urlscan.io logo urlscan.io
SecurityTrails logo

www.nutaku.net Open in urlscan Pro
64.210.149.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trck.secureconv-cd.com/?a=83431&c=122422
Effective URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsIn...
Submission: On October 23 via manual from LT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 64.210.149.51, located in Waltham, United States and belongs to REFLECTED - Reflected Networks, Inc., US. The main domain is www.nutaku.net.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on August 21st 2018. Valid for: 2 years.
This is the only time www.nutaku.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 64.210.149.51 29789 (REFLECTED)
11 205.185.208.152 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 66.254.114.63 29789 (REFLECTED)
1 2a00:1450:400... 15169 (GOOGLE)
23 8
1    2a05:d018:483:6110:a5bf:b51c:de2e:bbc (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
trck.secureconv-cd.com
2    2a05:d018:483:6130:2464:bd6c:b85f:35d9 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
securetrck-cd.com
1    2a05:d018:483:6110:aea0:a7da:f2eb:7245 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
1    64.210.149.51 (Waltham, United States)

ASN29789 (REFLECTED - Reflected Networks, Inc., US)
www.nutaku.net
11    205.185.208.152 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip152.ssl.hwcdn.net
cdn1-images.nutaku.com
3    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
s.ytimg.com
3    66.254.114.63 (Waltham, United States)

ASN29789 (REFLECTED - Reflected Networks, Inc., US)
atlas.etahub.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
11 cdn1-images.nutaku.com www.nutaku.net
3 atlas.etahub.com cdn1-images.nutaku.com
3 www.google-analytics.com www.nutaku.net
www.google-analytics.com
2 securetrck-cd.com 1 redirects
1 stats.g.doubleclick.net www.nutaku.net
1 s.ytimg.com www.youtube.com
1 www.youtube.com cdn1-images.nutaku.com
1 www.nutaku.net gdmconvtrck.com
1 gdmconvtrck.com securetrck-cd.com
1 trck.secureconv-cd.com 1 redirects
23 10

This site contains no links.

Subject Issuer Validity Valid
*.nutaku.net
DigiCert SHA2 High Assurance Server CA		 2018-08-21 -
2020-11-04		 2 years crt.sh
*.nutaku.com
DigiCert SHA2 High Assurance Server CA		 2018-09-25 -
2020-11-24		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
atlas.etahub.com
DigiCert SHA2 High Assurance Server CA		 2019-03-11 -
2021-03-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Frame ID: 7026A14C43F86C14595BBD2996C23C6B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://trck.secureconv-cd.com/?a=83431&c=122422 HTTP 302
    http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607... Page URL
  2. http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138877&h=503171823728f034c1b10f200... HTTP 302
    https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsIn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

91 %
HTTPS

67 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

466 kB
Transfer

770 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trck.secureconv-cd.com/?a=83431&c=122422 HTTP 302
    http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422 Page URL
  2. http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138877&h=503171823728f034c1b10f2003a6c1ac693640b3&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422&us=39ca278cfbef49b4b18f5aa22e8b4ea3 HTTP 302
    https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://trck.secureconv-cd.com/?a=83431&c=122422 HTTP 302
  • http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securetrck-cd.com/
Redirect Chain
  • http://trck.secureconv-cd.com/?a=83431&c=122422
  • http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
2 KB
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
Protocol
HTTP/1.1
Server
2a05:d018:483:6130:2464:bd6c:b85f:35d9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e8e63bbd53fdf46433a19b30aecbb64ca7b8e5846661ac0ea8c2cafc795a2bdd

Request headers

Host
securetrck-cd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 23 Oct 2019 01:12:18 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 1 May 2020 12:00:00 GMT
Content-Encoding
gzip

Redirect headers

Date
Wed, 23 Oct 2019 01:12:18 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Location
http://securetrck-cd.com?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
Content-Language
en-US
trck
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gdmconvtrck.com/trck
Requested by
Host: securetrck-cd.com
URL: http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
Protocol
HTTP/1.1
Server
2a05:d018:483:6110:aea0:a7da:f2eb:7245 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1cd751561c832743d98ee64a2ff6ae236b49f5a0a12e3c1c6051d5fbbf3a33eb

Request headers

Referer
http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Oct 2019 01:12:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request /
www.nutaku.net/signup/landing/crush-crush/4/
Redirect Chain
  • http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138877&h=503171823728f034c1b10f2003a6c1ac693640b3&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422&us=39ca278cf...
  • https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Requested by
Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/trck
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.210.149.51 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ae694011ef4ad4d53400b84cb061c43db0ab87c46d4c3afd75a648d643a1146a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.nutaku.net
:scheme
https
:path
/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://securetrck-cd.com/?a=83431&c=122422&oc=34561&sr=t&vt=1571793138608&h=2038345891b715f663a71d607723e3b0959e9bd5&req=http%3A%2F%2Ftrck.secureconv-cd.com%2F%3Fa%3D83431%26c%3D122422

Response headers

status
200
server
nginx
date
Wed, 23 Oct 2019 01:12:19 GMT
content-type
text/html; charset=UTF-8
set-cookie
NUTAKUID=a9ad1509402b1308dcbeaece93167334; path=/; HttpOnly Nutaku_Language=en; expires=Mon, 20-Apr-2020 01:12:19 GMT; Max-Age=15552000; path=/; httponly RNLBSERVERID=ded3464m; path=/
x-frame-options
SAMEORIGIN
pragma
no-cache
cache-control
no-cache
content-encoding
gzip

Redirect headers

Date
Wed, 23 Oct 2019 01:12:19 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Set-Cookie
gdm_sid_v1_3_001=dHN7vDOHZGOPO+kDImhlGccx8afqD7PkNrKYB4/S2l91iukKOfEGKrcWbr2SiRhslh1/hK1avWSn5q3umwV/nEIQA22+i3VlOKO2zR8Ud4Dy1UeZX49isuMXVWH8QeBXNfpNeXikUASv0Cqy3zgt/H9dBUkwD4hAYinH5R1iJnTRsmCUpktPWhY6efWtR58qWpH1vnO3arM6GJqdXf3byjIAwNexE+/mG6Cb9DLVemi4qOdGWgvaiZvhV/ZcLRupxE2zTSnnxVLvu3LwzUfwVAca/TmksObe7AC/Y67TUQYAm+H8hN/aXgi4bvyX2cVK+R2EZ4SnM8i8xmQQ+8rXsKf+12Me9JrG3jzygLZCHOHgLierNWx354778hxdyQNueZoqHlTMksV7iLsMKyem84vNLjup0ZnJqfTYU7nIRXKeEvG38l79/v5bvETITBdseW1tArWy6pTc47cWB0KOnfRNpNfxYwHOx1jfW/kCVg9BIedOKtWGeI/jTvMZ6C6aCdpecXwpq0GOqloNZDNgdSksWvyxIc1P7BM5iAEoThSmwPOq6ZXp72sKeFzApTwXjXUQPCfW3ELvD+qtFB6XUMnfaJDrevWFnHYHQfKx4wB8TleEd5ErlXG0gGzGfw9wUAmXy5wsiJ03InMRA3kEKBXTa9XiH5vZSY39biVvEvXnSNQFjwD62jYlnE60wJvJCOh31xS8vOR/NJJ23U5JjqaNbCKb7+5QsaMHzInn0jPBQPLEKgbdyUgWwqVQRk3BECHVHy0NN07H1MkJWw4YmLZkGJHU4SbdrVhnDbEHzFYvPFBICi3/aXhuf+a8pqaticFHvPf08tUEQaePzwV08qvc0kWq0mz10+2jG7W/5eh2Qd/gzxMqJxsMOyrE+XXoCdIPFzMKBEqqKMDYYlLics5pYeiHP4sYxsbO1r2rsYwNYmjRXryD9tsSDtkakVgq8Flu+nbdZ3przOPm0G+IFHcumHPobMnVufY7EiJ35y4GX2UfsampzSqTQOl/0HS3R/wO4L2FYIDZa51MNxIlOEa0mB0sgEZefPGqRZ7mzEa7ICykpALY+qre4hCXfTQT2EbAmZNZz43ERAd0nkRzp39HH2Y7RHgTrcHNc60nLncO9HMpocfj0aKGeijcw1rJ; Expires=Tue, 21-Jan-2020 01:12:19 GMT gdm_uid_v1_1_001=bVeWqzmzSxb3IhhCwUQ1+COi11UlbWtLH75FVp4uFB6UJvkO0od49e1D3lmFiR9o; Expires=Tue, 21-Jan-2020 01:12:19 GMT gdm_suid_v1_1_001=bVeWqzmzSxb3IhhCwUQ1+COi11UlbWtLH75FVp4uFB6UJvkO0od49e1D3lmFiR9o; Expires=Tue, 21-Jan-2020 01:12:19 GMT gdm_click_adv_freq_v1_1_001=o5eKxjeV6D6NMsilDFCjADdgdp9T9xP+d61SwwPenJI0ljPechKILIaur8xnan+H; Expires=Tue, 21-Jan-2020 01:12:19 GMT gdm_click_freq_v1_1_001=FcciE5qfdXl8WnYev0f6u/OeatrZJYkkvkzIENDFIUKtjHE8vEBDx4cLzwcDJh/e; Expires=Tue, 21-Jan-2020 01:12:19 GMT
Location
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Content-Language
en-US
validation.css
cdn1-images.nutaku.com/images/landing/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/images/landing/css/validation.css
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
1defa4633356c3c300f3af19f40281536eb43ee10f4ecbdbae240828614b4556

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Fri, 25 May 2018 13:36:28 GMT
etag
"1527255388"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds088.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
926
jquery-2.1.1.min.js
cdn1-images.nutaku.com/js/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/js/jquery-2.1.1.min.js
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
ca62e4a78ef4ed5deff8b783e7bbf6c19d13780a385d7769e56ac971c8cf853a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 14:43:55 GMT
etag
"1563461035"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds085.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
34454
videolightjquery.js
cdn1-images.nutaku.com/images/landing/js/ 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/images/landing/js/videolightjquery.js
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2015 20:24:25 GMT
etag
"1449260665"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds011.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
38374
html5lightbox.7.4.js
cdn1-images.nutaku.com/images/landing/js/ 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/images/landing/js/html5lightbox.7.4.js
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
e4442b19d699232a38c2799a56bb78bf0e84ca2c854fb382f666d1244229db57

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 22:17:44 GMT
etag
"1520374664"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds137.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
25925
jquery.validate.js
cdn1-images.nutaku.com/images/landing/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/images/landing/js/jquery.validate.js
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
6a18eb89ea62f63de625c5b2e0c454999521b7cee243b17ca60dd8ed17fd7306

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Wed, 05 Sep 2018 18:24:48 GMT
etag
"1536171888"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds059.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
1544
atlaslib.min.js
cdn1-images.nutaku.com/js/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/js/atlaslib.min.js?t=20191022
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
f31ba54ebe17b046638e9f08ded3c2735c09febf26b88c6242ebc1d2dd4712c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 11:34:40 GMT
etag
"1559820880"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds076.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
11324
vortex.modern.min.js
cdn1-images.nutaku.com/images/landing/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-images.nutaku.com/images/landing/js/vortex.modern.min.js?cache=20191022
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
78616741145896295f97fdfa197df0fcd0eba93b43c219c5b01dbe7517b69dcf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
gzip
last-modified
Fri, 24 Feb 2017 23:48:58 GMT
etag
"1487980138"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds109.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
6732
logo.png
cdn1-images.nutaku.com/images/landing/crush-crush/4/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1-images.nutaku.com/images/landing/crush-crush/4/logo.png
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
612e3165bad5c61e0da5d7d752ea632442c6ad2b163c65044a0c4f3a1a1c7210

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
last-modified
Wed, 12 Oct 2016 14:17:41 GMT
etag
"1476281861"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds076.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
53596
analytics.js
www.google-analytics.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4690
date
Tue, 22 Oct 2019 23:54:09 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 23 Oct 2019 01:54:09 GMT
background.jpg
cdn1-images.nutaku.com/images/landing/crush-crush/4/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1-images.nutaku.com/images/landing/crush-crush/4/background.jpg
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
c65c54901434c9165efbc5507e2a0fd16b25f279542e8e48c520937e21420b20

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
last-modified
Wed, 12 Oct 2016 14:17:41 GMT
etag
"1476281861"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds132.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
229485
nutaku-logo.svg
cdn1-images.nutaku.com/images/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1-images.nutaku.com/images/svg/nutaku-logo.svg
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
c8ee23a4d09137d224a46806b9c229b11b74b489f788d27b253f5157e981ae25

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
last-modified
Tue, 01 May 2018 15:09:21 GMT
etag
"1525187361"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds127.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
2224
play.png
cdn1-images.nutaku.com/images/landing/crush-crush/4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1-images.nutaku.com/images/landing/crush-crush/4/play.png
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.152 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip152.ssl.hwcdn.net
Software
/
Resource Hash
e860b00dc33947623945bc11d144bad0161181b6643122baa9f4afb0a754d682

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
last-modified
Wed, 12 Oct 2016 14:17:40 GMT
etag
"1476281860"
status
200
x-hw
1571793139.dop003.fr8.t,1571793139.cds109.fr8.hn,1571793139.cds055.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
content-length
3705
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cdn1-images.nutaku.com
URL: https://cdn1-images.nutaku.com/images/landing/js/html5lightbox.7.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
guid
atlas.etahub.com/ 		131 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atlas.etahub.com/guid?app_id=&eventName=&
Requested by
Host: cdn1-images.nutaku.com
URL: https://cdn1-images.nutaku.com/images/landing/js/vortex.modern.min.js?cache=20191022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.254.114.63 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c78bb8c5767f45ec51cd24f156b6605951055a3d05aa28440cfa4bc42d45f816

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 23 Oct 2019 01:12:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST
P3P
CP="MindGeek does not have a P3P policy."
Access-Control-Allow-Origin
https://www.nutaku.net
Cache-Control
no-cache, no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline
Content-Type
application/json
Content-Length
131
events
atlas.etahub.com/ 		128 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atlas.etahub.com/events?app_id=10303&eventName=UNIQUE_TRACK&saffCode=eyJhIjoxMjc3MSwibiI6MSwicyI6MSwiZSI6MTA1NywicCI6MSwiY24iOiI4MzQzMSJ9&saffCodeType=ats&saffDomain=nutaku.net&snetworkCode=NTK&sconversionType=UNIQUE_TRACK&sconvertingPage=https%3A%2F%2Fwww.nutaku.net%2Fsignup%2Flanding%2Fcrush-crush%2F4%2F%3Fats%3DeyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9%26apb%3Dab589cd00e8645c388175403245f1a776e2b%26atc%3D83431&suserAgent=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F74.0.3729.169+Safari%2F537.36&nvalue=1&nab=0&spostbackParams=ab589cd00e8645c388175403245f1a776e2b&sreferralDomain=securetrck-cd.com&sreferralPath=http%3A%2F%2Fsecuretrck-cd.com%2F%3Fa%3D83431%26c%3D122422%26oc%3D34561%26sr%3Dt%26vt%3D1571793138608%26h%3D2038345891b715f663a71d607723e3b0959e9bd5%26req%3Dhttp%253A%252F%252Ftrck.secureconv-cd.com%252F%253Fa%253D83431%2526c%253D122422&nadId=0&satlasJsVersion=1.3.12&_sscreen=1600+x+1200&_sbrowser=Chrome&_sbrowserVersion=74.0.3729.169&_bmobile=false&_sos=Mac+OS+X&_sosVersion=10_14_5&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US&_splugins=&_errors%5B%5D=100&_errors%5B%5D=%2C
Requested by
Host: cdn1-images.nutaku.com
URL: https://cdn1-images.nutaku.com/images/landing/js/vortex.modern.min.js?cache=20191022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.254.114.63 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
749bba656d925e7a51d1585685c14da690582f644999c5fbdb740d139ec2e94d

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 23 Oct 2019 01:12:19 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
P3P
CP="MindGeek does not have a P3P policy."
Access-Control-Allow-Origin
https://www.nutaku.net
Cache-Control
no-cache, no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline
Content-Type
application/json
events
atlas.etahub.com/ 		128 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atlas.etahub.com/events?app_id=10303&eventName=TRACK&saffCode=eyJhIjoxMjc3MSwibiI6MSwicyI6MSwiZSI6MTA1NywicCI6MSwiY24iOiI4MzQzMSJ9&saffCodeType=ats&saffDomain=nutaku.net&snetworkCode=NTK&sconversionType=TRACK&sconvertingPage=https%3A%2F%2Fwww.nutaku.net%2Fsignup%2Flanding%2Fcrush-crush%2F4%2F%3Fats%3DeyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9%26apb%3Dab589cd00e8645c388175403245f1a776e2b%26atc%3D83431&suserAgent=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F74.0.3729.169+Safari%2F537.36&nvalue=1&nab=0&spostbackParams=ab589cd00e8645c388175403245f1a776e2b&sreferralDomain=securetrck-cd.com&sreferralPath=http%3A%2F%2Fsecuretrck-cd.com%2F%3Fa%3D83431%26c%3D122422%26oc%3D34561%26sr%3Dt%26vt%3D1571793138608%26h%3D2038345891b715f663a71d607723e3b0959e9bd5%26req%3Dhttp%253A%252F%252Ftrck.secureconv-cd.com%252F%253Fa%253D83431%2526c%253D122422&nadId=0&satlasJsVersion=1.3.12&_sscreen=1600+x+1200&_sbrowser=Chrome&_sbrowserVersion=74.0.3729.169&_bmobile=false&_sos=Mac+OS+X&_sosVersion=10_14_5&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US&_splugins=&_errors%5B%5D=100&_errors%5B%5D=%2C
Requested by
Host: cdn1-images.nutaku.com
URL: https://cdn1-images.nutaku.com/images/landing/js/vortex.modern.min.js?cache=20191022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.254.114.63 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b6edc4b0d8b690cddd394408a8e30035b6375ffd7c9d23e9d1f5e4ce32348492

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 23 Oct 2019 01:12:19 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
P3P
CP="MindGeek does not have a P3P policy."
Access-Control-Allow-Origin
https://www.nutaku.net
Cache-Control
no-cache, no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline
Content-Type
application/json
js
www.google-analytics.com/gtm/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TGJP8V4&cid=1772494613.1571793140&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e473e8b5f654eb2f91afaf1fff9a32ec4fd3f7bb2d711ebe1d48e7bfa420b16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 01:12:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23803
x-xss-protection
0
expires
Wed, 23 Oct 2019 01:12:19 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 11:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50035
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Mon, 21 Oct 2019 15:44:35 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 30 Oct 2019 11:18:24 GMT
collect
www.google-analytics.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=480921371&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nutaku.net%2Fsignup%2Flanding%2Fcrush-crush%2F4%2F%3Fats%3DeyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9%26apb%3Dab589cd00e8645c388175403245f1a776e2b%26atc%3D83431&dr=http%3A%2F%2Fsecuretrck-cd.com%2F%3Fa%3D83431%26c%3D122422%26oc%3D34561%26sr%3Dt%26vt%3D1571793138608%26h%3D2038345891b715f663a71d607723e3b0959e9bd5%26req%3Dhttp%253A%252F%252Ftrck.secureconv-cd.com%252F%253Fa%253D83431%2526c%253D122422&ul=en-us&de=UTF-8&dt=Crush%20Crush%20%7C%20Nutaku.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADS~&jid=1456110131&gjid=1866812884&cid=1772494613.1571793140&tid=UA-54476514-2&_gid=2019873857.1571793140&z=2063927254
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Oct 2019 14:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
472115
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-54476514-2&cid=1772494613.1571793140&jid=1456110131&gjid=1866812884&_gid=2019873857.1571793140&_u=aGBAgEADS~&z=314145110
Requested by
Host: www.nutaku.net
URL: https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nutaku.net/signup/landing/crush-crush/4/?ats=eyJhIjoxMjc3MSwiYyI6NTcxMTg1MTgsIm4iOjEsInMiOjEsImUiOjEwNTcsInAiOjF9&apb=ab589cd00e8645c388175403245f1a776e2b&atc=83431
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 23 Oct 2019 01:12:19 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| loadHtml5LightBox function| parseUri object| Base64 undefined| Cookies function| AtlasCookies object| atlas object| BES number| width number| height object| dataLayer string| gaProperty string| disableStr object| gaSettings string| GoogleAnalyticsObject function| _gaTracker function| setCookie function| setCookieGame object| iOSdefaultRedirects object| inactiveRedirects object| isMobile function| redirectTo function| iOSredirect string| redirectArray object| obj object| getLandingTile string| cleanURL string| urlParams string| titleID function| runUtm function| applyUtm object| all_links object| html5Lightbox undefined| atstrackPiece function| callback object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_optimize object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

12 Cookies

Domain/Path Name / Value
.nutaku.net/ Name: _gid
Value: GA1.2.2019873857.1571793140
www.nutaku.net/ Name: NUTAKUID
Value: a9ad1509402b1308dcbeaece93167334
.nutaku.net/ Name: _ga
Value: GA1.2.1772494613.1571793140
.nutaku.net/ Name: _gat
Value: 1
.nutaku.net/ Name: atsm
Value: 878f8c3b-65c4-4352-bd2d-09b28853b0ae
.nutaku.net/ Name: atstrack
Value: eyJhZmZVcmwiOiJudXRha3UubmV0IiwiYWZmQ29kZSI6ImV5SmhJam94TWpjM01Td2liaUk2TVN3aWN5STZNU3dpWlNJNk1UQTFOeXdpY0NJNk1Td2lZMjRpT2lJNE16UXpNU0o5IiwibmV0d29ya0NvZGUiOiJOVEsiLCJVSUQiOiI3N2VlYTA1Yy0yZDlkLTRlODItYTJkYy0zMzZkYWNmYWYzYmUiLCJTVUlEIjoiODc4ZjhjM2ItNjVjNC00MzUyLWJkMmQtMDliMjg4NTNiMGFlIiwiZGF0YSI6eyJ2YWx1ZSI6MSwiYWIiOjAsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJwb3N0YmFja1BhcmFtcyI6ImFiNTg5Y2QwMGU4NjQ1YzM4ODE3NTQwMzI0NWYxYTc3NmUyYiIsInJlZmVycmFsRG9tYWluIjoic2VjdXJldHJjay1jZC5jb20iLCJyZWZlcnJhbFBhdGgiOiJodHRwOi8vc2VjdXJldHJjay1jZC5jb20vP2E9ODM0MzEmYz0xMjI0MjImb2M9MzQ1NjEmc3I9dCZ2dD0xNTcxNzkzMTM4NjA4Jmg9MjAzODM0NTg5MWI3MTVmNjYzYTcxZDYwNzcyM2UzYjA5NTllOWJkNSZyZXE9aHR0cCUzQSUyRiUyRnRyY2suc2VjdXJlY29udi1jZC5jb20lMkYlM0ZhJTNEODM0MzElMjZjJTNEMTIyNDIyIiwiYWRJZCI6MH0sImRlZmF1bHRDb2RlIjoiZXlKaElqb3pMQ0pqSWpvekxDSndJam96TENKdUlqb3hMQ0p6SWpveExDSmxJam94TURVM2ZRPT0iLCJzdGVwcyI6Inw7YXU7Zzt2O3QiLCJkaXNhYmxlIjpmYWxzZSwidm9ydGV4ZGF0YSI6eyJfc3NjcmVlbiI6IjE2MDAgeCAxMjAwIiwiX3Nicm93c2VyIjoiQ2hyb21lIiwiX3Nicm93c2VyVmVyc2lvbiI6Ijc0LjAuMzcyOS4xNjkiLCJfYm1vYmlsZSI6ZmFsc2UsIl9zb3MiOiJNYWMgT1MgWCIsIl9zb3NWZXJzaW9uIjoiMTBfMTRfNSIsIl9iY29va2llcyI6dHJ1ZSwiX3NmbGFzaFZlcnNpb24iOiJubyBjaGVjayIsIl9zbGFuZ3VhZ2VzIjoiZW4tVVMiLCJfc3BsdWdpbnMiOiIifSwidmlzaXRTdGFydCI6MTU3MTc5MzEzOTc2NiwiY29kZVR5cGUiOiJhdHMifQ==
.nutaku.net/ Name: atsd
Value: 878f8c3b-65c4-4352-bd2d-09b28853b0ae
.nutaku.net/ Name: ats
Value: eyJhIjoxMjc3MSwibiI6MSwicyI6MSwiZSI6MTA1NywicCI6MSwiY24iOiI4MzQzMSJ9
www.nutaku.net/ Name: Nutaku_GameID
Value: crush-crush
www.nutaku.net/ Name: RNLBSERVERID
Value: ded3464m
www.nutaku.net/ Name: Nutaku_Language
Value: en
.nutaku.net/ Name: atss
Value: 878f8c3b-65c4-4352-bd2d-09b28853b0ae

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atlas.etahub.com
cdn1-images.nutaku.com
gdmconvtrck.com
s.ytimg.com
securetrck-cd.com
stats.g.doubleclick.net
trck.secureconv-cd.com
www.google-analytics.com
www.nutaku.net
www.youtube.com
205.185.208.152
2a00:1450:4001:809::200e
2a00:1450:4001:815::200e
2a00:1450:400c:c00::9c
2a05:d018:483:6110:a5bf:b51c:de2e:bbc
2a05:d018:483:6110:aea0:a7da:f2eb:7245
2a05:d018:483:6130:2464:bd6c:b85f:35d9
64.210.149.51
66.254.114.63
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
1cd751561c832743d98ee64a2ff6ae236b49f5a0a12e3c1c6051d5fbbf3a33eb
1defa4633356c3c300f3af19f40281536eb43ee10f4ecbdbae240828614b4556
1e473e8b5f654eb2f91afaf1fff9a32ec4fd3f7bb2d711ebe1d48e7bfa420b16
612e3165bad5c61e0da5d7d752ea632442c6ad2b163c65044a0c4f3a1a1c7210
6a18eb89ea62f63de625c5b2e0c454999521b7cee243b17ca60dd8ed17fd7306
749bba656d925e7a51d1585685c14da690582f644999c5fbdb740d139ec2e94d
78616741145896295f97fdfa197df0fcd0eba93b43c219c5b01dbe7517b69dcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
ae694011ef4ad4d53400b84cb061c43db0ab87c46d4c3afd75a648d643a1146a
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b6edc4b0d8b690cddd394408a8e30035b6375ffd7c9d23e9d1f5e4ce32348492
c65c54901434c9165efbc5507e2a0fd16b25f279542e8e48c520937e21420b20
c78bb8c5767f45ec51cd24f156b6605951055a3d05aa28440cfa4bc42d45f816
c8ee23a4d09137d224a46806b9c229b11b74b489f788d27b253f5157e981ae25
ca62e4a78ef4ed5deff8b783e7bbf6c19d13780a385d7769e56ac971c8cf853a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e4442b19d699232a38c2799a56bb78bf0e84ca2c854fb382f666d1244229db57
e860b00dc33947623945bc11d144bad0161181b6643122baa9f4afb0a754d682
e8e63bbd53fdf46433a19b30aecbb64ca7b8e5846661ac0ea8c2cafc795a2bdd
f31ba54ebe17b046638e9f08ded3c2735c09febf26b88c6242ebc1d2dd4712c9