URL: https://desty.page/cemeidnplay
Submission Tags: slot online judi slot daftar slot game slot judi slot online daftar judi slot game slot online slot judi casino joker gaming slot joker gaming Search All
Submission: On November 21 via manual from ID — Scanned from DE

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 147.139.135.35, located in Jakarta, Indonesia and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN. The main domain is desty.page.
TLS certificate: Issued by TrustAsia TLS RSA CA on September 1st 2021. Valid for: a year.
This is the only time desty.page was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 147.139.135.35 45102 (CNNIC-ALI...)
2 2a00:1450:400... 15169 (GOOGLE)
2 79.133.177.227 24429 (TAOBAO Zh...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 52.222.206.178 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
5 149.129.200.49 45102 (CNNIC-ALI...)
1 35.163.255.27 16509 (AMAZON-02)
21 11
Domain Requested by
5 desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com desty.page
4 www.google-analytics.com desty.page
www.googletagmanager.com
www.google-analytics.com
3 desty.page desty.page
2 unpkg.com 1 redirects desty.page
2 static.desty.page desty.page
2 www.googletagmanager.com desty.page
1 api.amplitude.com cdn.amplitude.com
1 cdn.amplitude.com desty.page
1 connect.facebook.net desty.page
1 cdn.jsdelivr.net desty.page
21 10

This site contains links to these domains. Also see Links.

Domain
arenapoker.xyz
api.whatsapp.com
direct.lc.chat
ceme-idnplay.6te.net
line.me
www.facebook.com
Subject Issuer Validity Valid
www.desty.page
TrustAsia TLS RSA CA
2021-09-01 -
2022-08-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
static.desty.page
Encryption Everywhere DV TLS CA - G1
2021-09-02 -
2022-09-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-08-31 -
2021-11-29
3 months crt.sh
cdn.amplitude.com
Amazon
2020-11-18 -
2021-12-17
a year crt.sh
*.oss-ap-southeast-1.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-01-25 -
2022-02-26
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2020-02-18 -
2022-02-13
2 years crt.sh

This page contains 1 frames:

Primary Page: https://desty.page/cemeidnplay
Frame ID: 5FF8287C698D177BCAF7BC11B6D58EE1
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

ADAPOKER303 - CEME IDNPLAY - POKER CEME IDNPLAY | AGEN CEME IDNPLAY | DAFTAR CEME IDNPLAY | SITUS CEME IDNPLAY | APK CEME IDNPLAY

Page Statistics

21
Requests

95 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

1283 kB
Transfer

3052 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css HTTP 302
  • https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cemeidnplay
desty.page/
52 KB
52 KB
Document
General
Full URL
https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.139.135.35 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
7229e312406283cb770379f89a3bfa88a47bff8e72c68183b94d33696adf8d6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 21 Nov 2021 21:17:04 GMT
js
www.googletagmanager.com/gtag/
165 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L2DTPHLDMK
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fe9ff8f7899c9ea855d71f2970b7159cd65115f983f63adc4122757e9fbb9ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62046
x-xss-protection
0
expires
Sun, 21 Nov 2021 21:17:04 GMT
font_1905207_72fgsil8mr.css
static.desty.page/desty-app/
21 KB
14 KB
Stylesheet
General
Full URL
https://static.desty.page/desty-app/font_1905207_72fgsil8mr.css
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a4a9f62c01b999f0c51712b57120b6eead7ca3d00b303bdfa752653325333627

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 16:03:17 GMT
via
cache11.l2de2[0,0,304-0,H], cache9.l2de2[1,0], cache9.l2de2[1,0], cache10.de3[0,0,200-0,H], cache1.de3[1,0]
vary
Accept-Encoding
x-oss-request-id
619A6DC5DDD9CB30376577AC
content-md5
Q31KfcCTVJc8KelEFzu92Q==
age
18828
x-cache
HIT TCP_MEM_HIT dirn:12:842534285
x-oss-cdn-auth
success
x-swift-cachetime
21368
x-swift-savetime
Sun, 21 Nov 2021 16:07:09 GMT
content-encoding
gzip
content-length
13429
x-oss-object-type
Normal
last-modified
Tue, 02 Feb 2021 06:22:32 GMT
server
Tengine
etag
"437D4A7DC09354973C29E944173BBDD9"
access-control-max-age
0
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
16637690709074243157
eagleid
4f85b19516375294251551296e
x-oss-server-time
15
ali-swift-global-savetime
1637510597
countly.min.js
cdn.jsdelivr.net/npm/countly-sdk-web@latest/lib/
40 KB
14 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/countly-sdk-web@latest/lib/countly.min.js
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6ba3735ecc360351ed3fd7b3c43f81d59ae24fe13ecefc4bf7791e3b80fa44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
21855
x-jsd-version
20.11.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-mxp6948-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"a061-uaGNAJc0Eh40/NCY60y91tXCtK8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6b1cf15a99fa0dfe-MXP
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
958
date
Sun, 21 Nov 2021 21:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 21 Nov 2021 23:01:07 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
FTdbysMXVfg5kheiq0ZAy1o0XIXfHfV0Pb48wZKIe7DipofzQL//pUqsqek5S14ZTHHVF5v+vIAgR0Qbrv7vyA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 21 Nov 2021 21:17:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/
86 KB
34 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KCS86VZ
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a447efe6992a59fca3f3008a593080a0aed3c9f7012ca7dac9018a6ccd445bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34390
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Nov 2021 21:17:05 GMT
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/
68 KB
22 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-178.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer
https://desty.page/
Origin
https://desty.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 17:32:59 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
6234247
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22154
access-control-allow-origin
*
last-modified
Fri, 13 Aug 2021 22:37:42 GMT
server
AmazonS3
etag
"660c3b546f2a131de50b69b91f26c636"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
aV2N5L4ljJdErL7lCsTIMIxZ8bu134CY0nq47tgvNXFFD29qOT52hQ==
collect
www.google-analytics.com/g/
0
343 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L2DTPHLDMK&gtm=2oeba1&_p=848117456&sr=1600x1200&ul=en-us&cid=2052328396.1637529425&_s=1&dl=https%3A%2F%2Fdesty.page%2Fcemeidnplay&dt=ADAPOKER303%20-%20CEME%20IDNPLAY%20-%20POKER%20CEME%20IDNPLAY%20%7C%20AGEN%20CEME%20IDNPLAY%20%7C%20DAFTAR%20CEME%20IDNPLAY%20%7C%20SITUS%20CEME%20IDNPLAY%20%7C%20APK%20CEME%20IDNPLAY&sid=1637529425&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2DTPHLDMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desty.page/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Nov 2021 21:17:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desty.page
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.css
unpkg.com/element-ui@2.15.6/lib/theme-chalk/
Redirect Chain
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css
  • https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css
233 KB
37 KB
Stylesheet
General
Full URL
https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a22fbdbbb8db72c5eaace4af0fd5d0f2c97de98482237620739eea022d778f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
6962528
fly-request-id
01FEJNRNM1S60N4DEQ54APGZA9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3a424-lCwKtmrB77A0N2PuyUbmXKw/cfY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b1cf15bddd85995-MXP

Redirect headers

date
Sun, 21 Nov 2021 21:17:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FN25F5TDV0C951JNZXHQ6BRF
server
cloudflare
age
295
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/element-ui@2.15.6/lib/theme-chalk/index.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b1cf15b7c8c5995-MXP
access-control-allow-origin
*
app.3d6dd23eae4f885e5c69.css
desty.page/public/
401 KB
55 KB
Stylesheet
General
Full URL
https://desty.page/public/app.3d6dd23eae4f885e5c69.css
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.139.135.35 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
727bba8c52a3b16b1b8ed11287300eb4357eb2695ada4e1bf3a25b495c80ebf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/cemeidnplay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 11:05:49 GMT
server
nginx
etag
W/"6425e-17d32b95ec8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
app.b09f7a8f61a1d114dee8.js
desty.page/public/
1 MB
358 KB
Script
General
Full URL
https://desty.page/public/app.b09f7a8f61a1d114dee8.js
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.139.135.35 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
1e3bbd632dc5ac7e4ed7062e28071f3ef5a5b4c4ec487d09f85bee7555106042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/cemeidnplay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 21:17:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 11:05:49 GMT
server
nginx
etag
W/"137e29-17d32b95ec8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
52c5590673364b938d32f56a814d5026.jpg
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/desty-page/
78 KB
78 KB
Image
General
Full URL
https://desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/desty-page/52c5590673364b938d32f56a814d5026.jpg
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.129.200.49 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
fa1338f1bafdab4fb0eac215a5e9d437531f68f09ab8bc29b5e1c2d807098e58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Sun, 21 Nov 2021 21:17:06 GMT
x-oss-request-id
619AB752DDD9CB3131800416
Last-Modified
Thu, 25 Mar 2021 20:48:44 GMT
Server
AliyunOSS
Content-MD5
eJsu30281cX1DWgbJgt1KA==
ETag
"789B2EDF4DBCD5C5F50D681B260B7528"
Content-Type
image/jpeg
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7034869497054731014
Content-Length
79650
x-oss-server-time
3
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=848117456&t=pageview&_s=1&dl=https%3A%2F%2Fdesty.page%2Fcemeidnplay&ul=en-us&de=UTF-8&dt=ADAPOKER303%20-%20CEME%20IDNPLAY%20-%20POKER%20CEME%20IDNPLAY%20%7C%20AGEN%20CEME%20IDNPLAY%20%7C%20DAFTAR%20CEME%20IDNPLAY%20%7C%20SITUS%20CEME%20IDNPLAY%20%7C%20APK%20CEME%20IDNPLAY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1467350903&gjid=1310780360&cid=2052328396.1637529425&tid=null&_gid=1932717563.1637529425&_r=1&_slc=1&z=641874592
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://desty.page/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Nov 2021 21:17:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desty.page
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
destylogo-header.svg
static.desty.page/desty-app/img/homepage/
7 KB
4 KB
Image
General
Full URL
https://static.desty.page/desty-app/img/homepage/destylogo-header.svg
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
293ceae4fe6066bd15cb1ca6fdd0c5dd2c8161f0e41cf5ff55e9505716657d8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 18:38:02 GMT
via
cache11.l2de2[889,889,304-0,M], cache15.l2de2[893,0], cache15.l2de2[893,0], cache10.de3[0,0,200-0,H], cache1.de3[1,0]
x-oss-request-id
619A920ADDD9CB393992FEE8
content-md5
qPIjvEKlD9SRKiTDb/oMsg==
age
9543
x-cache
HIT TCP_MEM_HIT dirn:13:14052349
x-oss-cdn-auth
success
x-swift-cachetime
21600
x-swift-savetime
Sun, 21 Nov 2021 18:38:02 GMT
content-encoding
gzip
x-oss-object-type
Normal
last-modified
Wed, 27 Jan 2021 07:29:33 GMT
server
Tengine
etag
W/"A8F223BC42A50FD4912A24C36FFA0CB2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-credentials
true
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
16432984743121743690
eagleid
4f85b19516375294253651567e
x-oss-server-time
0
ali-swift-global-savetime
1637519882
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c89bbc9ae9f782d32bf941a5c7e5c29f627bb01ca7684b4a895953f783f32282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
b8244e6fada44646a46b12f486577ff9.png
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/desty-page/
21 KB
21 KB
Image
General
Full URL
https://desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/desty-page/b8244e6fada44646a46b12f486577ff9.png
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.129.200.49 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a8463d4199f13093f44d4414d3a2577a1f6e04790aa31b7fb7ed9fa5c4ebb4ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desty.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Sun, 21 Nov 2021 21:17:06 GMT
x-oss-request-id
619AB752DDD9CB3034970416
Last-Modified
Thu, 25 Mar 2021 20:37:05 GMT
Server
AliyunOSS
Content-MD5
YOwmcIQXXxbu7T+JXm+UxQ==
ETag
"60EC267084175F16EEED3F895E6F94C5"
Content-Type
image/png
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7367519165252640073
Content-Length
21151
x-oss-server-time
3
truncated
/
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f55f6a428a89b9536182ab7416be8e010f353030c409216a83bfe2f56b64c6a4

Request headers

Referer
Origin
https://desty.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
Lato-Regular.ttf
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/
117 KB
118 KB
Font
General
Full URL
https://desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/Lato-Regular.ttf
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.129.200.49 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Referer
https://desty.page/
Origin
https://desty.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 21 Nov 2021 21:17:06 GMT
x-oss-request-id
619AB7522FFB29363079E624
Content-MD5
f2kOUDolTguDSa7AF34Hqg==
Connection
keep-alive
Content-Length
120196
x-oss-object-type
Normal
Last-Modified
Sun, 20 Sep 2020 06:20:22 GMT
Server
AliyunOSS
ETag
"7F690E503A254E0B8349AEC0177E07AA"
Access-Control-Max-Age
0
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD
Content-Type
font/ttf
Access-Control-Allow-Origin
*
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3767834324827619151
x-oss-server-time
1
Cabin-Bold.ttf
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/
74 KB
75 KB
Font
General
Full URL
https://desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/Cabin-Bold.ttf
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.129.200.49 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2fb4679cc54451442332e6f41ad8936ab72bcc3a744a702c805f0ccc36d48e33

Request headers

Referer
https://desty.page/
Origin
https://desty.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 21 Nov 2021 21:17:06 GMT
x-oss-request-id
619AB7522FFB2934357CE624
Content-MD5
82Fo2l1rOPhyP6HyzK8ojw==
Connection
keep-alive
Content-Length
76216
x-oss-object-type
Normal
Last-Modified
Fri, 29 Oct 2021 07:19:27 GMT
Server
AliyunOSS
ETag
"F36168DA5D6B38F8723FA1F2CCAF288F"
Access-Control-Max-Age
0
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD
Content-Type
font/ttf
Access-Control-Allow-Origin
*
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8672268933244079067
x-oss-server-time
1
Inter-Regular.ttf
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/
281 KB
282 KB
Font
General
Full URL
https://desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com/fonts/Inter-Regular.ttf
Requested by
Host: desty.page
URL: https://desty.page/cemeidnplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.129.200.49 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780

Request headers

Referer
https://desty.page/
Origin
https://desty.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 21 Nov 2021 21:17:06 GMT
x-oss-request-id
619AB752D06C7B3433822225
Content-MD5
UVyudO7kkl1W5qxwwl/A9g==
Connection
keep-alive
Content-Length
287928
x-oss-object-type
Normal
Last-Modified
Sun, 20 Sep 2020 06:20:19 GMT
Server
AliyunOSS
ETag
"515CAE74EEE4925D56E6AC70C25FC0F6"
Access-Control-Max-Age
0
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD
Content-Type
font/ttf
Access-Control-Allow-Origin
*
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7343379509761728712
x-oss-server-time
1
/
api.amplitude.com/
7 B
168 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.255.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-255-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://desty.page/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Nov 2021 21:17:06 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L2DTPHLDMK&gtm=2oeba1&_p=848117456&sr=1600x1200&ul=en-us&cid=2052328396.1637529425&dl=https%3A%2F%2Fdesty.page%2Fcemeidnplay&dt=ADAPOKER303%20-%20CEME%20IDNPLAY%20-%20POKER%20CEME%20IDNPLAY%20%7C%20AGEN%20CEME%20IDNPLAY%20%7C%20DAFTAR%20CEME%20IDNPLAY%20%7C%20SITUS%20CEME%20IDNPLAY%20%7C%20APK%20CEME%20IDNPLAY&sid=1637529425&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2DTPHLDMK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desty.page/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Nov 2021 21:17:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desty.page
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Countly string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| dataLayer function| gtag object| amplitude object| google_tag_manager object| google_tag_data object| gaGlobal boolean| cly_crashes object| gaplugins object| gaData object| __AMPLITUDE__ object| __INITIAL_STATE__ function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate object| __core-js_shared__ object| regeneratorRuntime

7 Cookies

Domain/Path Name / Value
desty.page/ Name: _desty_unique
Value: 9854705
.desty.page/ Name: _ga
Value: GA1.2.2052328396.1637529425
.desty.page/ Name: _gid
Value: GA1.2.1932717563.1637529425
.desty.page/ Name: _gat
Value: 1
.desty.page/ Name: _gcl_au
Value: 1.1.872327706.1637529425
.desty.page/ Name: amp_dbbed3
Value: kUvXLKpc1AB8hadxC_ytf4...1fl25o5an.1fl25o679.1.0.1
.desty.page/ Name: _ga_L2DTPHLDMK
Value: GS1.1.1637529425.1.0.1637529427.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
cdn.amplitude.com
cdn.jsdelivr.net
connect.facebook.net
desty-upload-indonesia.oss-ap-southeast-5.aliyuncs.com
desty.page
static.desty.page
unpkg.com
www.google-analytics.com
www.googletagmanager.com
147.139.135.35
149.129.200.49
2606:4700::6810:5514
2606:4700::6810:7daf
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a03:2880:f01c:216:face:b00c:0:3
35.163.255.27
52.222.206.178
79.133.177.227
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780
1e3bbd632dc5ac7e4ed7062e28071f3ef5a5b4c4ec487d09f85bee7555106042
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
293ceae4fe6066bd15cb1ca6fdd0c5dd2c8161f0e41cf5ff55e9505716657d8f
2fb4679cc54451442332e6f41ad8936ab72bcc3a744a702c805f0ccc36d48e33
5fe9ff8f7899c9ea855d71f2970b7159cd65115f983f63adc4122757e9fbb9ee
7229e312406283cb770379f89a3bfa88a47bff8e72c68183b94d33696adf8d6f
727bba8c52a3b16b1b8ed11287300eb4357eb2695ada4e1bf3a25b495c80ebf6
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
85a22fbdbbb8db72c5eaace4af0fd5d0f2c97de98482237620739eea022d778f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a447efe6992a59fca3f3008a593080a0aed3c9f7012ca7dac9018a6ccd445bb0
a4a9f62c01b999f0c51712b57120b6eead7ca3d00b303bdfa752653325333627
a8463d4199f13093f44d4414d3a2577a1f6e04790aa31b7fb7ed9fa5c4ebb4ca
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af6ba3735ecc360351ed3fd7b3c43f81d59ae24fe13ecefc4bf7791e3b80fa44
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c89bbc9ae9f782d32bf941a5c7e5c29f627bb01ca7684b4a895953f783f32282
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f55f6a428a89b9536182ab7416be8e010f353030c409216a83bfe2f56b64c6a4
fa1338f1bafdab4fb0eac215a5e9d437531f68f09ab8bc29b5e1c2d807098e58