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
1 1 162.159.128.61 13335 (CLOUDFLAR...)
1 2600:1413:b00... 20940 (AKAMAI-ASN1)
31 12
Apex Domain
Subdomains
Transfer
10 nsosanaky.store
nsosanaky.store
4 MB
7 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
163 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
204 KB
2 getbootstrap.com
getbootstrap.com — Cisco Umbrella Rank: 53767
41 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
ajax.googleapis.com — Cisco Umbrella Rank: 422
32 KB
1 akamaized.net
vod-progressive.akamaized.net — Cisco Umbrella Rank: 30859
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2001
1 KB
1 pexels.com
images.pexels.com — Cisco Umbrella Rank: 46348
45 KB
1 teamobi.com
my.teamobi.com
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
877 B
31 10
Domain Requested by
10 nsosanaky.store nsosanaky.store
7 cdnjs.cloudflare.com nsosanaky.store
cdnjs.cloudflare.com
5 fonts.gstatic.com fonts.googleapis.com
2 getbootstrap.com nsosanaky.store
1 vod-progressive.akamaized.net nsosanaky.store
1 player.vimeo.com 1 redirects
1 ajax.googleapis.com nsosanaky.store
1 www.gstatic.com www.google.com
1 images.pexels.com nsosanaky.store
1 my.teamobi.com nsosanaky.store
1 www.google.com nsosanaky.store
1 fonts.googleapis.com nsosanaky.store
31 12

This site contains links to these domains. Also see Links.

Domain
zalo.me
images.pexels.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
www.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: http://nsosanaky.store/
Frame ID: 140B201473CBDF879FFEFFBBB2D31090
Requests: 34 HTTP requests in this frame

Screenshot

Page Title

Ninja School OnlineChặn F12

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

61 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

4152 kB
Transfer

5664 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://player.vimeo.com/external/322244668.sd.mp4?s=338c48ac2dfcb1d4c0689968b5baf94eee6ca0c1&profile_id=165&oauth2_token_id=57447761 HTTP 302
  • https://vod-progressive.akamaized.net/exp=1687338257~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F4448%2F12%2F322244668%2F1252581517.mp4~hmac=eadb3ec420e06dd05c361292f1673eaf1865dc1eef2e9a0ff60eb137b21cdc38/vimeo-prod-skyfire-std-us/01/4448/12/322244668/1252581517.mp4

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nsosanaky.store/
17 KB
17 KB
Document
General
Full URL
http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 / PHP/5.6.30
Resource Hash
abb28645593aa6eb60566a59fc5e1c208341d8ec366f086ad0628f1c428014d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Jun 2023 05:04:53 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.30
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Jun 2023 04:52:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Jun 2023 05:04:16 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4700393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azw9QwECPlERRxDvUo0Zn3xUXWP34CSQfNZkwMVrLmjc9LoQI3t%2F1JN2nEX2oaEYPxMui2CCCunobbf5KHUTrTppOcZdPL5q1EVJ9TYKZmfOnbbD5kNW8%2BWBGRSB74THZdcHosifX1R2cckw%2FJqOH3e%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b7486e4000-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/
158 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
985149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17712
last-modified
Tue, 19 Jan 2021 17:26:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60071661-27681"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UW68RzZZA8mjVkOQJYC4iKjpBHQoH3k4f3DAG%2BD5V1Z963MFvd1p6pPpJjci8glRFvqnVHstnMRC4DhVNa46GrtbKhKjsKXphcYol2GNuSypH7y%2Fgpal59ArzSwKXBz1AUu41ELYyeYveBmtiaTH4qD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b7486f4000-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
api.js
www.google.com/recaptcha/
853 B
877 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::67 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 05:04:16 GMT
bootstrap.min.css
getbootstrap.com/docs/5.0/dist/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://getbootstrap.com/docs/5.0/dist/css/bootstrap.min.css
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id
1701af3f1b284d55cf7c34538e1518982ff2ad3a
date
Wed, 21 Jun 2023 05:04:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Tue, 13 Jun 2023 00:27:23 GMT
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
479
content-encoding
br
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-served-by
cache-yyz4563-YYZ
last-modified
Tue, 30 May 2023 15:21:27 GMT
server
cloudflare
x-github-request-id
1C88:0DA2:A9201B:11D3656:64761570
x-timer
S1685460981.243643,VS0,VE0
etag
W/"64761477-260c5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
7da9b5b759c34bda-SIN
x-cache-hits
3
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
984049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsQGM2kAUXLk0o7qLTb6N1A7a26cQiVlYsMEvvkO3bhfkbntxz1Pw52UDezCWNHt7YKAeHprDHNmo24d8%2FCdNkzvrShxgFeWaROScGQtGt9QWmr8gU32GuZbSlTD1Vl2RF%2FnJAveMtGZ0H%2B64jmM9mkA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b748724000-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
537899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10480
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McWY4dl%2F2IRlQuQM9Kjxgrf2EGBgoA3fdJJu3SZj6AmiQDU5dojYhtPHrosBP1cNjhYV4%2BtWO30f0un4IaCUznDan2gTkNf%2FXCLufNkSbo%2FKkxaocx3%2FvzsF%2BD%2FbgMetfmcs7nUIJWIV3MtedAQRpTtj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b748714000-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
bootstrap.min.js
getbootstrap.com/docs/5.0/dist/js/
59 KB
17 KB
Script
General
Full URL
https://getbootstrap.com/docs/5.0/dist/js/bootstrap.min.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id
724f34f0b4ee91f4cb711a59741dd153c91947be
date
Wed, 21 Jun 2023 05:04:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
expires
Mon, 19 Jun 2023 11:09:21 GMT
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-served-by
cache-yyz4570-YYZ
last-modified
Tue, 30 May 2023 15:21:27 GMT
server
cloudflare
x-github-request-id
33F0:4983:76F49E9:B76FFC4:647615D5
x-timer
S1685461044.774676,VS0,VE1
etag
W/"64761477-eab9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
7da9b5b759c74bda-SIN
x-cache-hits
1
style.css
nsosanaky.store/
3 KB
3 KB
Stylesheet
General
Full URL
http://nsosanaky.store/style.css
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
023315e561bdce722c8213078f716ed64902987e679ac5fa02aa30d021cb9552

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Mon, 19 Jun 2023 09:36:22 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"b84-5fe784487c60f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2948
600x480.png
nsosanaky.store/
500 KB
500 KB
Image
General
Full URL
http://nsosanaky.store/600x480.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
8a2e3c73b0531182ea52c5adee30a380b3a79f41427d7efa0930259c85c1f7ca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:08:31 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"7d02c-5fe9389ea4c59"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
512044
hot.gif
my.teamobi.com/images/
406 B
1 KB
Image
General
Full URL
http://my.teamobi.com/images/hot.gif
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:875d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febdf7664efe603b52d47578ea0d936dbb0e071c2a7f813f647f9035f19d169e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:21 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 25 May 2012 03:29:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"0664d86263acd1:0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozGufiiVv7qi6gX7Z8YEsL01C1Ys%2B43nwLZYCqoTEgtwNlKeABJfhw3Okdp9ljSFm%2FPzRwR9dyqr8Vnd0%2Ff8oXZvS%2BRp8Gciv8T3HJtxMillJL95W1I0hOpjiy218H2LH5uIoqH%2BcGQrSC%2FYnA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7da9b5b95cd54054-SIN
alt-svc
h3=":443"; ma=86400
Content-Length
406
tt.png
nsosanaky.store/data/
958 KB
958 KB
Image
General
Full URL
http://nsosanaky.store/data/tt.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
202339c5ef70ee91cab645b6248b4fb85f9861eb7eb35ee31ee1b3431a7f3fe1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:04:11 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"ef81e-5fe937a6d209a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
981022
t1.png
nsosanaky.store/data/
485 KB
485 KB
Image
General
Full URL
http://nsosanaky.store/data/t1.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
093de2d16af275e8ba6643ddf2ec075eb7062c1e47f294d3bd94422c425fe208

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:04:10 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"79395-5fe937a69c6d4"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
496533
t2.png
nsosanaky.store/data/
448 KB
449 KB
Image
General
Full URL
http://nsosanaky.store/data/t2.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
ac6e48a2bf147db2456f59763634346ca45b0995900f7405b42f3ccf14008aaf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:04:11 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"701d2-5fe937a6abad0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
459218
t3.png
nsosanaky.store/data/
534 KB
534 KB
Image
General
Full URL
http://nsosanaky.store/data/t3.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
e1e6d12e126f1d1e1e27db0f5e537631f62130ff8ab47613de681f18a5363966

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:04:11 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"85726-5fe937a6b73a7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
546598
t4.png
nsosanaky.store/data/
660 KB
660 KB
Image
General
Full URL
http://nsosanaky.store/data/t4.png
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
366320822e49052e1bc87ae4af43f071177e823d90cdd8b7734af05aa375c948

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Tue, 20 Jun 2023 18:04:11 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"a4ff9-5fe937a6c4e0d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
675833
pexels-photo-139829.jpeg
images.pexels.com/photos/139829/
44 KB
45 KB
Image
General
Full URL
https://images.pexels.com/photos/139829/pexels-photo-139829.jpeg?auto=compress&cs=tinysrgb&dpr=1&w=500
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70ef5a2f10177de862aafc3d871ccf187b1980d92da15af5dfa42e09e2dff8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5680538
cf-polished
status=not_needed
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
x-imgix-id
eb2d66306a601eb1c782f8c3ff3d3404ec65f8cd
alt-svc
h3=":443"; ma=86400
content-length
45559
x-served-by
cache-sjc10059-SJC, cache-qpg1230-QPG
x-imgix-render-farm
01.1096
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Jan 2023 12:27:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b97efd3de9-SIN
expires
Thu, 20 Jun 2024 05:04:16 GMT
js.js
nsosanaky.store/
3 KB
4 KB
Script
General
Full URL
http://nsosanaky.store/js.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
3464121655106b68b26eadb1d9dec5912ae3a5d42d689141449b21b1308daae4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Mon, 19 Jun 2023 09:08:04 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"dba-5fe77df47909d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3514
cho.gif
nsosanaky.store/data/
53 KB
54 KB
Image
General
Full URL
http://nsosanaky.store/data/cho.gif
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
14.225.253.154 Thanh Hóa, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 /
Resource Hash
cc285ca7f86b45eb16078d1b37b9d8a3b014f6abd63dfc75957d311442155b6f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:53 GMT
Last-Modified
Sun, 18 Jun 2023 07:59:27 GMT
Server
Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
ETag
"d4db-5fe62cc0d9aff"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
54491
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/
424 KB
169 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nsosanaky.store/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 20:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
172777
x-xss-protection
0
last-modified
Sun, 11 Jun 2023 18:00:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Jun 2024 20:10:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 04:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 04:36:59 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/
18 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/popper.min.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
456602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6002
last-modified
Thu, 01 Apr 2021 16:29:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6065f4e2-48a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By%2BZ033caX2q7NMNyDDODvApCgB2cNJCpaKgd12kpjT0rQts3OKqvdNCEbvwGAkT89ggkxmjijX3AlOs1WqEjwmEErbyu3PbsgEZLaazr7xDz2OtGlOfjGRKTaMguzeMv1zIYSfbFrnsfaXuM9yEVdku"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b8291f4000-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/
62 KB
13 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3743487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13124
last-modified
Tue, 19 Jan 2021 17:26:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60071661-f7eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLKjbZNyBXq9jRNyaLMq%2Frbaad048wH6CuKmLYZrB5tQV%2FuxfIguXj1LM%2Fo2GjaK2XqECVvO80dvDRRnJqwm0moE%2FFDv6R5pwXvc0j3Vwz2yvDIr3p6JjS5qCrFBigz1eGh7iaqGzyIJLR71kr94hkfy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b83eed3e3e-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 05:04:16 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2541385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PozqdwR4pZxtZYE%2BFZy7ZNguoh1IpPNi3rnh69s9%2F76Q6L6%2B4%2FQ12keLlhk8B8kmR9BLMGcnT2B9h1mP5azHwbeboX9JhKyjW2m5TU9J4aO0VjDf%2FhQraqQb96LABsPFt%2FdnqPBuWXd6trczXHqq%2BtHH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7da9b5b97a1240d8-SIN
expires
Mon, 10 Jun 2024 05:04:16 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 02:45:14 GMT
x-content-type-options
nosniff
age
181142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jun 2024 02:45:14 GMT
KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51f3f41805329fb8341beb56ded833eae6c7a8a1a0a1d7e78960e1390fe928b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:10:09 GMT
x-content-type-options
nosniff
age
338047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5468
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 07:10:09 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 14:38:39 GMT
x-content-type-options
nosniff
age
224737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jun 2024 14:38:39 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 08:53:45 GMT
x-content-type-options
nosniff
age
159031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5604
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jun 2024 08:53:45 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://nsosanaky.store
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 01:22:35 GMT
x-content-type-options
nosniff
age
358901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 01:22:35 GMT
1252581517.mp4
vod-progressive.akamaized.net/exp=1687338257~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F4448%2F12%2F322244668%2F1252581517.mp4~hmac=eadb3ec420e06dd05c361292f1673eaf1865dc1eef2e9a0ff60eb137b21cdc38/vim...
Redirect Chain
  • https://player.vimeo.com/external/322244668.sd.mp4?s=338c48ac2dfcb1d4c0689968b5baf94eee6ca0c1&profile_id=165&oauth2_token_id=57447761
  • https://vod-progressive.akamaized.net/exp=1687338257~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F4448%2F12%2F322244668%2F1252581517.mp4~hmac=eadb3ec420e06dd05c361292f1673eaf1865dc1eef2e9a0ff60eb137b21c...
673 KB
0
Media
General
Full URL
https://vod-progressive.akamaized.net/exp=1687338257~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F4448%2F12%2F322244668%2F1252581517.mp4~hmac=eadb3ec420e06dd05c361292f1673eaf1865dc1eef2e9a0ff60eb137b21cdc38/vimeo-prod-skyfire-std-us/01/4448/12/322244668/1252581517.mp4
Requested by
Host: nsosanaky.store
URL: http://nsosanaky.store/
Protocol
HTTP/1.1
Server
2600:1413:b000:1f::17d1:2e04 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://nsosanaky.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 05:04:17 GMT
X-VIM-CACHEBC
EP:H11,E:h
X-GUploader-UploadID
AAANsUnhG6YTyDWT1uqAR7JJM1jUNiZ_SAs8AopCEqFhse6U7evKKOVSmdzZ35V_Ssc2PwgaJP8UyLZYoi2jJRt1aWc
x-goog-storage-class
NEARLINE
Content-Range
bytes 0-1308604/1308605
Connection
keep-alive
Akamai-Mon-Iucid-Del
875210
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1308605
AK-REFERENCE-ID
0.8484dead.1687323857.1d802b23
Last-Modified
Sat, 04 Jan 2020 12:11:21 GMT
Server
UploadServer
ETag
"30e7af8922763124e8d649d117016e87"
x-goog-hash
crc32c=E4+uuQ==, md5=MOeviSJ2MSTo1knRFwFuhw==
Aka-c-hit
cache-hit
Content-Type
video/mp4
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Cache-Control
private, max-age=29416313
Akamai-Edge-IP
2600:1413:b000:1f::17d1:2e04
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 26 May 2024 16:16:10 GMT

Redirect headers

expires
Fri, 15 Dec 1985 19:30:00 GMT
Date
Wed, 21 Jun 2023 05:04:17 GMT
content-security-policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com; report-uri /_csp
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish
CF-Cache-Status
DYNAMIC
Age
0
X-Cache
MISS
x-host
player-backend-cc48d8b7b-vhss4
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
0
x-xss-protection
1; mode=block
X-Served-By
cache-qpg1250-QPG
x-player-backend
g
Server
cloudflare
X-Timer
S1687323857.963220,VS0,VE269
access-control-allow-origin
*
Location
https://vod-progressive.akamaized.net/exp=1687338257~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F4448%2F12%2F322244668%2F1252581517.mp4~hmac=eadb3ec420e06dd05c361292f1673eaf1865dc1eef2e9a0ff60eb137b21cdc38/vimeo-prod-skyfire-std-us/01/4448/12/322244668/1252581517.mp4
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
player-backend-cc48d8b7b-vhss4
Accept-Ranges
bytes
CF-RAY
7da9b5b9dec83ff3-SIN
X-Cache-Hits
0
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery number| uidEvent object| bootstrap number| radius boolean| autoRotate number| rotateSpeed number| imgWidth number| imgHeight string| bgMusicURL boolean| bgMusicControls object| odrag object| ospin object| aImg object| aVid object| aEle object| ground function| init function| applyTranform function| playSpin undefined| sX undefined| sY undefined| nX undefined| nY number| desX number| desY number| tX number| tY string| animationName object| Popper object| recaptcha

2 Cookies

Domain/Path Name / Value
.pexels.com/ Name: __cf_bm
Value: J7BLfsmfM_IPoKVoGI5R67cOe3VX4AHIxY_xaVZYs3U-1687323856-0-AY2bIGK6MQ0Y7RW+vU67TYOvd5cHNfEDG/J6VHXF46gsoKCXcKW5iPzocVPks+H78ScfcA8b0BSD4m3YAVbBHzY=
.vimeo.com/ Name: __cf_bm
Value: lV5Nbqo.yNlkNSk8VMrhh3GRcrRWq8MbF7Qly2tOYYY-1687323857-0-AUddVUtkx+MQBFXNI1LQ+A/EUYzdANgtSEO6lbtmyRgOLGQPkRKqaL/ezD0B5jyTdiofEKxTJkxQo9/0QvH7M2w=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
images.pexels.com
my.teamobi.com
nsosanaky.store
player.vimeo.com
vod-progressive.akamaized.net
www.google.com
www.gstatic.com
14.225.253.154
162.159.128.61
2404:6800:4003:c01::5e
2404:6800:4003:c02::5f
2404:6800:4003:c02::67
2404:6800:4003:c03::5e
2404:6800:4003:c11::5f
2600:1413:b000:1f::17d1:2e04
2606:4700:10::ac43:1e94
2606:4700:3033::ac43:875d
2606:4700::6811:180e
2606:4700::6812:b663
023315e561bdce722c8213078f716ed64902987e679ac5fa02aa30d021cb9552
093de2d16af275e8ba6643ddf2ec075eb7062c1e47f294d3bd94422c425fe208
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
202339c5ef70ee91cab645b6248b4fb85f9861eb7eb35ee31ee1b3431a7f3fe1
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
3464121655106b68b26eadb1d9dec5912ae3a5d42d689141449b21b1308daae4
366320822e49052e1bc87ae4af43f071177e823d90cdd8b7734af05aa375c948
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
51f3f41805329fb8341beb56ded833eae6c7a8a1a0a1d7e78960e1390fe928b6
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8a2e3c73b0531182ea52c5adee30a380b3a79f41427d7efa0930259c85c1f7ca
abb28645593aa6eb60566a59fc5e1c208341d8ec366f086ad0628f1c428014d6
ac6e48a2bf147db2456f59763634346ca45b0995900f7405b42f3ccf14008aaf
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270
cc285ca7f86b45eb16078d1b37b9d8a3b014f6abd63dfc75957d311442155b6f
cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e1e6d12e126f1d1e1e27db0f5e537631f62130ff8ab47613de681f18a5363966
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f70ef5a2f10177de862aafc3d871ccf187b1980d92da15af5dfa42e09e2dff8e
febdf7664efe603b52d47578ea0d936dbb0e071c2a7f813f647f9035f19d169e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e