urlscan.io logo urlscan.io
SecurityTrails logo

www.gayo.capital Open in urlscan Pro
160.153.0.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gayo.capital/
Effective URL: https://www.gayo.capital/
Submission: On January 31 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 160.153.0.36, located in Amsterdam, Netherlands and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.gayo.capital.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2022. Valid for: a year.
This is the only time www.gayo.capital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 160.153.0.36 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:223... 16509 (AMAZON-02)
3 5 23.36.163.225 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
25 7
12    160.153.0.36 (Amsterdam, Netherlands)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 36.0.153.160.host.secureserver.net
www.gayo.capital
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2600:9000:223c:e200:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
mlq7guq4smkk.i.optimole.com
5    23.36.163.225 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:3500:18::1724:a292 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
Apex Domain
Subdomains		 Transfer
12 gayo.capital
www.gayo.capital
54 KB
7 optimole.com
mlq7guq4smkk.i.optimole.com
246 KB
5 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8856
img6.wsimg.com — Cisco Umbrella Rank: 11180
20 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12790
584 B
2 gstatic.com
fonts.gstatic.com
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
3 KB
25 6
Domain Requested by
12 www.gayo.capital 1 redirects www.gayo.capital
7 mlq7guq4smkk.i.optimole.com www.gayo.capital
3 img1.wsimg.com 3 redirects
2 events.api.secureserver.net img1.wsimg.com
2 fonts.gstatic.com fonts.googleapis.com
2 img6.wsimg.com www.gayo.capital
1 fonts.googleapis.com www.gayo.capital
25 7

This site contains no links.

Subject Issuer Validity Valid
www.gayo.capital
Cloudflare Inc ECC CA-3		 2022-12-15 -
2023-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.i.optimole.com
Amazon		 2022-04-12 -
2023-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.gayo.capital/
Frame ID: D4651D1DD20F1CC3422E38A9ACD5042D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Gayo Capital

Page URL History Show full URLs

  1. http://www.gayo.capital/ HTTP 301
    https://www.gayo.capital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
  • <link [^>]*href=(?:"|')[^"']*uploads/elementor/css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

388 kB
Transfer

706 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gayo.capital/ HTTP 301
    https://www.gayo.capital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 14
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gayo.capital/
Redirect Chain
  • http://www.gayo.capital/
  • https://www.gayo.capital/
57 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
28031ae64003c45661804393c3c491579d0c9b71bde51994fb9a3a11753a69ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
7921106058091c90-AMS
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 31 Jan 2023 08:26:42 GMT
expires
Fri, 03 Mar 2023 08:26:42 GMT
last-modified
Sun, 29 Jan 2023 15:19:01 GMT
server
cloudflare
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
uncached
x-cache-hit
MISS
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
7.4
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
HIT
CF-RAY
7921105f3a4d0e44-AMS
Cache-Control
public, max-age=2678400
Connection
keep-alive
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 31 Jan 2023 08:26:42 GMT
Expires
Fri, 03 Mar 2023 08:26:42 GMT
Location
https://www.gayo.capital/
Server
cloudflare
Transfer-Encoding
chunked
Vary
User-Agent, Accept-Encoding
X-Backend
local
X-Cache
uncached
X-Cache-Hit
MISS
X-Cacheable
YES:Forced
X-Cacheproxy-Retries
0/2
X-Content-Type-Options
nosniff
X-Php-Version
7.4
X-Xss-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		89 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e052d6c9efde5270fdafdbcdf0f9d9f084a6b5f27c05bbfa5396f4ca27087fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Jan 2023 08:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 08:26:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Jan 2023 08:26:43 GMT
autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
www.gayo.capital/wp-content/cache/autoptimize/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:43 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
x-backend
local
cf-cache-status
MISS
server
cloudflare
vary
User-Agent, Accept-Encoding
x-cache
uncached
content-type
text/html; charset=iso-8859-1
x-cache-hit
MISS
x-cacheproxy-retries
0/2
cf-ray
79211061faa91c90-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
post-7.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		1 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-7.css?ver=1643924925
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4448efd790188ae1b3a0901b4945e7a7b362953604f23110e97e6422de537b44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:45 GMT
x-php-version
7.4
server
cloudflare
etag
W/"594-5d72419327fd4-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061faaa1c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
global.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/global.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
550f7783864a15844b0a4473aa0cdbb3a54358589a0ed6a4ba3a62684c640fd3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"9946-5d7241948d251-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061faac1c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
post-37.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
b74c91109e668930c0cc5c37a0b1c21fde906a67f86deff0ed111eed7b3010b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 22:25:17 GMT
x-php-version
7.4
server
cloudflare
etag
W/"6135-5d7249bdd6adf-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061faae1c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
post-156.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		7 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-156.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
455491a08cb90a32303390e0f002fc054499ae5d039bc80dde38a21e71634503
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"1a1f-5d724194c1d25-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061faaf1c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
post-166.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-166.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
68cd6f4a7ca6682faba5b8d34ab9b57acb231f2406a4a856ab32a7eeedd61ada
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"3bc8-5d724194d0901-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061fab01c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
post-267.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		1 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-267.css?ver=1584866864
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
558ccc6b4d31e1f6142d4f767c0ff0fa10cb399d4b5c6a5b33c592a2e6ba0f1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 04 Feb 2022 00:47:31 GMT
x-php-version
7.4
server
cloudflare
etag
W/"55d-5d7269888aa88-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061fab11c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
jquery.min.js
www.gayo.capital/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Jan 2023 14:04:15 GMT
x-php-version
7.4
server
cloudflare
etag
W/"15e54-5f3171b845534;59ee221bccb99
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
79211061fab31c90-AMS
expires
Fri, 03 Mar 2023 08:26:42 GMT
cropped-Gayo-Capital-Site-Logo.png
mlq7guq4smkk.i.optimole.com/w:382/h:237/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:382/h:237/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/03/cropped-Gayo-Capital-Site-Logo.png
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
bd24f88c1fe8a13a5d3532f0ead2ce4b421f9631ea177fbd955f2364754ae7fd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:52:07 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
761676
x-cache
Hit from cloudfront
content-disposition
inline; filename="cropped-Gayo-Capital-Site-Logo.avif"
alt-svc
h3=":443"; ma=86400
content-length
6899
x-request-id
tQK3vuX1HXbr3qLi66Gyv
server
Optimole
accept-ch
ECT
etag
"8bV1W08vojDmami4Lb4LRGDa0ECyQv6XWwkAGfXkzTg/RImU5YmFmYjVmMDI2YzUwOGQ3NmQwNmNkMTkwNzY0MGU3Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
G-u5Y0muBd-4rA3FVY1EOZMVe8ltmeDZ-hzFkstPqsTGwptD9oBvgg==
expires
Mon, 22 Jan 2024 12:52:07 GMT
WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.jpeg
mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2021/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.jpeg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
2d7ed4ba11ae5a7f961aeb8eed79bc5a4966f5c6f2714c0da6dcb25e4f1a018c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 21:29:16 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1853847
x-cache
Hit from cloudfront
content-disposition
inline; filename="WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.avif"
alt-svc
h3=":443"; ma=86400
content-length
6807
x-request-id
GTx9frST7zlNzLc6iE2s3
server
Optimole
accept-ch
ECT
etag
"wa7lIo4XSnMRkMlLhNVFeH8Gd7RdF1tGjFxayfzSEis/RIjRhMGJiNDJlMWNkMGYyZThkN2VmNmUyNjA0OGZjOWU2Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
1ObKFII5bFD_NBM5Z8TzcU4xfhfiMK75j_yqaq5jN9uYAY1DbmeowA==
expires
Tue, 09 Jan 2024 21:29:16 GMT
1576583099247.jpeg
mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/04/1576583099247.jpeg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
fec4f012b6f15df1764263c916291b370cd3924110694a18fb0ac4cbb3e25ba6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 06:31:39 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1302904
x-cache
Hit from cloudfront
content-disposition
inline; filename="1576583099247.avif"
alt-svc
h3=":443"; ma=86400
content-length
2146
x-request-id
Cgf3Oz8CzLLXWY9RusaKs
server
Optimole
accept-ch
ECT
etag
"ZTWDH91rPwe0fBf3rdfMIMs0aQlPPyA8hoc6_gtWF7g/RIjZlY2IzMjk2N2M3MGFjZjgzYWUwZTc2NTJiYTgxZDI0Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
vZ4uOy1XMjRVcPkxR2dDI_k9cWXOSoc5fztBRRfkWiZ7bKzy11eD8Q==
expires
Tue, 16 Jan 2024 06:31:39 GMT
email-decode.min.js
www.gayo.capital/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jan 2023 11:05:52 GMT
server
cloudflare
etag
W/"63ce6a10-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
79211062f91d0e78-AMS
expires
Thu, 02 Feb 2023 08:26:43 GMT
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Tue, 31 Jan 2023 08:26:43 GMT
x-amz-request-id
FH0P3E93SF8PA32Y
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11347
x-amz-id-2
vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
last-modified
Tue, 29 Nov 2022 21:26:18 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Tue, 31 Jan 2023 08:26:43 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 31 Jan 2023 08:56:43 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
357
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
unused62
8096267
date
Tue, 31 Jan 2023 08:26:43 GMT
x-amz-request-id
RJ3J3PMANG6125DE
x-edgeconnect-midmile-rtt
8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7498
x-amz-id-2
nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
last-modified
Mon, 17 Jan 2022 17:21:37 GMT
etag
"ce554d2333f3801abafb32da18213ff7"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin
*
date
Tue, 31 Jan 2023 08:26:43 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 31 Jan 2023 08:56:43 GMT
autoptimize_76ed294697ba0986d233cdce961101a6.php
www.gayo.capital/wp-content/cache/autoptimize/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_76ed294697ba0986d233cdce961101a6.php
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:26:43 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
x-backend
local
cf-cache-status
MISS
server
cloudflare
vary
User-Agent, Accept-Encoding
x-cache
uncached
content-type
text/html; charset=iso-8859-1
x-cache-hit
MISS
x-cacheproxy-retries
0/2
cf-ray
792110635a220e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
optimole_lib_no_poly.min.js
mlq7guq4smkk.i.optimole.com/js-lib/v2/latest/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlq7guq4smkk.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea18434666cb331ff2385bdaefb771bcadabad7ccfaa07c7378a85c5870fe296

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 08:39:17 GMT
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 08:38:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
344847
etag
W/"1e72a1c676d4dee59558f50650d33c4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1039i03tvgi6tkDH4Vof6RPzzlo02DjqggWhaLXw58QwRAxdhLcqEw==
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gayo.capital
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 19:06:31 GMT
x-content-type-options
nosniff
age
48012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35660
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:07:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 19:06:31 GMT
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a6a9baade479a81772c2f5b0946e27f7549f8a4de920c2a1525a3b0916f1f7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0524a038576190ff5c9dbb1375914eb5b7f957a800c408e46a560a62f78d9b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
789e75d7e8661087b1720a05725a421ce9f6e1e0b93e05ecd39aa44e19831c56

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f33f30c5b80e5a0d3d791a454c8ee68b96b40988060d8d59bda75f74e892727

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
background2.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-JMjEKaBz/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-JMjEKaBz/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background2.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
d925fc9ee48c4ddf02971289a4fe9ba583d97f7bd749a5cbb2b201699d59eee3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 17:34:42 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1263121
x-cache
Hit from cloudfront
content-disposition
inline; filename="background2.webp"
alt-svc
h3=":443"; ma=86400
content-length
68100
x-request-id
EKRheGKaXu8jmODiAhkIZ
server
Optimole
accept-ch
ECT
etag
"b1nCHGZEjuhZXGF3XmQ5wj6W0ia8miP_8t_13gZ5HxI/RImMxNDU4MDdlZjZhZDA5ZjJjY2M0MTA3YzhlZTM0Y2ZhIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
yHVNjNIe0JKXP0b_uSTpQ-z9x0PKdFSNaZXjfIRsCvuFWEI1gbjmfA==
expires
Tue, 16 Jan 2024 17:34:42 GMT
background5.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-faIPSDaQ/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-faIPSDaQ/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background5.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
6f13801b8938b44f5f47a639c4ae884631810454b383e6a875efd690dce9d9af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 17:34:43 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1263120
x-cache
Hit from cloudfront
content-disposition
inline; filename="background5.webp"
alt-svc
h3=":443"; ma=86400
content-length
98712
x-request-id
KXsXmQIMP5fcqa9ULbLIz
server
Optimole
accept-ch
ECT
etag
"Q7LYxfmGQhNzZ6Y8aseXeRmvUmcc2z0VSFJ4ZImBtT8/RIjY0NWQ5MDM5YTQwZWM5M2YyNmQyZTcxYjEyNDNjODEwIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
mMz45SEsFXbJACofE3UZECpqBruTolv7y8soh5-moR1C96RScZ5Jug==
expires
Tue, 16 Jan 2024 17:34:43 GMT
background3.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-GTUdyktD/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-GTUdyktD/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background3.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
e146ff819a452b2fa35f47c7854383db7205a9b4bfda55611162a2559a8dcca0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 14:39:31 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1360032
x-cache
Hit from cloudfront
content-disposition
inline; filename="background3.webp"
alt-svc
h3=":443"; ma=86400
content-length
61870
x-request-id
EOED4E1JrYLF-hWzXS5BH
server
Optimole
accept-ch
ECT
etag
"-BqEXCVOFUKqW5i48x5mW24VogRqGJNnW_HFgMueXaQ/RIjBmYzhhZjhlOGJmMDUwMTEwYWE0Njk0YTU4ODllMGEwIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
_BRJQ_1TxyQGnT36vKNUyZBiM4LYjqE4uU3Qb43-brlGy_abEHTbdQ==
expires
Mon, 15 Jan 2024 14:39:31 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gayo.capital
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 06:43:46 GMT
x-content-type-options
nosniff
age
6177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 06:43:46 GMT
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1675153603263&dh=www.gayo.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&vci=2113346993&cv=2.0.1&z=94754318&vg=8da85949-d5d7-50c6-9e22-2b56b9a60b69&vtg=8da85949-d5d7-50c6-9e22-2b56b9a60b69&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%221b6d9e8c-86c8-9ec3-c141-9a3b53910e1b.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data19%22%2C%22xid%22%3A%2243129103%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22296%22%2C%22wp_alloptions_bytes%22%3A%22422072%22%7D&hit_id=0de7d7f3-14e8-5b9c-bb26-53657cdf22cf&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 31 Jan 2023 08:26:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://www.gayo.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1675153603303&dh=www.gayo.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&vci=2113346993&cv=2.0.1&z=470223671&vg=8da85949-d5d7-50c6-9e22-2b56b9a60b69&vtg=8da85949-d5d7-50c6-9e22-2b56b9a60b69&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%221b6d9e8c-86c8-9ec3-c141-9a3b53910e1b.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data19%22%2C%22xid%22%3A%2243129103%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22296%22%2C%22wp_alloptions_bytes%22%3A%22422072%22%7D&hit_id=e9d09e6f-6775-5df8-8ba0-091c4c55b36c&ht=perf&tce=1675153602599&tcs=1675153602544&tdc=1675153603301&tdclee=1675153603271&tdcles=1675153603271&tdi=1675153603271&tdl=1675153602859&tdle=1675153602544&tdls=1675153602544&tfs=1675153602543&tns=1675153602120&trqs=1675153602599&tre=1675153602728&trps=1675153602726&tles=1675153603301&tlee=0&nt=navigate&lcp=1007&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 31 Jan 2023 08:26:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://www.gayo.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| ecs_ajax_params object| optimoleData object| ElementorProFrontendConfig object| elementorFrontendConfig object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| tti

2 Cookies

Domain/Path Name / Value
.gayo.capital/ Name: _tccl_visitor
Value: 8da85949-d5d7-50c6-9e22-2b56b9a60b69
.gayo.capital/ Name: _tccl_visit
Value: 8da85949-d5d7-50c6-9e22-2b56b9a60b69

2 Console Messages

Source Level URL
Text
network error URL: https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_76ed294697ba0986d233cdce961101a6.php
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
img6.wsimg.com
mlq7guq4smkk.i.optimole.com
www.gayo.capital
160.153.0.36
23.36.163.225
2600:9000:223c:e200:2:6f7a:6f00:93a1
2a00:1450:4001:82f::2003
2a00:1450:400d:80c::200a
2a02:26f0:3500:18::1724:a292
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28031ae64003c45661804393c3c491579d0c9b71bde51994fb9a3a11753a69ad
2a6a9baade479a81772c2f5b0946e27f7549f8a4de920c2a1525a3b0916f1f7c
2d7ed4ba11ae5a7f961aeb8eed79bc5a4966f5c6f2714c0da6dcb25e4f1a018c
2f33f30c5b80e5a0d3d791a454c8ee68b96b40988060d8d59bda75f74e892727
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
4448efd790188ae1b3a0901b4945e7a7b362953604f23110e97e6422de537b44
455491a08cb90a32303390e0f002fc054499ae5d039bc80dde38a21e71634503
550f7783864a15844b0a4473aa0cdbb3a54358589a0ed6a4ba3a62684c640fd3
558ccc6b4d31e1f6142d4f767c0ff0fa10cb399d4b5c6a5b33c592a2e6ba0f1e
68cd6f4a7ca6682faba5b8d34ab9b57acb231f2406a4a856ab32a7eeedd61ada
6e052d6c9efde5270fdafdbcdf0f9d9f084a6b5f27c05bbfa5396f4ca27087fa
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6f13801b8938b44f5f47a639c4ae884631810454b383e6a875efd690dce9d9af
789e75d7e8661087b1720a05725a421ce9f6e1e0b93e05ecd39aa44e19831c56
a0524a038576190ff5c9dbb1375914eb5b7f957a800c408e46a560a62f78d9b6
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b74c91109e668930c0cc5c37a0b1c21fde906a67f86deff0ed111eed7b3010b7
bd24f88c1fe8a13a5d3532f0ead2ce4b421f9631ea177fbd955f2364754ae7fd
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d925fc9ee48c4ddf02971289a4fe9ba583d97f7bd749a5cbb2b201699d59eee3
e146ff819a452b2fa35f47c7854383db7205a9b4bfda55611162a2559a8dcca0
ea18434666cb331ff2385bdaefb771bcadabad7ccfaa07c7378a85c5870fe296
fec4f012b6f15df1764263c916291b370cd3924110694a18fb0ac4cbb3e25ba6