urlscan.io logo urlscan.io
SecurityTrails logo

hekyly.com Open in urlscan Pro
37.1.197.242  Public Scan

Go To Rescan Add Verdict Report
URL: https://hekyly.com/
Submission: On December 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 37.1.197.242, located in Germany and belongs to LEASEWEB-DE-FRA-10 Leaseweb Deutschland GmbH, DE. The main domain is hekyly.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on December 23rd 2024. Valid for: 3 months.
This is the only time hekyly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 37.1.197.242 28753 (LEASEWEB-...)
5 10 85.10.154.12 20857 (TRANSIP-A...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 94.76.232.19 29550 (SIMPLYTRA...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 185.24.69.222 51191 (XIRRA Xir...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
29 11
2    37.1.197.242 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10 Leaseweb Deutschland GmbH, DE)
hekyly.com
10    85.10.154.12 (Netherlands)

ASN20857 (TRANSIP-AS Signet B.V., NL)
PTR: 85-10-154-12.colo.transip.net
golfpoggiodeimedici.com
www.golfpoggiodeimedici.com
8    2606:4700:20::681a:6af (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.blastness.biz
3    2606:4700:10::6816:455f (United States)

ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com
static.elfsight.com
2    94.76.232.19 (United Kingdom)

ASN29550 (SIMPLYTRANSIT Team Blue Carrier Limited, GB)
PTR: 94-76-232-19.static.as29550.net
bcm-public.blastness.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
3    185.24.69.222 (Germany)

ASN51191 (XIRRA Xirra GmbH, DE)
PTR: shcha-f94b5.serverlet.com
www.bookingolf.it
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:10::ac43:1653 (United States)

ASN13335 (CLOUDFLARENET, US)
core.service.elfsight.com
storage.elfsight.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 golfpoggiodeimedici.com
golfpoggiodeimedici.com
www.golfpoggiodeimedici.com
145 KB
8 blastness.biz
cdn.blastness.biz — Cisco Umbrella Rank: 967992
489 KB
6 elfsight.com
apps.elfsight.com — Cisco Umbrella Rank: 24500
static.elfsight.com — Cisco Umbrella Rank: 14225
core.service.elfsight.com — Cisco Umbrella Rank: 15036
storage.elfsight.com — Cisco Umbrella Rank: 15458
213 KB
3 bookingolf.it
www.bookingolf.it
23 KB
2 gstatic.com
fonts.gstatic.com
44 KB
2 blastness.com
bcm-public.blastness.com — Cisco Umbrella Rank: 967705
12 KB
2 hekyly.com
hekyly.com
91 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2020
29 9
Domain Requested by
8 cdn.blastness.biz hekyly.com
5 www.golfpoggiodeimedici.com hekyly.com
5 golfpoggiodeimedici.com 5 redirects
3 www.bookingolf.it hekyly.com
cdn.blastness.biz
2 storage.elfsight.com static.elfsight.com
2 fonts.gstatic.com fonts.googleapis.com
2 bcm-public.blastness.com hekyly.com
bcm-public.blastness.com
2 static.elfsight.com hekyly.com
apps.elfsight.com
2 hekyly.com hekyly.com
1 core.service.elfsight.com apps.elfsight.com
1 fonts.googleapis.com hekyly.com
1 kit.fontawesome.com hekyly.com
1 apps.elfsight.com 1 redirects
29 13
Subject Issuer Validity Valid
hekyly.com
ZeroSSL ECC Domain Secure Site CA		 2024-12-23 -
2025-03-23		 3 months crt.sh
blastness.biz
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
bcm-public.blastness.com
R11		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
bookingolf.it
R11		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
elfsight.com
WE1		 2024-12-03 -
2025-03-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hekyly.com/
Frame ID: EF2ADA034D027DD978E9CDAD2D37DCF7
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prenota Poggio dei Medici Golf Club, Mugello, dal sito ufficiale

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

29
Requests

79 %
HTTPS

60 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

1017 kB
Transfer

2067 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784 HTTP 301
  • https://www.golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784
Request Chain 3
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js
Request Chain 4
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png HTTP 301
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png
Request Chain 5
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png HTTP 301
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png
Request Chain 6
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png HTTP 301
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png
Request Chain 30
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico HTTP 301
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hekyly.com/ 		91 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hekyly.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
37.1.197.242 , Germany, ASN28753 (LEASEWEB-DE-FRA-10 Leaseweb Deutschland GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
190fd8ffc90d12c3833239bb6962abc5ba951bb49f5c123204c1e0d434c555b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 24 Dec 2024 21:03:51 GMT
ETag
W/"67696268-16c3a"
Last-Modified
Mon, 23 Dec 2024 13:15:20 GMT
Server
nginx/1.18.0
Transfer-Encoding
chunked
altlogo.png
www.golfpoggiodeimedici.com/loghi/995/
Redirect Chain
  • https://golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784
  • https://www.golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784
122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Server
85.10.154.12 , Netherlands, ASN20857 (TRANSIP-AS Signet B.V., NL),
Reverse DNS
85-10-154-12.colo.transip.net
Software
nginx / PleskLin
Resource Hash
4740fb9a1a5a0883900c1a40384956d96d2e9bf011064c024726d6244410d9d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
max-age=2592000, public
etag
"6304a510-1e87c"
expires
Thu, 23 Jan 2025 21:03:51 GMT
accept-ranges
bytes
content-length
125052
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/png
last-modified
Tue, 23 Aug 2022 09:59:44 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

location
https://www.golfpoggiodeimedici.com/loghi/995/altlogo.png?fv=1661248784
content-length
162
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html
server
nginx
1600_campodagolf08.webp
cdn.blastness.biz/media/629/top/thumbs/full/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blastness.biz/media/629/top/thumbs/full/1600_campodagolf08.webp
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390c684e5ebed5aba1228f4844ad7061bb6f04aae020c64f8c825654288b8d2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
Ksr4c4KYp2Pn6eezMCdx6w==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DA84F1E9D53A04
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BjVZIckfgcS6kQnWQ0B7AxQKE%2F6TgQUNQ1T4LIQWIkoJtZzg9PcE2I3qOcLbZ%2BY48DPHhMuuYHfErKaw5Hx9a4oAukJTTE%2BMtdEjcuCkfAAODR12iuw7thEuF4Z%2FpNLWyjtOqI4ONlBpD0ydJC2"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20409&min_rtt=20223&rtt_var=1110&sent=27&recv=22&lost=0&retrans=0&sent_bytes=17096&recv_bytes=2901&delivery_rate=517537&cwnd=257&unsent_bytes=0&cid=aae0a26de22eebd1&ts=88&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/webp
last-modified
Tue, 23 Aug 2022 10:26:17 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
9a1e7c17-d01e-006b-104f-557a00000000
cf-ray
8f738a5a9b8bd266-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
152590
x-ms-blob-type
BlockBlob
server
cloudflare
1024_campi07.webp
cdn.blastness.biz/media/629/gallery/thumbs/full/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blastness.biz/media/629/gallery/thumbs/full/1024_campi07.webp
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd93571b1719f65d6f5da510768786a53be3a4832f6c73f955a7d88282b9a365

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
vMBoR+FAC2AUSmpxf5IjSw==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DA84FF1D6EAF53
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYg7O61RIk5pf60e%2BtOkv9E9Cs%2Bn2LFyObZg%2F1%2B1U7tMeXuArsyInim3vj2QokNBqSGdec3HSmmbI8yxS4iyy8vadeGj99al9MO%2FYxs5lgvSyIbXRXtoy2ZOP8kq3sYTBHBhRzXmnVAWWyszzJ9c"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20409&min_rtt=20223&rtt_var=1110&sent=76&recv=22&lost=0&retrans=0&sent_bytes=74429&recv_bytes=2901&delivery_rate=517537&cwnd=257&unsent_bytes=31872&cid=aae0a26de22eebd1&ts=106&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/webp
last-modified
Tue, 23 Aug 2022 12:00:47 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
ac48f77f-d01e-00e3-504f-55c2d9000000
cf-ray
8f738a5a9b8dd266-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77796
x-ms-blob-type
BlockBlob
server
cloudflare
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H3
Server
2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3683573ca9aed96de046a908b26c1928197f225bd7c9cbd610e6421294d437f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
age
982
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:03:51 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
priority
u=3,i=?0
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security
max-age=0
cache-control
max-age=3600
x-amz-request-id
tx0000086ccfd3f5cdac705-00674ad123-6afdf9be-sfo2a
cf-ray
8f738a5abb7865ce-FRA
server
cloudflare

Redirect headers

strict-transport-security
max-age=0
cache-control
max-age=3600
location
https://static.elfsight.com/platform/platform.js
cf-ray
8f738a5a7b4165ce-FRA
expires
Tue, 24 Dec 2024 22:03:51 GMT
alt-svc
h3=":443"; ma=86400
content-length
167
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
9.png
www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/
Redirect Chain
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Server
85.10.154.12 , Netherlands, ASN20857 (TRANSIP-AS Signet B.V., NL),
Reverse DNS
85-10-154-12.colo.transip.net
Software
nginx / PleskLin
Resource Hash
e686e2b44078e668e56a8334515fb8b638cf2006e6d21f94bd666a38336cc639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
max-age=2592000, public
etag
"614dca0b-1c8a"
expires
Thu, 23 Jan 2025 21:03:51 GMT
accept-ranges
bytes
content-length
7306
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/png
last-modified
Fri, 24 Sep 2021 12:52:27 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

location
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/9.png
content-length
162
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html
server
nginx
1.png
www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/
Redirect Chain
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Server
85.10.154.12 , Netherlands, ASN20857 (TRANSIP-AS Signet B.V., NL),
Reverse DNS
85-10-154-12.colo.transip.net
Software
nginx / PleskLin
Resource Hash
1593123e34dacaee7af007012a93ab7116b21931e5d242d5f59f0665a30be355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
max-age=2592000, public
etag
"614dca07-1a29"
expires
Thu, 23 Jan 2025 21:03:51 GMT
accept-ranges
bytes
content-length
6697
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/png
last-modified
Fri, 24 Sep 2021 12:52:23 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

location
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/1.png
content-length
162
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html
server
nginx
6.png
www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/
Redirect Chain
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Server
85.10.154.12 , Netherlands, ASN20857 (TRANSIP-AS Signet B.V., NL),
Reverse DNS
85-10-154-12.colo.transip.net
Software
nginx / PleskLin
Resource Hash
e94a1cb3b92d2290caf8b83ebb8aeebcc0183c1c11e2c1332ac9964f4727f051

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
max-age=2592000, public
etag
"614dca0a-1622"
expires
Thu, 23 Jan 2025 21:03:51 GMT
accept-ranges
bytes
content-length
5666
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/png
last-modified
Fri, 24 Sep 2021 12:52:26 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

location
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/meteo/6.png
content-length
162
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html
server
nginx
init.js
bcm-public.blastness.com/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcm-public.blastness.com/init.js?v=2&l=ita
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.76.232.19 , United Kingdom, ASN29550 (SIMPLYTRANSIT Team Blue Carrier Limited, GB),
Reverse DNS
94-76-232-19.static.as29550.net
Software
nginx / PHP/7.4.33, PleskLin
Resource Hash
d204d7a3083d90a09732c8fe70fd22f716d71f85d5865e07bdb3831ce82cbffc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
-1
content-length
11485
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
PHP/7.4.33, PleskLin
server
nginx
vary
Accept-Encoding,User-Agent
libraries.min.css
cdn.blastness.biz/assets/995/templates/jason/public/assets/css/ 		47 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.blastness.biz/assets/995/templates/jason/public/assets/css/libraries.min.css?v=20241124224302
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547209f6f2392752bae40b4943f94a8fa78362039a5d0224c9d347a65e5a04c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
Cef5v8LPDNOCS+Y6b4W/ww==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
REVALIDATED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BBalOMtn4uj2gN2kfh1iN%2B4gv4QDzRKBYhISDD1li2k%2BM6YKDUCMOGiJ90lKmAQdjgJlgYemoTjV7ieqhp1uAwvx1wiBqxFoE31iyUlOnFYrn4%2B4dabLQu1O6QsaGMva78Wx39iMvcDyajv9PQs"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20362&min_rtt=20223&rtt_var=3323&sent=8&recv=14&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2615&delivery_rate=196217&cwnd=253&unsent_bytes=0&cid=aae0a26de22eebd1&ts=49&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/css
last-modified
Sun, 24 Nov 2024 21:43:02 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
f894091f-c01e-0074-7c4d-49a110000000
cf-ray
8f738a5a9b89d266-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
style.min.css
cdn.blastness.biz/assets/995/templates/jason/public/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.blastness.biz/assets/995/templates/jason/public/assets/css/style.min.css?v=20241124224302
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
450a316817081038ff5211c8ee7375f627939669fce172075798ed5ac9d4f35d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
uWTf/Hfo/09fYk6E2f3NpA==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
REVALIDATED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWAav9TW3d2U9Iy4N22l3GM9qx9dK%2Bw%2BOqPT5%2BAHAf2tnImpRvOV01aGqZhuQRf%2BLVJDZkcZpK8QvKxILmjlYnFlIxwNg7kK8INQaQurXjnN3lT0CzYzTcZ9yzclHulY%2FByFif3najX%2Fp%2FPgNS0k"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20409&min_rtt=20223&rtt_var=1110&sent=18&recv=22&lost=0&retrans=0&sent_bytes=10301&recv_bytes=2901&delivery_rate=517537&cwnd=257&unsent_bytes=0&cid=aae0a26de22eebd1&ts=86&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/css
last-modified
Sun, 24 Nov 2024 21:43:02 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
7f8467e8-401e-0065-5c5b-4e960b000000
cf-ray
8f738a5a9b8cd266-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
libraries.min.js
cdn.blastness.biz/assets/995/templates/jason/public/assets/js/ 		514 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blastness.biz/assets/995/templates/jason/public/assets/js/libraries.min.js?v=20241124224302
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be2b89cfb78a935b8dad7749090cb8d06dc9abb128aa6f4d89133d4ea10a178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
PbUC3iWqJzlMadycQKmy1g==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
REVALIDATED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBAfHAC2xxE9YsQ0gt%2BCaBgf2V%2FmrammU11QhErgnZ%2FktH8KHoAoNlwvNNDTlsD9zZCBYu%2FMxZ5yjitevF5p%2BRbegkRh3F3HM7Oz%2BWXxLVyHEtc%2FqKdGx28u3hmrjjJQZTjnnDwf%2FokzRseCkoxd"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20739&min_rtt=20223&rtt_var=193&sent=221&recv=111&lost=0&retrans=0&sent_bytes=254008&recv_bytes=2901&delivery_rate=6649590&cwnd=341&unsent_bytes=0&cid=aae0a26de22eebd1&ts=162&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/javascript
last-modified
Sun, 24 Nov 2024 21:43:02 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
7352e5bc-701e-00c7-514d-495b97000000
cf-ray
8f738a5adc02d266-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
main.min.js
cdn.blastness.biz/assets/995/templates/jason/public/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blastness.biz/assets/995/templates/jason/public/assets/js/main.min.js?v=20241124224302
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c10a394888792fc385849f24e097ddd595961cb78e89b150a727fdc2848685e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
fFHmxUYFKbpb2Ayo+WQlnQ==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
REVALIDATED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3fofvnHQ%2FvB%2BO6Jf9lZt0%2B5Ounq6WJuFW4QGzT1sGrQfcspWU6kQkfoUsIgU7YcceoSS3TKJyREe7CeJheRSkoCpe7jRLz6gWcNwYAO3jD%2FuOQLL%2BA7ADm%2BBn4UqgR2zqJE4toxcC2%2FtevyBji9"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20578&min_rtt=20223&rtt_var=168&sent=216&recv=76&lost=0&retrans=0&sent_bytes=250389&recv_bytes=2901&delivery_rate=3896141&cwnd=275&unsent_bytes=0&cid=aae0a26de22eebd1&ts=150&x=0"
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/javascript
last-modified
Sun, 24 Nov 2024 21:43:02 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
55b35e35-a01e-00ce-254d-494119000000
cf-ray
8f738a5adc04d266-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
b2b72134a1.js
kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b2b72134a1.js
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hekyly.com
Referer
https://hekyly.com/

Response headers

access-control-max-age
3000
x-request-id
GBQ40iUGbDcTBfeeMr-B
cache-control
max-age=0, private, must-revalidate
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
cf-ray
8f738a5b3d2edbbf-FRA
access-control-allow-origin
*
content-length
22
date
Tue, 24 Dec 2024 21:03:51 GMT
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
widget.js
www.bookingolf.it/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bookingolf.it/widget.js?key=f1ac192c77fe90f942def29c50df0d85
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.69.222 , Germany, ASN51191 (XIRRA Xirra GmbH, DE),
Reverse DNS
shcha-f94b5.serverlet.com
Software
nginx / PleskLin
Resource Hash
1ca5132939bd245adb75df6a6d1fa0eb5a45aefe8176651c0cc27ce34590b222

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-encoding
br
date
Tue, 24 Dec 2024 21:03:51 GMT
etag
W/"5e6b9b3a-cf8"
content-type
application/javascript
last-modified
Fri, 13 Mar 2020 14:39:54 GMT
server
nginx
x-powered-by
PleskLin
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Libre+Franklin:ital,wght@0,400;0,600;1,400;1,600&display=swap
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6ea355545ab0971abbb6d1e70cde78b28d5043f405c1a6fea024498db4f593c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 21:03:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 21:03:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		116 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32f2991f1c8c186227591ac36490abcabe6d700a08cc4ceebf84de06f73cc248

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		116 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3301bcf1c3735e2c9d96b8d78966159a99be152ca11906972553340612e4fa97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		116 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66f0d9cf9a26c4ca296a0b4729a8a7235c1b57d0f0c8a8e2371258c55ec0b4b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
core.service.elfsight.com/p/boot/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fhekyly.com%2F&w=54aea3b7-2f33-4f03-b3e3-35d659d50cbd
Requested by
Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96dc88f6d2f63aaf2a9f0a454a76fa9a28ee9a30fc66721d6e59a735d51ca744
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"13c1-e9nZ7sWD5GOq0sy1Uy+ZWocSoy4"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
x-dns-prefetch-control
on
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8f738a5b6d709bbc-FRA
access-control-allow-origin
https://hekyly.com
x-xss-protection
0, 1; mode=block
origin-agent-cluster
?1
cf-apo-via
origin,host
server
cloudflare
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v18/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Libre+Franklin:ital,wght@0,400;0,600;1,400;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hekyly.com
Referer
https://fonts.googleapis.com/

Response headers

age
588292
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 01:38:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:38:59 GMT
last-modified
Thu, 26 Sep 2024 23:07:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29336
x-xss-protection
0
server
sffe
j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw7FYWqXNRU.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v21/j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw7FYWqXNRU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre&family=Libre+Franklin:ital,wght@0,400;0,600;1,400;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cfeb2d88676c34e809478975c1cd25da6b5869867ae86c80f822b9a4ce7c329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hekyly.com
Referer
https://fonts.googleapis.com/

Response headers

age
45533
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 08:24:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 08:24:58 GMT
last-modified
Thu, 11 Apr 2024 18:31:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15324
x-xss-protection
0
server
sffe
processInit.js
bcm-public.blastness.com/ 		31 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bcm-public.blastness.com/processInit.js?p=eyJkb21haW4iOiJoZWt5bHkuY29tIiwicXVlcnlQYXJhbUJvb2tpbmdWYWx1ZSI6IiIsInF1ZXJ5UGFyYW1Cb29raW5nR3JvdXBWYWx1ZSI6IiIsInF1ZXJ5UGFyYW1Cb29raW5nVHlwZSI6IiIsImlzQm9va2luZyI6ZmFsc2UsImxhbmd1YWdlIjoiaXRhIiwiY2xpZW50SUQiOiIxNzM1MDc0MjMxNzUwMTM1MCIsImNvb2tpZUV4aXN0IjpmYWxzZSwidmVydGljYUFkd0NvZGUiOiIiLCJ2ZXJ0aWNhQ29kQ29udiI6IiIsInJlZmVycmFsIjoiIiwiaW5pdGlhbENvb2tpZVZhbHVlIjoiIiwiY292ZXJzaW9uRGF0YSI6Im51bGwiLCJnY2xpZCI6IiIsIm1zY2xraWQiOiIiLCJ2ZXJ0aWNhQmluZ0NvZGUiOiIiLCJ2YWx1ZUNyb3NzRG9tYWluQmluZyI6IiIsInljbGlkIjoiIiwidmVydGljYVlhbmRleENvZGUiOiIiLCJ2YWx1ZUNyb3NzRG9tYWluWWFuZGV4IjoiIiwiY29va2llTmFtZSI6Il9CTF9HRkMiLCJjdXJyZW50UGFnZSI6Imh0dHBzOi8vaGVreWx5LmNvbS8iLCJjdXJyZW50Q3VycmVuY3kiOm51bGx9&r=4427
Requested by
Host: bcm-public.blastness.com
URL: https://bcm-public.blastness.com/init.js?v=2&l=ita
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.76.232.19 , United Kingdom, ASN29550 (SIMPLYTRANSIT Team Blue Carrier Limited, GB),
Reverse DNS
94-76-232-19.static.as29550.net
Software
nginx / PHP/7.4.33, PleskLin
Resource Hash
b937f4315f8c43adf37b16c30c6e8b98aa1399ef925b0d5f9979864cffe95f33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
-1
content-length
51
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
PHP/7.4.33, PleskLin
server
nginx
vary
Accept-Encoding,User-Agent
auth
www.bookingolf.it/widget/ 		23 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bookingolf.it/widget/auth
Requested by
Host: cdn.blastness.biz
URL: https://cdn.blastness.biz/assets/995/templates/jason/public/assets/js/libraries.min.js?v=20241124224302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.69.222 , Germany, ASN51191 (XIRRA Xirra GmbH, DE),
Reverse DNS
shcha-f94b5.serverlet.com
Software
nginx / PHP/7.3.33, PleskLin
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://hekyly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.33, PleskLin
server
nginx
vary
Accept-Encoding
instashow.js
static.elfsight.com/apps/instashow/stable/ba63134d8264f3997a1ca49e2fa5f04650f692b1/app/ 		653 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/apps/instashow/stable/ba63134d8264f3997a1ca49e2fa5f04650f692b1/app/instashow.js
Requested by
Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25478669da1cb19e470dfee67adc376058f486c917008315025f17936d239e8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7a6ef96e65f3310c2c7eafe0481aac1b"
age
978
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:03:51 GMT
x-rgw-object-type
Normal
content-type
application/javascript; charset=utf-8
last-modified
Mon, 23 Dec 2024 13:19:45 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
priority
u=3,i=?0
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security
max-age=0
cache-control
max-age=3600
x-amz-request-id
tx00000fe33f86213240adb-00676963c0-6caa9161-sfo2a
cf-ray
8f738a5ced0a65ce-FRA
server
cloudflare
miniball-white.png
www.bookingolf.it/public/frontend/images/search/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bookingolf.it/public/frontend/images/search/miniball-white.png
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.69.222 , Germany, ASN51191 (XIRRA Xirra GmbH, DE),
Reverse DNS
shcha-f94b5.serverlet.com
Software
nginx / PleskLin
Resource Hash
61a591560ce521e39a30fed409e431ff9034d40d5d577c1ebab8d72ebe1d39fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

etag
"5d4006e0-5618"
accept-ranges
bytes
content-length
22040
date
Tue, 24 Dec 2024 21:03:51 GMT
content-type
image/png
last-modified
Tue, 30 Jul 2019 08:59:12 GMT
server
nginx
x-powered-by
PleskLin
7fb7914781fd9104999c6d1d1f3574d5
storage.elfsight.com/api/v2/data/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://storage.elfsight.com/api/v2/data/7fb7914781fd9104999c6d1d1f3574d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-widget-token
Access-Control-Request-Method
GET
Origin
https://hekyly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
1
access-control-allow-headers
Authorization,Content-Type,Set-Cookie,x-csrf-token,X-Widget-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://hekyly.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8f738a5e1bbe3662-FRA
date
Tue, 24 Dec 2024 21:03:52 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
7fb7914781fd9104999c6d1d1f3574d5
storage.elfsight.com/api/v2/data/ 		82 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://storage.elfsight.com/api/v2/data/7fb7914781fd9104999c6d1d1f3574d5
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/instashow/stable/ba63134d8264f3997a1ca49e2fa5f04650f692b1/app/instashow.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5393d34895f2b7a475083fedbaf027ab6ceb4d23fb75b2e88813722f69f9dcfe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-widget-token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoiUFVCTElDIiwid2lkZ2V0UGlkIjoiNTRhZWEzYjctMmYzMy00ZjAzLWIzZTMtMzVkNjU5ZDUwY2JkIiwid2lkZ2V0UmV2aXNpb25QaWQiOiIyNDBiZDJlYi0yZDczLTQxYTYtOTM2Ny0zYWFkY2VlOWNlZGUiLCJhcHAiOiJpbnN0YWdyYW0tZmVlZCIsImFjY291bnRQaWQiOiI0MWU5NzljZS1jMjFiLTQwOTQtOTZmZS0yZjY3NDQyZTIyNDciLCJzdWIiOiI1NGFlYTNiNy0yZjMzLTRmMDMtYjNlMy0zNWQ2NTlkNTBjYmQiLCJ2ZXIiOiIyNDBiZDJlYi0yZDczLTQxYTYtOTM2Ny0zYWFkY2VlOWNlZGUiLCJpYXQiOjE3MzUwNzQyMzEsImV4cCI6MTczNTI0NzAzMX0.P3Y3tHDUz7-Zy4GIvN2j7T94R5SDelSOBDRt2kI-If0yugmqCpoA_2VnhKE5PXCZpT6CxCJ_jEsixA1Xw0hEDXgudlpi-hMnQF8Z_CVLZqg_GMZq-hhzYrt9STZBcB8JAVGOUUfQ7VABhDLMx7Q8PPuzkuFH0p-170X3pG3MhMJTFLMTc_0vpgvk-M89rVB0k4XER3q3ZpZBOP0DWxYuXUzo2qSIht6_qAzYt4EJPHVOlk_Jr0c4RVAKL6DAi0ssQqFkXlXcnRET5DFqZPHHvpvXr6w6j_bunh4aZafkR-nbWtSjgIQtW_zrHbhEYRCSbTIUZECFu2rFrgW6ly9MKDDZtSXSJu7-Xmwo3kn4HoXUQHQX_a9rfoHuIuoWpHGImPWHtBiLv9J_WRRq6AUm1kSv0vd1mtNEU4q_TV8MVVrZ0zjzM3K5O3zrsbw0sMyTzJlh63niCQv7jVJXJrT7RbIRi9uemxh95R5rzZtcvJY9Vvzrl8ffyvEMwsms8y5NRt-IPkQaOTD0waxLS7EHDOSsyhWubGc6tpeIe0ARbd_xob1pvd8RNUugJYWuQKG_zqUKIO0byZSW011w1udRTukf9Nr74RtMxic3I5O7ZUW-SYLmaLDCHfOt-9u2X6RqoeBDhWKC4Nq9qrf5HdE2f-ihQJYz6wBV1fFK2nhRmg0
Referer
https://hekyly.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 21:03:52 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Authorization,Content-Type,Set-Cookie,x-csrf-token,X-Widget-Token
strict-transport-security
max-age=0
cache-control
private, no-store
access-control-allow-credentials
1
cf-ray
8f738a5f6cc03662-FRA
access-control-allow-origin
https://hekyly.com
server
cloudflare
cf-apo-via
origin,host
logo.png
hekyly.com/loghi/995/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hekyly.com/loghi/995/logo.png?fv=1661248785
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
37.1.197.242 , Germany, ASN28753 (LEASEWEB-DE-FRA-10 Leaseweb Deutschland GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
38c14d821a362632294a6a934d739fc6f76cb34ffa4724111ff00b1f0e25453a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

ETag
"67696280-11e43"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73283
Date
Tue, 24 Dec 2024 21:03:51 GMT
Content-Type
image/png
Last-Modified
Mon, 23 Dec 2024 13:15:44 GMT
Server
nginx/1.18.0
1600_golf010.webp
cdn.blastness.biz/media/629/top/thumbs/full/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blastness.biz/media/629/top/thumbs/full/1600_golf010.webp
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5bf04d276a625ca05afe881daa300202f8912d1af78669cf2d0cf2538022468

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
w50ghxpqlpedSxzdRSsKWg==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DA84F23DE25B90
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBLOaFrVseUM%2BpHRfVxGC%2F5xMn2Udrz85pAbl2ulbgm3ZDP2piGHnO5X46Xa8ElhuZ6HiItPlrnMGhttOK20p6JM10saxJ85cj3fOKkQ1xdRWn3PyV0EnESkrxFyMFjglrnIHDg2IUfHz%2FLYe7S5"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=20903&min_rtt=20221&rtt_var=249&sent=395&recv=175&lost=0&retrans=0&sent_bytes=476485&recv_bytes=3070&delivery_rate=6649590&cwnd=397&unsent_bytes=0&cid=aae0a26de22eebd1&ts=614&x=0"
date
Tue, 24 Dec 2024 21:03:52 GMT
content-type
image/webp
last-modified
Tue, 23 Aug 2022 10:28:38 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
6acd8681-701e-0029-554f-555114000000
cf-ray
8f738a5de9dcd266-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
30612
x-ms-blob-type
BlockBlob
server
cloudflare
1600_campodagolf.webp
cdn.blastness.biz/media/629/top/thumbs/full/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blastness.biz/media/629/top/thumbs/full/1600_campodagolf.webp
Requested by
Host: hekyly.com
URL: https://hekyly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9195f013bb102f573db844c62631c92af22c52c305dcf10285ddaa531fb44b0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

content-md5
J244MlzveJSeLSHFJDhP+g==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DA84F320098A04
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSWkxQSRKtNl68l%2BdndsUtyh01jdO5s6qKxJPzrt3R70dhjxGguxOIMOxTK2biT3fL3JU241miwEX6IwMey1pCoFsFHnsJxNfNmMpqb%2FSO8MwbFqUbuq2TdsGNcr9NYhAP7kU229qOkNVsAxWNA7"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=21391&min_rtt=20221&rtt_var=457&sent=337&recv=164&lost=0&retrans=0&sent_bytes=403290&recv_bytes=3070&delivery_rate=6649590&cwnd=397&unsent_bytes=0&cid=aae0a26de22eebd1&ts=583&x=0"
date
Tue, 24 Dec 2024 21:03:52 GMT
content-type
image/webp
last-modified
Tue, 23 Aug 2022 10:34:57 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
08894f69-d01e-00c1-294f-55acef000000
cf-ray
8f738a5de9dfd266-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
72380
x-ms-blob-type
BlockBlob
server
cloudflare
favicon.ico
www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/
Redirect Chain
  • https://golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico
  • https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico
1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico
Protocol
H2
Server
85.10.154.12 , Netherlands, ASN20857 (TRANSIP-AS Signet B.V., NL),
Reverse DNS
85-10-154-12.colo.transip.net
Software
nginx / PleskLin
Resource Hash
09bd9e47c4a5a69f3d94c8fad252fb65f98ebe3173e81e1e96eba1780e2d6aa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hekyly.com/

Response headers

cache-control
max-age=2592000, public
etag
"61409d4f-47e"
expires
Thu, 23 Jan 2025 21:03:52 GMT
accept-ranges
bytes
content-length
1150
date
Tue, 24 Dec 2024 21:03:52 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 14 Sep 2021 13:02:07 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

location
https://www.golfpoggiodeimedici.com/templates/jason/public/assets/css/images/favicon.ico
content-length
162
date
Tue, 24 Dec 2024 21:03:52 GMT
content-type
text/html
server
nginx

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| addTitleToHTML_images object| addTitleToHTML_imagesTags object| addTitleToHTML_linkTags object| addTitleToHTML_links function| addTitleToHTML function| getLinkText function| removeTags function| sanitizeString function| getFirstText function| raf object| __core-js_shared__ object| core object| eapps object| bcSettings object| siteScripts object| siteScriptTypes object| labels object| cbScriptEventTriggered object| cbCookiesState object| cbSites string| cbClientID boolean| cbScriptInitialized function| e function| initializeScript function| bcConsentTag function| bcInit function| injectLinkCookie function| generateRandomID function| bcGetUrlParameterBooking function| bcGetSiteLanguage function| bcClearDomain function| bcAddScriptToPage function| bcFormatScript function| bcAddSiteScript function| bcAddSiteScriptType function| bcOpenCookieBannerPreferences function| bcOpenCookieBannerPreferences_close function| bcSaveCookieBannerPreferences function| bcParseInPageScripts function| addEventToPage function| triggerScript function| setGlobalCookieValues function| bcAddHeaderStyle function| bcOpenInfoPannel function| bcOpenCookieBannerPanel function| bcOpenCookieBannerContent function| bcOpenCookieBannerInfo function| bcOpenCookieBannerDetail function| bcAddClass function| bcRemoveClass function| bcHasClass function| bcOpenBanner function| bcCloseBanner function| bcSetCrossDomain function| bcSetWindowOpen function| bcExecuteWindowsOpen function| bcSetAllowLinker function| bcDecorateForm function| captureClickEvent function| fireClick function| bcAcceptOnEvent function| bcStopPropagation function| bcHasQueryParams function| bcCreateCookie function| bcAccessCookie function| bcOpenCookieBanner function| bcAddEventToButtons function| bcGetCurrency function| bcCheckConvertion function| checkModDelBooking function| bcErrorInject object| dataLayer function| initLazyLoading function| $ function| jQuery function| Swiper object| AOS function| Blazy object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| mySwiperTop function| prenota_one_calendar function| prenota function| jsQr function| video function| myFunction object| jQuery11240569107283430087 object| win object| param object| head object| style object| declarations function| popupwindow function| getParams function| check_widget object| instashow function| eappsInstagramFeed boolean| EappsInstagramFeedReady

1 Cookies

Domain/Path Name / Value
core.service.elfsight.com/ Name: elfsight_viewed_recently
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://kit.fontawesome.com/b2b72134a1.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://storage.elfsight.com/api/v2/data/7fb7914781fd9104999c6d1d1f3574d5
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
bcm-public.blastness.com
cdn.blastness.biz
core.service.elfsight.com
fonts.googleapis.com
fonts.gstatic.com
golfpoggiodeimedici.com
hekyly.com
kit.fontawesome.com
static.elfsight.com
storage.elfsight.com
www.bookingolf.it
www.golfpoggiodeimedici.com
185.24.69.222
2606:4700:10::6816:455f
2606:4700:10::ac43:1653
2606:4700:20::681a:6af
2606:4700:4400::ac40:93bc
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
37.1.197.242
85.10.154.12
94.76.232.19
09bd9e47c4a5a69f3d94c8fad252fb65f98ebe3173e81e1e96eba1780e2d6aa4
1593123e34dacaee7af007012a93ab7116b21931e5d242d5f59f0665a30be355
190fd8ffc90d12c3833239bb6962abc5ba951bb49f5c123204c1e0d434c555b2
1c10a394888792fc385849f24e097ddd595961cb78e89b150a727fdc2848685e
1ca5132939bd245adb75df6a6d1fa0eb5a45aefe8176651c0cc27ce34590b222
25478669da1cb19e470dfee67adc376058f486c917008315025f17936d239e8f
32f2991f1c8c186227591ac36490abcabe6d700a08cc4ceebf84de06f73cc248
3301bcf1c3735e2c9d96b8d78966159a99be152ca11906972553340612e4fa97
38c14d821a362632294a6a934d739fc6f76cb34ffa4724111ff00b1f0e25453a
390c684e5ebed5aba1228f4844ad7061bb6f04aae020c64f8c825654288b8d2f
3cfeb2d88676c34e809478975c1cd25da6b5869867ae86c80f822b9a4ce7c329
450a316817081038ff5211c8ee7375f627939669fce172075798ed5ac9d4f35d
4740fb9a1a5a0883900c1a40384956d96d2e9bf011064c024726d6244410d9d7
5393d34895f2b7a475083fedbaf027ab6ceb4d23fb75b2e88813722f69f9dcfe
547209f6f2392752bae40b4943f94a8fa78362039a5d0224c9d347a65e5a04c5
5be2b89cfb78a935b8dad7749090cb8d06dc9abb128aa6f4d89133d4ea10a178
61a591560ce521e39a30fed409e431ff9034d40d5d577c1ebab8d72ebe1d39fd
66f0d9cf9a26c4ca296a0b4729a8a7235c1b57d0f0c8a8e2371258c55ec0b4b7
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9195f013bb102f573db844c62631c92af22c52c305dcf10285ddaa531fb44b0e
96dc88f6d2f63aaf2a9f0a454a76fa9a28ee9a30fc66721d6e59a735d51ca744
a5bf04d276a625ca05afe881daa300202f8912d1af78669cf2d0cf2538022468
b937f4315f8c43adf37b16c30c6e8b98aa1399ef925b0d5f9979864cffe95f33
c3683573ca9aed96de046a908b26c1928197f225bd7c9cbd610e6421294d437f
c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b
d204d7a3083d90a09732c8fe70fd22f716d71f85d5865e07bdb3831ce82cbffc
e686e2b44078e668e56a8334515fb8b638cf2006e6d21f94bd666a38336cc639
e6ea355545ab0971abbb6d1e70cde78b28d5043f405c1a6fea024498db4f593c
e94a1cb3b92d2290caf8b83ebb8aeebcc0183c1c11e2c1332ac9964f4727f051
fd93571b1719f65d6f5da510768786a53be3a4832f6c73f955a7d88282b9a365