urlscan.io logo urlscan.io
SecurityTrails logo

a8672336.mnoova.com Open in urlscan Pro
2606:4700:3031::681b:a0b4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/34mSMPv#3332325f373930353432305f3332315f636c5f353236305f313030335f74506c4a454d444a62506e5844426b...
Effective URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Submission: On August 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3031::681b:a0b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is a8672336.mnoova.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.
This is the only time a8672336.mnoova.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 17 31.6.70.117 39869 (LIVENET-)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 34.102.211.173 15169 (GOOGLE)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 104.18.26.20 13335 (CLOUDFLAR...)
35 6
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
17    31.6.70.117 (Tarnowskie Gory, Poland)

ASN39869 (LIVENET-, PL)
PTR: news.elfunny.com
news.elfunny.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    34.102.211.173 (United States)

ASN15169 (GOOGLE, US)
PTR: 173.211.102.34.bc.googleusercontent.com
www.hs8iitrk.com
13    2606:4700:3031::681b:a0b4 (United States)

ASN13335 (CLOUDFLARENET, US)
a8672336.mnoova.com
4    104.18.26.20 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
assets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
17 elfunny.com
news.elfunny.com
525 KB
13 mnoova.com
a8672336.mnoova.com
89 KB
4 hcaptcha.com
hcaptcha.com
assets.hcaptcha.com
21 KB
2 hs8iitrk.com
www.hs8iitrk.com
706 B
2 googleapis.com
fonts.googleapis.com
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
2 KB
1 bit.ly
bit.ly
137 B
35 7
Domain Requested by
17 news.elfunny.com 1 redirects news.elfunny.com
13 a8672336.mnoova.com news.elfunny.com
a8672336.mnoova.com
3 assets.hcaptcha.com a8672336.mnoova.com
hcaptcha.com
2 www.hs8iitrk.com 2 redirects
2 fonts.googleapis.com news.elfunny.com
1 hcaptcha.com 1 redirects
1 cdnjs.cloudflare.com news.elfunny.com
1 bit.ly 1 redirects
35 8

This site contains links to these domains. Also see Links.

Domain
lagungroen.com
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh

This page contains 3 frames:

Primary Page: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Frame ID: E8601FCFA03C5F165C0A9CAC4549113C
Requests: 34 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Frame ID: AC88B348B7DB1164345A0FB47A9EAF0C
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Frame ID: 0B3169A06EFCC912AA981CA9C6430867
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/34mSMPv HTTP 301
    http://news.elfunny.com/ Page URL
  2. http://news.elfunny.com/3332325f373930353432305f3332315f636c5f353236305f313030335f74506c4a454d444a62... HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=tPlJEMDJbPnXDBkiYpysz&s4=7905420&s5=hB5CmZmc... HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=f5f7ac35c15348dda084badf17cfa05d&__r... HTTP 302
    https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651 Page URL

Page Statistics

35
Requests

54 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

639 kB
Transfer

817 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/34mSMPv HTTP 301
    http://news.elfunny.com/ Page URL
  2. http://news.elfunny.com/3332325f373930353432305f3332315f636c5f353236305f313030335f74506c4a454d444a62506e5844426b69597079737a HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=tPlJEMDJbPnXDBkiYpysz&s4=7905420&s5=hB5CmZmcy083oVCgJE2Wu HTTP 302
    https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=f5f7ac35c15348dda084badf17cfa05d&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/34mSMPv HTTP 301
  • http://news.elfunny.com/
Request Chain 29
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
news.elfunny.com/
Redirect Chain
  • https://bit.ly/34mSMPv
  • http://news.elfunny.com/
12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
0183b07493705e138959e7d8b47a25ea435551ae60a3e3e8e998bc8fa44043fc

Request headers

Host
news.elfunny.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

status
301
server
nginx
date
Mon, 24 Aug 2020 12:57:02 GMT
content-type
text/html; charset=utf-8
content-length
111
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://news.elfunny.com/
referrer-policy
unsafe-url
set-cookie
_bit=k7ocV2-995693c949a8656d6c-00L; Domain=bit.ly; Expires=Sat, 20 Feb 2021 12:57:02 GMT
via
1.1 google
alt-svc
clear
bootstrap.min.css
news.elfunny.com/vendor/bootstrap/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1d970-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
121200
font-awesome.min.css
news.elfunny.com/vendor/font-awesome/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/font-awesome/css/font-awesome.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"7187-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29063
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 11:49:01 GMT
server
ESF
date
Mon, 24 Aug 2020 12:57:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Aug 2020 12:57:02 GMT
css
fonts.googleapis.com/ 		16 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 12:57:02 GMT
server
ESF
date
Mon, 24 Aug 2020 12:57:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Aug 2020 12:57:02 GMT
magnific-popup.css
news.elfunny.com/vendor/magnific-popup/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/magnific-popup/magnific-popup.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
creative.min.css
news.elfunny.com/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/css/creative.min.css
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
c34418be12eb16bfbec0beff552b34cb3f5de0c1fca220437ee1fd0c70ef1e39

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1ec3-53a6bf66fff80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7875
1.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/1.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"f92c-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
63788
2.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/2.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bbe5-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
48101
3.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/3.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bc64-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
48228
4.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/4.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:03 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"bf9f-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
49055
5.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/5.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:03 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"f37e-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
62334
6.jpg
news.elfunny.com/img/portfolio/thumbnails/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.elfunny.com/img/portfolio/thumbnails/6.jpg
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:03 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"d0b4-53a6bf66fff80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
53428
jquery.min.js
news.elfunny.com/vendor/jquery/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/jquery/jquery.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
225
Content-Type
text/html; charset=iso-8859-1
bootstrap.min.js
news.elfunny.com/vendor/bootstrap/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"90b5-53a6bf66fff80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
37045
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
25939749
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04c22438340000178a79b52200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:12 GMT
server
cloudflare
etag
W/"5afd494c-15b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c7d3ca059a4178a-FRA
expires
Sat, 14 Aug 2021 12:57:02 GMT
scrollreveal.min.js
news.elfunny.com/vendor/scrollreveal/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/scrollreveal/scrollreveal.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
jquery.magnific-popup.min.js
news.elfunny.com/vendor/magnific-popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/vendor/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
248
Content-Type
text/html; charset=iso-8859-1
creative.min.js
news.elfunny.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://news.elfunny.com/js/creative.min.js
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
HTTP/1.1
Server
31.6.70.117 Tarnowskie Gory, Poland, ASN39869 (LIVENET-, PL),
Reverse DNS
news.elfunny.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash

Request headers

Referer
http://news.elfunny.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 12:57:02 GMT
Last-Modified
Fri, 19 Aug 2016 12:37:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"450-53a6bf66fff80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1104
Primary Request 9e526a4a97
a8672336.mnoova.com/rc/
Redirect Chain
  • http://news.elfunny.com/3332325f373930353432305f3332315f636c5f353236305f313030335f74506c4a454d444a62506e5844426b69597079737a
  • https://www.hs8iitrk.com/22JJ8D8/6JF5MHR/&s1=1&s2=322&s3=tPlJEMDJbPnXDBkiYpysz&s4=7905420&s5=hB5CmZmcy083oVCgJE2Wu
  • https://www.hs8iitrk.com/22JJ8D8/NFC9H/?__rpt=0&__po=3134&__ptid=f5f7ac35c15348dda084badf17cfa05d&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Requested by
Host: news.elfunny.com
URL: http://news.elfunny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae4d4d2f145b38f6a6c0878b526e0e957ab20c991ef3378ce0d59f7a2618bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a8672336.mnoova.com
:scheme
https
:path
/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://news.elfunny.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://news.elfunny.com/#3332325f373930353432305f3332315f636c5f353236305f313030335f74506c4a454d444a62506e5844426b69597079737a

Response headers

status
403
date
Mon, 24 Aug 2020 12:57:04 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=db9b3a697f40671c6c5d810546b83b3661598273824; expires=Wed, 23-Sep-20 12:57:04 GMT; path=/; domain=.mnoova.com; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
04c2243d23000005fdc53c1200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c7d3ca83e3605fd-FRA
content-encoding
br

Redirect headers

status
302
server
nginx
date
Mon, 24 Aug 2020 12:57:03 GMT
content-type
text/html; charset=utf-8
content-length
120
location
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
set-cookie
uniqueClick_NFC9H=285d4538-7720-4177-91c9-db431b18aef8:1598273823; Path=/; Expires=Wed, 23 Sep 2020 12:57:03 GMT; Secure; SameSite=None transaction_id=fdecf329148c49d19eb6cd9fa9591507; Path=/; Expires=Sun, 22 Nov 2020 12:57:03 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
f395346b-a6b3-4a2b-a97f-81a0a8d07b8e
via
1.1 google
alt-svc
clear
cf.errors.css
a8672336.mnoova.com/cdn-cgi/styles/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5b724501640c081ba873f3d27b9f547b62ce5a4ef5d594ff630f00ba1eea7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-6d64"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
5c7d3ca87f3a05fd-FRA
cf-request-id
04c2243d4f000005fdc53c4200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
zepto.min.js
a8672336.mnoova.com/cdn-cgi/scripts/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/scripts/zepto.min.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
etag
W/"5f3ab77a-618f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5c7d3ca87f4005fd-FRA
cf-request-id
04c2243d4f000005fdc53c5200000001
expires
Wed, 26 Aug 2020 12:57:04 GMT
cf.common.js
a8672336.mnoova.com/cdn-cgi/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/scripts/cf.common.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
etag
W/"5f3ab77a-1138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5c7d3ca87f4205fd-FRA
cf-request-id
04c2243d4f000005fdc53c6200000001
expires
Wed, 26 Aug 2020 12:57:04 GMT
transparent.gif
a8672336.mnoova.com/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5c7d3ca83e3605fd
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7d3ca8afee05fd-FRA
content-length
42
cf-request-id
04c2243d6b000005fdc53c8200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
browser-bar.png
a8672336.mnoova.com/cdn-cgi/images/ 		715 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-2cb"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7d3ca8aff305fd-FRA
content-length
715
cf-request-id
04c2243d6c000005fdc53c9200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
cf-no-screenshot-warn.png
a8672336.mnoova.com/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a8672336.mnoova.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f3ab77a-a20"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c7d3ca8aff505fd-FRA
content-length
2592
cf-request-id
04c2243d6c000005fdc53ca200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
opensans-300.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		15 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-300.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3dfc"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7d3ca8affb05fd-FRA
cf-request-id
04c2243d6c000005fdc53cb200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
opensans-400.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		16 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-400.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3e40"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7d3ca8affe05fd-FRA
cf-request-id
04c2243d6d000005fdc53cc200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
opensans-600.woff
a8672336.mnoova.com/cdn-cgi/styles/fonts/ 		16 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/styles/fonts/opensans-600.woff
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://a8672336.mnoova.com
Referer
https://a8672336.mnoova.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 16:59:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f3ab77a-3eb8"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
5c7d3ca8b80a05fd-FRA
cf-request-id
04c2243d6e000005fdc53cd200000001
expires
Mon, 24 Aug 2020 14:57:04 GMT
v1
a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2dd5f71715443ea5722b247e8d39439d7fe588f36769c901b8b37e6239d7af8

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5c7d3ca8f93905fd-FRA
cf-request-id
04c2243d9d000005fdc53d4200000001
hcaptcha.js
assets.hcaptcha.com/captcha/v1/558182b/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23b3fb70919ee3c7f42c2a161dea8d1978c9cee5d398034b3ff8293826792bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
211709
cf-polished
origSize=63599
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AFE1F510DE88B5D4
x-amz-id-2
HNcZ6DakKJlQNgZsFZhUsM/Z+GVwPkBwNbzJmD/M0Dh0a8qqjvz1NkIbXHQXeTpZ0SqlQRrkCrk=
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
server
cloudflare
etag
W/"273f6ffcafc06e0f0ae6241755176c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
04c2243e300000ee27a539a200000001
cf-ray
5c7d3ca9ee05ee27-CDG
cf-bgj
minify

Redirect headers

date
Mon, 24 Aug 2020 12:57:04 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5c7d3ca9ad4aee27-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04c2243e0b0000ee27a5399200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
7d9a98eba368356
a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.3913388884893691:1598270816:3402479a4369c75465cfd658995206336024c9b343d7794b1f46c6746fc6dfd6/5c7d3ca83e3605fd/ 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.3913388884893691:1598270816:3402479a4369c75465cfd658995206336024c9b343d7794b1f46c6746fc6dfd6/5c7d3ca83e3605fd/7d9a98eba368356
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9906e8b938dea5ff20d2778c3776da59f8cc8b381c6eb43164baae1bfef93c5

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
7d9a98eba368356
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c7d3ca97b0e05fd-FRA
cf-request-id
04c2243dea000005fdc53ea200000001
truncated
/ 		374 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfb91de4c7ddf9e2e7e11ce47ae23e7a1873ffea4ad4b2af5feac9f5cee8dba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
7d9a98eba368356
a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.3913388884893691:1598270816:3402479a4369c75465cfd658995206336024c9b343d7794b1f46c6746fc6dfd6/5c7d3ca83e3605fd/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a8672336.mnoova.com/cdn-cgi/challenge-platform/generate/ov1/0.3913388884893691:1598270816:3402479a4369c75465cfd658995206336024c9b343d7794b1f46c6746fc6dfd6/5c7d3ca83e3605fd/7d9a98eba368356
Requested by
Host: a8672336.mnoova.com
URL: https://a8672336.mnoova.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591bf60422d1850de2ec182e020c4f1e2bb25c705eae44e5e271c058dcc39c69

Request headers

Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
7d9a98eba368356
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 Aug 2020 12:57:04 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c7d3cac4d5605fd-FRA
cf-request-id
04c2243faa000005fdc5015200000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame AC88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651

Response headers

status
200
date
Mon, 24 Aug 2020 12:57:04 GMT
content-type
text/html
set-cookie
__cfduid=d6793ebf272790fba5e249fe34e7bc0ef1598273824; expires=Wed, 23-Sep-20 12:57:04 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
73HB9jJ7Rbjwyxri3Vi9GAiwpoZ7LL4PprroNdwNcr+yYJKTE5UhR9GS1UGoC+2nrv8GzA0K1UI=
x-amz-request-id
8QAR5X2H1PEKAT9Y
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
cf-cache-status
DYNAMIC
cf-request-id
04c22440640000ee27a53b4200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c7d3cad6d32ee27-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame 0B31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://a8672336.mnoova.com/rc/9e526a4a97?affclick=fdecf329148c49d19eb6cd9fa9591507&pubid=651

Response headers

status
200
date
Mon, 24 Aug 2020 12:57:04 GMT
content-type
text/html
set-cookie
__cfduid=d6793ebf272790fba5e249fe34e7bc0ef1598273824; expires=Wed, 23-Sep-20 12:57:04 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
DKo7lo6+npgnS/2bXsi6XNo0lfyY/5yeW4NN4CJ+fPerzWtRtTjKqwg51KWc34pAlPhxEicbTDw=
x-amz-request-id
19A7317241AD21E8
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:02 GMT
cf-cache-status
DYNAMIC
cf-request-id
04c22440670000ee27a53b5200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c7d3cad7d3cee27-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| Zepto function| $ function| Polyglot object| polyglot object| _cf_chl_opt function| _cf_chl_enter function| a function| b object| _cf_translation function| sendRequest function| _cf_chl_hload function| SHA256 boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx function| _ object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded

3 Cookies

Domain/Path Name / Value
a8672336.mnoova.com/ Name: cf_chl_prog
Value: a10
a8672336.mnoova.com/ Name: cf_chl_1
Value: 7d9a98eba368356
.mnoova.com/ Name: __cfduid
Value: db9b3a697f40671c6c5d810546b83b3661598273824

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8672336.mnoova.com
assets.hcaptcha.com
bit.ly
cdnjs.cloudflare.com
fonts.googleapis.com
hcaptcha.com
news.elfunny.com
www.hs8iitrk.com
104.18.26.20
2606:4700:3031::681b:a0b4
2606:4700::6811:4e6b
2a00:1450:4001:806::200a
31.6.70.117
34.102.211.173
67.199.248.10
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0183b07493705e138959e7d8b47a25ea435551ae60a3e3e8e998bc8fa44043fc
0dfb91de4c7ddf9e2e7e11ce47ae23e7a1873ffea4ad4b2af5feac9f5cee8dba
19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
591bf60422d1850de2ec182e020c4f1e2bb25c705eae44e5e271c058dcc39c69
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
b2dd5f71715443ea5722b247e8d39439d7fe588f36769c901b8b37e6239d7af8
c34418be12eb16bfbec0beff552b34cb3f5de0c1fca220437ee1fd0c70ef1e39
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
d23b3fb70919ee3c7f42c2a161dea8d1978c9cee5d398034b3ff8293826792bb
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ae4d4d2f145b38f6a6c0878b526e0e957ab20c991ef3378ce0d59f7a2618bd
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9906e8b938dea5ff20d2778c3776da59f8cc8b381c6eb43164baae1bfef93c5
ff5b724501640c081ba873f3d27b9f547b62ce5a4ef5d594ff630f00ba1eea7e