urlscan.io logo urlscan.io
SecurityTrails logo

www.helpyfelty.com Open in urlscan Pro
2606:4700:3030::ac43:85a7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html#uarara.html?od=1syoshort6283ce7838663_vl_inboxvl_1214.590ttc0.C0000rhg...
Effective URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Submission: On May 17 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3030::ac43:85a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.helpyfelty.com.
TLS certificate: Issued by E1 on April 14th 2022. Valid for: 3 months.
This is the only time www.helpyfelty.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 52.218.132.129 16509 (AMAZON-02)
1 1 185.53.169.189 47447 (TTM)
1 1 20.91.223.9 8075 (MICROSOFT...)
27 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
34 6
1    52.218.132.129 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
1    185.53.169.189 (United States)

ASN47447 (TTM, DE)
obveisi.com
1    20.91.223.9 (Gävle, Sweden)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.randolinks2.com
27    2606:4700:3030::ac43:85a7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.helpyfelty.com
2    2607:f8b0:4006:81c::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3032::ac43:a22a (United States)

ASN13335 (CLOUDFLARENET, US)
www.kllilk.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
27 helpyfelty.com
www.helpyfelty.com
839 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3363
88 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
61 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
1 KB
1 kllilk.com
www.kllilk.com
15 KB
1 randolinks2.com
www.randolinks2.com
600 B
1 obveisi.com
obveisi.com
499 B
1 amazonaws.com
ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
454 B
34 8
Domain Requested by
27 www.helpyfelty.com ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
www.helpyfelty.com
2 netdna.bootstrapcdn.com www.helpyfelty.com
netdna.bootstrapcdn.com
2 ajax.googleapis.com www.helpyfelty.com
1 cdnjs.cloudflare.com www.helpyfelty.com
1 www.kllilk.com www.helpyfelty.com
1 www.randolinks2.com 1 redirects
1 obveisi.com 1 redirects
1 ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
34 8

This site contains no links.

Subject Issuer Validity Valid
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.helpyfelty.com
E1		 2022-04-14 -
2022-07-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-01 -
2022-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Frame ID: 9C89FB74A8AB740126D35CE2452F936D
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

  1. https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html Page URL
  2. http://obveisi.com/uarara.html?od=1syoshort6283ce7838663_vl_inboxvl_1214.590ttc0.C0000rhg3ca1hi... HTTP 302
    https://www.randolinks2.com/756LJ3B/RWP9MNS/?sub1=__1_uarara__330510a82a061c9bdb742&sub2=yo121|M21unJj=|... HTTP 302
    https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

1005 kB
Transfer

1177 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html Page URL
  2. http://obveisi.com/uarara.html?od=1syoshort6283ce7838663_vl_inboxvl_1214.590ttc0.C0000rhg3ca1hi10aw_x11369.hg3caMjkwY3MwLTM2dWw3cWs0p49bd HTTP 302
    https://www.randolinks2.com/756LJ3B/RWP9MNS/?sub1=__1_uarara__330510a82a061c9bdb742&sub2=yo121|M21unJj=|hg3ca|290cs0|36ul7qk|69337|0000rhg3ca|C|oTI2pzSxo3V=|PC|1g0ju9a&sub3=p3yip2uipaD2ZwtmL2H3BQZ4AwLmK3MfK2yhLz94qzksZGVkAN== HTTP 302
    https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
meeozeoeromzemorzeea.html
ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/ 		99 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.132.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
99
Content-Type
text/html
Date
Tue, 17 May 2022 17:36:22 GMT
ETag
"c168e91341b16cde5b950d4e706207e1"
Last-Modified
Tue, 17 May 2022 16:34:40 GMT
Server
AmazonS3
x-amz-id-2
HNnvB0AgQOAk/jqeDHTlolCtwk7Har2AS6QxjXMrtaxv92bZRJI/MnkPN8/Ez6GIrqYN19LH8r4=
x-amz-request-id
KCR0AZMTJD7EGKGN
Primary Request /
www.helpyfelty.com/
Redirect Chain
  • http://obveisi.com/uarara.html?od=1syoshort6283ce7838663_vl_inboxvl_1214.590ttc0.C0000rhg3ca1hi10aw_x11369.hg3caMjkwY3MwLTM2dWw3cWs0p49bd
  • https://www.randolinks2.com/756LJ3B/RWP9MNS/?sub1=__1_uarara__330510a82a061c9bdb742&sub2=yo121|M21unJj=|hg3ca|290cs0|36ul7qk|69337|0000rhg3ca|C|oTI2pzSxo3V=|PC|1g0ju9a&sub3=p3yip2uipaD2ZwtmL2H3BQZ4...
  • https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
49 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Requested by
Host: ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
URL: https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
27bcb130d0c79e248926f227c2378099b79298fb2df873051ac56946a6271aa7

Request headers

Referer
https://ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com/meeozeoeromzemorzeea.html#uarara.html?od=1syoshort6283ce7838663_vl_inboxvl_1214.590ttc0.C0000rhg3ca1hi10aw_x11369.hg3caMjkwY3MwLTM2dWw3cWs0p49bd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70ce1d7359438c71-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 17:36:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZYxk7WnJBQSY4Bfn6uqRd0AZ2T6Ti%2Bs3x8ppPzUC6ZrxJNX7ZrviC49uVZMReoXXiVbp4KQWLu7kmW79ioqEYjRJGBs6lglgqGTnPQMZ%2FrRsVtbx%2BLfmXJasgq1g1mVydT2eOle%2FSuFqimay9Fi%2FOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33

Redirect headers

Content-Length
146
Content-Type
text/html; charset=utf-8
Date
Tue, 17 May 2022 17:36:23 GMT
Location
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Server
nginx
Vary
Origin
X-Eflow-Request-Id
4f03068d-5abb-47ac-b2ee-db4e0fd87564
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?v=cc33
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 11:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 11:24:15 GMT
customredisp2.css
www.helpyfelty.com/230/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.helpyfelty.com/230/css/customredisp2.css?v=59e8
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002860f4995ca14c4135d000dbf89e506d46a81d256fe95f2877ca7a298a9695

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 10:53:54 GMT
server
cloudflare
age
6007
etag
W/"603f-5da2b7f1a144b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVBZjDNN70LwS1%2FvkVsF6QbJsbep5o24FG%2FP%2BzxndqSfl4qMTGCyoFXpIR8UYUpY5tJRCxiD5EE89IKcNFQI1azq8p5%2FvRuCpnOC6CojmZIgrYoTFkmRNEKYlIrOArOQN3mj8pO3CBgsvn3PpQH0OCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70ce1d76582d8c71-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
230--220314--1153547b8639bb.png
www.helpyfelty.com/230/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--1153547b8639bb.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199123a036acf1dbbd126b5c448605b711ae16d323b23f1d5719a8a439b16b71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54189
last-modified
Fri, 14 Jan 2022 20:44:16 GMT
server
cloudflare
etag
"d3ad-5d590ddc16800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzHG%2FtmG6SbAqIaAislIYGizwzfDS3JAmpprFNdWilwuosUG2MrRQIzoW5ufW15mF0OPAQGyjIogVxpjopI4RnnC90B5fYGjfcSe8htlIMgmgDWsNZpoZ%2BxbxQs%2BqZ2p6nFerabYEUa7vA6wwOlHagM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f721971-EWR
230--220314--115354b2d715ea.png
www.helpyfelty.com/230/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354b2d715ea.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1781
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"6f5-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FBW0%2FpckUQtVHbIkb2185SOqGclLt7W0JeXfUm0XtmMTCsCLJrhK3PrNDGmMqoeFOqceNzmF8cuTGY6o1%2FDD9RMGq1czdtbjfu%2FlffzX5kYCG%2FbMaR8PbrwEBEHOM5wk%2BwyhazaJVcZ5let1ac5NXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f741971-EWR
230--220314--11535478b5fe04.png
www.helpyfelty.com/230/img/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--11535478b5fe04.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4684bfdec5b407634cb8ccb3a5623ea8626b12e47ce8fa87ac3da7f1fdaf7255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
264699
last-modified
Fri, 14 Jan 2022 20:42:58 GMT
server
cloudflare
etag
"409fb-5d590d91b3880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDb43OfsKT6Tl4Url3BOXw9vW2Efy3pO%2B7XPC0%2Frz0a9rp6cS2ciIc4jCIarAJ0QYSp1e7ij6VxB09oxdpjTo%2BLuEIz8MP1AflJdFrRAZGrBZvVbE%2FeGB8tf05CFki22pXL%2BvXk3VcBmZ8Cp4NR07XM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f771971-EWR
230--220314--1153542d45fd62.gif
www.helpyfelty.com/230/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--1153542d45fd62.gif
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1457
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"5b1-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21bhNorwsUmtnGiBkpBN0yWt3h6dU0ZoJLIXMA0%2Fqq%2Bjlcj8IZainrXx2%2FXZK3hKMAyK9MKccgoszl%2FDiJ%2F98AuuA6PnUBzWW1PMWj6iNg7Kz%2FU%2Fsu6GqqpW47TLNvDxM4jF0bZQtF5LlBLoihb%2B2V8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f781971-EWR
230--220314--115354fee12f24.jpg
www.helpyfelty.com/230/img/ 		646 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354fee12f24.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
646
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"286-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPEUiv6s3%2B2TN%2BQzpYtdxpy1QM3nwwK%2BaYdqB6hnZa5rkuCUTp7xzhM01cFdcbIW9hcbPFaPT%2FnjyYAj3rQ22fWnCWsGXCzp0wvrHt149yVhFZzwIXthP7y6maGjgZMgsKIridmxvl%2F4pkYW%2Ba%2B%2B%2FFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f7c1971-EWR
CTSRge8LY7AAOdCtTiBgxzUkWQs8NbfClU7AiKdI.png
www.kllilk.com/storage/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kllilk.com/storage/images/CTSRge8LY7AAOdCtTiBgxzUkWQs8NbfClU7AiKdI.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a22a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd5aacede1afcde24c7e40866ce731d86fbca5d68ac20e083f3519a2d03fbdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Jan 2022 23:56:13 GMT
server
cloudflare
etag
"3b8b-5d6205d24d835"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKBvavOZ5cy8El5VDbcj6PuP0edCRXK0WQL24LTagKdetaO1lZWpBHM7M44%2FGxYj7o3d%2BKXh%2FQGa7F4ZzBEoWGB6GKR%2Fa1Q%2FhNhx5ucq%2BA8mN9rwL%2F3dUEAJw7xSKdDqMurXOoTjJuN%2FSMxn%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70ce1d77afea17c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15243
230--220314--115354c2aea21c.png
www.helpyfelty.com/230/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354c2aea21c.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f802d314b51ab2b5d692ee180db50de925778f5b8b1e4aa99e03ebbcc22b3f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5734
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2486
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"9b6-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS1FF3pf95Q317nMnXfpTSGPY3Q%2BTijt1CJx99Cu%2Foy%2FNezmpGH%2F9YXu71qqp0vXTiq8d9Nbhv2IY5mobIakV8HmHmbPTXU%2F%2BQYG33Bq8TwgccSuKOSAtd0RlNXbh4ZObrNDqwLHEOPoWAe2eTqe6Vk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f7d1971-EWR
230--220314--115354ff6ab7cf.png
www.helpyfelty.com/230/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354ff6ab7cf.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d894003d6071be103ca497c54461c500d2656e88003dd0afed8cdc0ed7bffe3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5734
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1214
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"4be-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkK5RZxS%2BRpvkNHT79asKFwzFkg9ukeWOemNsmDldWMv5jA4CUi778RWNa7j6R88vRUqqfVefWgpGFj2SwxfMyqGjfGvsMscltCWUUZ5XHL0bE53kn7M9NlcYOJVa2cg4Ah%2Bjvicp8Y08oZ3WcCOq7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f801971-EWR
230--220314--115354418188f7.png
www.helpyfelty.com/230/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354418188f7.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1031
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"407-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvhhohznjzpzYGF0fOKfnhH%2B25dKjF8a8SE%2B56Q0uqhdxGvInl49MyUtzas%2BskECDWSUJyXRiF%2FObKrT0IXT0exxQv5MtvpuCJpR5rSyCmBVyFvIz%2BvCjFR3WY6nCZ3MwOk3Wf0bzouv3L8I5S5R%2FO8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f821971-EWR
ava.png
www.helpyfelty.com/230/img/ 		213 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/ava.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a047ba74249aaac868c8a75485f9b9281299571d916805a461dd631fd341ab94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eI6V0MoP%2FLeYpsNj63EHWYDI0gcu0ltzO%2BSLY9LMloziH%2FXVnEziQs8Td1MSotmlNkQ%2BgeCMDt63kQz%2Fyg5N3xjYXpGIbD5FH5esdTf9XBUSJHrtw%2BuD8enCJMA1%2Bxr%2Bbnu4T%2BD8WCHgoXasbinzSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
70ce1d773f831971-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
230--220314--115354f149bdf4.jpg
www.helpyfelty.com/230/img/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354f149bdf4.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316a6975de3078b71f6d0c0f92ac22b0f4586e6d048ed7808339e6b5e3cface2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50556
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
etag
"c57c-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmVA0Cwv1hOkjFHvXj78THvGhGcBNOJXfgl%2Ft3VPmtaR%2FIBICSqvJn6cRO590vftJYM9AvGskfhUYWpPKbyYXTVCs6d2lt6xjm97J4%2Bbmh9flIHxX4yOBKKepLX7V1DyAM9PybtzqvW%2BCD%2FmCWSCz7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f851971-EWR
230--220314--1153541c1458cb.png
www.helpyfelty.com/230/img/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--1153541c1458cb.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc08e38fdf43aacbddfd66aa1296477ca8debc634f4d046b968bef1f1422ec0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3621
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52462
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"ccee-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgFLDMlQ5klI5oJePb5sUVWoC8%2BM77XcyUhXTYvnAxvYiez6agW24H7ON%2Fn1%2BtAO%2B7rvQNd6sWVzPRbSiyftjaJFA8b2mPpQg%2BH2Nvd56qnxLk1ypp9JFz8R%2Fu9MBVZqE7%2BfCaT%2Bsj%2FCNlG4cZBAyWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f871971-EWR
230--220314--115354cfc163d6.png
www.helpyfelty.com/230/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354cfc163d6.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca149b3cceff96e46271c81bc29cb4ecc52e44ee015e539a67dbdc55a41b90a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1649
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"671-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIy1Jyded3dUZx%2FHRBFCLQsU74aO7kaIkKcaxYE61G9SIkbAIdGvzM7%2BtUryPw8KFITzxHO2px8t3y3OaHVk3fXgY0a%2Fi2reZ4TB0TLXuWDYmciqXKH9bggr8FFabmw37sMLG2tdoY8uwDu%2Fn59cSWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f8b1971-EWR
230--220314--115354e63551ca.jpg
www.helpyfelty.com/230/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354e63551ca.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63538636408d694425020b341235e224b91a191cd704704649e00b970c91bdf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5736
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54538
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
etag
"d50a-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmJk52gVBJsIJ%2Bx7qViVzs2Am1O8g93ywKsQb%2BR75nPXsbk1LO4gmyBVysYNTvhSKLtMMnEAKds8ZoAYSNAFrdS5C9Km4h8Dmsd%2FdTaNEQ7Zc00Y5XB8wgSF8RbJ06Vu5giqkZKb6tc%2FWf3Dz4mJk6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f8c1971-EWR
230--220314--115354d5b6c8d5.jpg
www.helpyfelty.com/230/img/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354d5b6c8d5.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1884861f668e9488000064548d5b1bba0f5b4bbcbc1747d01401a3e9c41ffa61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3621
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87411
last-modified
Fri, 14 Jan 2022 20:42:26 GMT
server
cloudflare
etag
"15573-5d590d732f080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E1nnoRAPiyOprXaUgMn7xS2Rd6eEd%2FFcahgmO1E6UnGhNRu9OD54szzmhlOIsUZUmQLP2qPB%2BNievEHaobxcCey4eTOAfMXV3aDuJ2U2uEgBdgRYdP6%2BjBBXFmwe6KUIgdasd8facZSWQnS%2FFryaIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f8f1971-EWR
sad.png
www.helpyfelty.com/230/img/ 		213 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/sad.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877b4988d11e65e645213202a906c6ebccc198b48e7a130f465ec107862b2e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob4niZFzCIkFyiJka6ik0VyW8BgVB%2BOZIHuBVV%2FNxfaiADYAZBCh7k8lfdLLQGqmKGpqx%2F%2BUS25%2FmggiqMj%2BFX9duJ6Az9rTuFbZNv4GM%2BNs8NPH8fot%2BlB23wzMqvZzEj5nGS7Uj%2B%2FRqlitKorowKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
70ce1d773f911971-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
230--220314--115354236065dc.png
www.helpyfelty.com/230/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354236065dc.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c620db5c942f519d01f1fb1a8af66d054e0389e325540158c60b7a1bd3fe33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3539
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"dd3-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyilGBjO9GktfV1vGPSCa5UydTtCcEJFCiAGp5OIBaOjkMsjo52CSuGNp5zIk0jB7orLUoZB0SC%2BTckFkW6HVn2OodARxFWFn8bXHQZ%2Fs%2B%2BXOItV8LST21EefiOtLmIfVP5w%2FVYxbQALcnwO%2FMii4u8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f921971-EWR
230--220314--11535493511bad.jpg
www.helpyfelty.com/230/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--11535493511bad.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59cc1d4bffd1ff0dc79947be1723f97ab0e32018791c0981b096cd2b60351231

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48729
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
etag
"be59-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue7v0XF1C1ATc0xkqFe7QuFw%2FBpQYmxbQmw4lZSC9J5s88f3g7OL6iqD1Dh3m3dswOdlwGxpMdBmll4nc9EUwcUhrBzi7xwfjoa3uq%2BPpzqsYHMN%2Bzj7PqcDeFuDhUo0SstuYHIEosERSD6TXLsWMV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f961971-EWR
x2.jpg
www.helpyfelty.com/230/img/ 		212 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/x2.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774410ef7b13d90a2fb371949ac2b2b120527b818e4ab5b15728f07122afb33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uttd5R0OoVC1BJ%2FT9s%2BjkEsN%2FADOjvKtsk3CtPF4TD2Q06XTIku9dC70R0BOpimp02c3We1y1rsXCEnQWvfGsorsh7rUddfmwkr%2FSI79xzv%2FQr%2FR%2FR%2BP1n%2Bat3eldcrkb4tMXQiy6CYvtQwKffIHnBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
70ce1d773f981971-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
230--220314--11535436cf4bfb.jpg
www.helpyfelty.com/230/img/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--11535436cf4bfb.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c52e741d2269191bf4d7350e1b46ce419515da20bfee8a7230561862027269

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51660
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
etag
"c9cc-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgAsNz13QuuKVce1cJE3dDh7V5nQQptku8Pdrs9mR0CpNstSz5u%2BE%2Fsf4n1JiW8va5CBP2W3RPMqmxiBkgnWsTXZy9XQvq26IIRIqF1mMxYkDAUqBuhUUYX3SwFadp5nPpGFxpHKPVi6NLB%2BK4yS17k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f9a1971-EWR
230--220314--115354ed985de1.jpg
www.helpyfelty.com/230/img/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354ed985de1.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0793b2eb923f3201416c1041017e1f1b8739cbdc09d27630c9ca5b62ff70fac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85545
last-modified
Fri, 14 Jan 2022 20:43:36 GMT
server
cloudflare
etag
"14e29-5d590db5f0e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfaWDBet4%2BJMcmtbiIHmoqIJsJcpXCGFHJnK5lZ%2FaejD0oJZDOl5089USBt8dCVgYAXOcH6lUsqnu5d7lcXgOWh3sHVcg1JT5tvf2bls3sPY%2FP6OWCoY2VVIkepPFjIT4fRfghly9LwfFTr7zSGGncI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f9b1971-EWR
230--220314--1153549f06bb7c.png
www.helpyfelty.com/230/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--1153549f06bb7c.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1ca1f5946be5d7901bc3167808211a24036f1a0a56f7dafcc2aaca0c8d8ced

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2118
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"846-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCJHc6GYpWN3%2Fi2vvzzvYSOJJtu%2B3gvolZd8GkZrNCVMCcSnlcH1oRvYba%2FielyQQ%2BY4dDAOEzW%2FEa%2F38BdU%2F1Mzi3xbZfH8%2BNsUgcuKbY5H0%2BXcgKlxYHnZ2%2BTxd2UD1bVL0xLIh2ATZAc0f7BWlEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773f9f1971-EWR
230--220314--115354146d9f98.jpg
www.helpyfelty.com/230/img/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--115354146d9f98.jpg
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3401ff0b047bd896a0f6e22c032b6b5d01bf6e18381db39d5ed3678fc913cab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3621
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47307
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
etag
"b8cb-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BZHrueSzZwmt7zDCnrh%2FZWp78Jg7dU2cdPDtyLlmDO5VEOm8lqz%2BIvuKJIDrIJbp7lXuZBSUuajKUNIb5Z7XxdAevoV3z3iAZExVhS7c7xZOrBjoeQtnSaQKR%2FEKst4uRGc9vFQeVSfti006Yc0cro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773fa11971-EWR
230--220314--11535404782885.png
www.helpyfelty.com/230/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--11535404782885.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6352
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"18d0-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Fn1%2F6KhsotyGe5JYK5DgnJx4zRhxhQE%2BuHAUrIN%2Bm4wqBddKsz8D39vdvSm1l%2BBrANMLwARZqiji%2FjzvuJm9rCdbUJOTleJHWye85cDBg0tPKKtT8BWocWjyYQeH%2BIGroQSfso90PprD9ciJ5grf9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773fa31971-EWR
230--220314--1153542478b827.png
www.helpyfelty.com/230/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helpyfelty.com/230/img/230--220314--1153542478b827.png
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9862
last-modified
Fri, 14 Jan 2022 17:47:14 GMT
server
cloudflare
etag
"2686-5d58e64a28c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMvAqXUMokzW4Q3KP6JYgwoHq9Ereethh91rrJ%2BdVvX%2B9cZ62%2BZZ%2FPjopqUlm2DDVcdH1OTBA8WLeC1SIvTaSsVmuaqHtW3durgKw9fknLGfTatkOmTfYZ1WhctXyGcbT3Co4LODrGKrSFtHA6WKvyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70ce1d773fa61971-EWR
timer.js
www.helpyfelty.com/230/js/ 		619 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helpyfelty.com/230/js/timer.js?v=f1f6
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:85a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 17:47:16 GMT
server
cloudflare
age
6002
etag
W/"26b-5d58e64c11100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1o6XvE2BzIIkQjH36kXXo5Ti%2BGx9WOH6%2BS3NN4O%2Fov4A4bB1KEG9Ggq5fP6NvTKIZovQdoW3W8%2FyTbpzV6X5e79us3YELD21D%2Fn%2B2KGws2s6xR7bZYRBk8OJlCDU7riyKMHj6VPAYeENZQ2EGlbngMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70ce1d7698c38c71-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css?v=b3d8
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
718
cdn-cachedat
03/11/2022 22:58:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"bbfef9385083d307ad2692c0cf99f611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
12aeccfa992976fe84e8cfae31e05be6
cdn-requestcountrycode
US
cf-ray
70ce1d774c8fd15f-BUF
cdn-cache
HIT
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?v=93cf
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 11:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 11:52:35 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js?v=b671
Requested by
Host: www.helpyfelty.com
URL: https://www.helpyfelty.com/?s1=Zz0xMCZ0PVVTJnRpZD0yMzAmdG1wPTI1MA==&trsid=44ad986bfec7403bb15077202b7a7d87&aff=3793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.helpyfelty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
926501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKKFFkL0ExdyFJ%2FQAQ58qEZX3xP0GiSb0khj0Sx1A6UbVjCAH8iPYKQcTI7rqF9CluvNQYEmQU0If2xy1QAUbcrMHcmtWG6piUmzVzZ79LsYffmC%2BoalcQ5a2M8WrZJRKwjz3HADuEEfiUu88VIcISSS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ce1d776ebed15b-BUF
expires
Sun, 07 May 2023 17:36:24 GMT
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css?v=b3d8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css?v=b3d8
Origin
https://www.helpyfelty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:36:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
cdn-proxyver
1.0
cdn-cachedat
10/15/2021 09:27:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83760
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"fdf491ce5ff5b2da02708cd0e9864719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
330740cd5189abd58f7350c8cc39346c
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
70ce1d781cf1d15f-BUF
cdn-cache
HIT
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| months object| days object| time object| d string| dateNow undefined| c1 function| socle function| $ function| jQuery function| Loadotheroffer function| startTimer function| hidpopu function| exit5minslayer function| closeexitlayer function| nextQuestion function| drawszlider function| startLoad function| selectReward function| showModal object| comments number| slidewhere number| holvanszlider function| jQuery1 boolean| done function| WriteToFilePop_up

1 Cookies

Domain/Path Name / Value
www.helpyfelty.com/ Name: PHPSESSID
Value: gal0br137grgs6fh2g86n0tcqc

3 Console Messages

Source Level URL
Text
network error URL: https://www.helpyfelty.com/230/img/x2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.helpyfelty.com/230/img/ava.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.helpyfelty.com/230/img/sad.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
ezoeoezoaraeawxwzaae.s3.us-west-2.amazonaws.com
netdna.bootstrapcdn.com
obveisi.com
www.helpyfelty.com
www.kllilk.com
www.randolinks2.com
185.53.169.189
20.91.223.9
2606:4700:3030::ac43:85a7
2606:4700:3032::ac43:a22a
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:81c::200a
52.218.132.129
002860f4995ca14c4135d000dbf89e506d46a81d256fe95f2877ca7a298a9695
1884861f668e9488000064548d5b1bba0f5b4bbcbc1747d01401a3e9c41ffa61
199123a036acf1dbbd126b5c448605b711ae16d323b23f1d5719a8a439b16b71
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
27bcb130d0c79e248926f227c2378099b79298fb2df873051ac56946a6271aa7
316a6975de3078b71f6d0c0f92ac22b0f4586e6d048ed7808339e6b5e3cface2
3dc08e38fdf43aacbddfd66aa1296477ca8debc634f4d046b968bef1f1422ec0
4684bfdec5b407634cb8ccb3a5623ea8626b12e47ce8fa87ac3da7f1fdaf7255
59cc1d4bffd1ff0dc79947be1723f97ab0e32018791c0981b096cd2b60351231
5f802d314b51ab2b5d692ee180db50de925778f5b8b1e4aa99e03ebbcc22b3f6
63538636408d694425020b341235e224b91a191cd704704649e00b970c91bdf2
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6d894003d6071be103ca497c54461c500d2656e88003dd0afed8cdc0ed7bffe3
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
774410ef7b13d90a2fb371949ac2b2b120527b818e4ab5b15728f07122afb33d
7ca149b3cceff96e46271c81bc29cb4ecc52e44ee015e539a67dbdc55a41b90a
89c620db5c942f519d01f1fb1a8af66d054e0389e325540158c60b7a1bd3fe33
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
a047ba74249aaac868c8a75485f9b9281299571d916805a461dd631fd341ab94
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b877b4988d11e65e645213202a906c6ebccc198b48e7a130f465ec107862b2e5
ba1ca1f5946be5d7901bc3167808211a24036f1a0a56f7dafcc2aaca0c8d8ced
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c3401ff0b047bd896a0f6e22c032b6b5d01bf6e18381db39d5ed3678fc913cab
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
cbd5aacede1afcde24c7e40866ce731d86fbca5d68ac20e083f3519a2d03fbdc
d0793b2eb923f3201416c1041017e1f1b8739cbdc09d27630c9ca5b62ff70fac
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d8c52e741d2269191bf4d7350e1b46ce419515da20bfee8a7230561862027269
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d