urlscan.io logo urlscan.io
SecurityTrails logo

144.202.112.134 Open in urlscan Pro
144.202.112.134  Public Scan

Go To Rescan Add Verdict Report
URL: http://144.202.112.134/
Submission: On July 21 via api from TW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 9 domains to perform 38 HTTP transactions. The main IP is 144.202.112.134, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is 144.202.112.134.
This is the only time 144.202.112.134 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 144.202.112.134 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
8 192.0.72.24 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 81.19.186.212 34282 (UKNOC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 3 23.210.248.108 16625 (AKAMAI-AS)
1 192.99.8.34 16276 (OVH)
3 104.108.35.88 16625 (AKAMAI-AS)
38 13
12    144.202.112.134 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.112.134.vultr.com
144.202.112.134
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
8    192.0.72.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
benuatg.files.wordpress.com
2    2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
2    2606:4700:3033::681b:acae (United States)

ASN13335 (CLOUDFLARENET, US)
www.gambaranimasi.org
1    81.19.186.212 (United Kingdom)

ASN34282 (UKNOC-AS, GB)
bocorantogel2020.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
3    23.210.248.108 (Netherlands)

ASN16625 (AKAMAI-AS, US)
cdn.livechatinc.com
1    192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
s4.histats.com
3    104.108.35.88 (Netherlands)

ASN16625 (AKAMAI-AS, US)
secure.livechatinc.com
Domain Requested by
8 benuatg.files.wordpress.com 144.202.112.134
4 fonts.gstatic.com 144.202.112.134
3 secure.livechatinc.com cdn.livechatinc.com
3 cdn.livechatinc.com 1 redirects 144.202.112.134
2 s10.histats.com 144.202.112.134
s10.histats.com
2 www.gambaranimasi.org 1 redirects 144.202.112.134
2 2.bp.blogspot.com 144.202.112.134
1 s4.histats.com s10.histats.com
1 bocorantogel2020.com 1 redirects
1 4.bp.blogspot.com 144.202.112.134
1 i0.wp.com 144.202.112.134
1 fonts.googleapis.com 144.202.112.134
38 12
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-01-14		 2 years crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-29 -
2020-10-09		 8 months crt.sh
*.livechatinc.com
DigiCert Secure Site ECC CA-1		 2020-03-12 -
2021-06-11		 a year crt.sh
histats.com
Let's Encrypt Authority X3		 2020-06-15 -
2020-09-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://144.202.112.134/
Frame ID: C5B75726305BD2A17041F8FC0712FFBD
Requests: 38 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/9342290/v2/open_chat.cgi?license=9342290&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: D390A7568D72DD946F2C6F3E3A0CF675
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.livechatinc\.com\/.*tracking\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

38
Requests

53 %
HTTPS

38 %
IPv6

9
Domains

12
Subdomains

13
IPs

6
Countries

2896 kB
Transfer

3079 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif HTTP 301
  • https://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif
Request Chain 24
  • http://bocorantogel2020.com/wp-content/uploads/2020/02/bhitam.jpg HTTP 301
  • http://144.202.112.134/wp-content/uploads/2020/02/bhitam.jpg
Request Chain 30
  • http://cdn.livechatinc.com/tracking.js HTTP 301
  • https://cdn.livechatinc.com/tracking.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
144.202.112.134/ 		99 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
d73141917e334151328a577cd05139c74a1333e45e44c92f0f8f8ba337e61f89

Request headers

Host
144.202.112.134
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:03 GMT
Server
Apache
X-Pingback
http://144.202.112.134/xmlrpc.php
Link
<http://144.202.112.134/wp-json/>; rel="https://api.w.org/", <http://144.202.112.134/>; rel=shortlink
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
wp-emoji-release.min.js
144.202.112.134/wp-includes/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 03:04:01 GMT
Server
Apache
ETag
"9ea30-364d-5a34b916f9e1d"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
13901
style.min.css
144.202.112.134/wp-includes/css/dist/block-library/ 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 06 May 2020 00:36:57 GMT
Server
Apache
ETag
"9e685-d159-5a4eff6260601"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
53593
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.4.2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ba28b820b6fe91cb1f1a03501afd124cbe966059dc0336bd7908973647305dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jul 2020 10:04:04 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 21 Jul 2020 10:04:04 GMT
genericons.css
144.202.112.134/wp-content/themes/frontier/includes/genericons/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 05:23:34 GMT
Server
Apache
ETag
"9e538-6e71-5a34d84807b06"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
28273
style.css
144.202.112.134/wp-content/themes/frontier/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
07fcb347186015e65edbd8fe1d3bba488e383769e063dc16907cfe8cef0c13bf

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 05:23:34 GMT
Server
Apache
ETag
"9e541-65db-5a34d848082d6"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
26075
responsive.css
144.202.112.134/wp-content/themes/frontier/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-content/themes/frontier/responsive.css?ver=1.3.3
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 05:23:34 GMT
Server
Apache
ETag
"9e540-d3c-5a34d84807eee"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3388
jquery.js
144.202.112.134/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 03:04:01 GMT
Server
Apache
ETag
"9e9bc-17a69-5a34b916e4e2d"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
96873
jquery-migrate.min.js
144.202.112.134/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:04 GMT
Last-Modified
Wed, 15 Apr 2020 03:04:01 GMT
Server
Apache
ETag
"9e9b6-2748-5a34b916e465d"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10056
Bocorantogel2020.COM_.png
144.202.112.134/wp-content/uploads/2020/05/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://144.202.112.134/wp-content/uploads/2020/05/Bocorantogel2020.COM_.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
ea66b1717190c865780c4c2c11ddc5b19972589f33572658bcd5cecacb433775

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Last-Modified
Mon, 18 May 2020 09:28:42 GMT
Server
Apache
ETag
"5ae2-36377-5a5e8c9f57cd4"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
222071
dewanews.gif
i0.wp.com/padepokanprediksi.com/wp-content/uploads/2020/03/ 		65 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/padepokanprediksi.com/wp-content/uploads/2020/03/dewanews.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
x-nc
HIT ams 6
date
Tue, 21 Jul 2020 10:04:05 GMT
server
nginx
content-type
text/html; charset=utf-8
diskontogel.gif
benuatg.files.wordpress.com/2020/03/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2020/03/diskontogel.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1f9d12e6dfd09043f6bdd07f4cc8118ce7a840066c3a9d7a831d17778e157a1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Mar 2020 07:10:04 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
20051
expires
Thu, 23 Jul 2020 09:36:43 GMT
bannerbaru.gif
benuatg.files.wordpress.com/2020/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2020/05/bannerbaru.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
29d452c193c486e59a5ba3b16f316800c9a5420b1d03454da110802b156ea0d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 05:56:56 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
27912
expires
Tue, 11 Aug 2020 17:03:15 GMT
bandarnalo4.gif
benuatg.files.wordpress.com/2020/04/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2020/04/bandarnalo4.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6554cc1d7be7d98c177066e8bda2575305300c63f1ab477aa9b23c5a573651b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 05:12:03 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
60851
expires
Fri, 14 Aug 2020 07:06:23 GMT
game2-animated__.gif
benuatg.files.wordpress.com/2020/04/ 		473 KB
474 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2020/04/game2-animated__.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
033452b75e9b1fa9306ddab1c15bc79184519f181113adaca88ef7e841182615
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Apr 2020 08:23:46 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
484591
expires
Wed, 22 Jul 2020 17:15:07 GMT
SYDNEY.png
2.bp.blogspot.com/-9wbCULf-Wp4/XKMJC1e_3iI/AAAAAAAAIiw/M6iorO6rUF0p5vxeMo0i0fhDV7HjAIS7ACLcBGAs/s1600/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-9wbCULf-Wp4/XKMJC1e_3iI/AAAAAAAAIiw/M6iorO6rUF0p5vxeMo0i0fhDV7HjAIS7ACLcBGAs/s1600/SYDNEY.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
94810c21751806a82cfafb286cb7dbf7232b43378c96c77924d15cbcb69412f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="SYDNEY.png"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80890
x-xss-protection
0
server
fife
etag
"v222f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jul 2020 16:57:51 GMT
SINGAPORE.png
2.bp.blogspot.com/-yS6fAeeHqTc/XKMJAf37-GI/AAAAAAAAIis/g8rPmvW__W0wsSInqM90i-agAbmT8W9vgCLcBGAs/s1600/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-yS6fAeeHqTc/XKMJAf37-GI/AAAAAAAAIis/g8rPmvW__W0wsSInqM90i-agAbmT8W9vgCLcBGAs/s1600/SINGAPORE.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
852f18dc6c19a8d1608049d628ac31a9f522bd82009f57b7a17635670de3e510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="SINGAPORE.png"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119442
x-xss-protection
0
server
fife
etag
"v222e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jul 2020 16:57:57 GMT
HONGKONG.png
4.bp.blogspot.com/-qP4X92h_82o/XKMI7uEJVgI/AAAAAAAAIig/bFktIl6VoY0K-5lX9kPFYS2liXqjgILdgCLcBGAs/s1600/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-qP4X92h_82o/XKMI7uEJVgI/AAAAAAAAIig/bFktIl6VoY0K-5lX9kPFYS2liXqjgILdgCLcBGAs/s1600/HONGKONG.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d95037abc75cc45ecbb2a9344926195c48727d2a38125f5bb33d7a2199bc737b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="HONGKONG.png"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107038
x-xss-protection
0
server
fife
etag
"v222f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 22 Jul 2020 04:57:43 GMT
dewanalo-729x180.gif
benuatg.files.wordpress.com/2018/06/ 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2018/06/dewanalo-729x180.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f12b30f3260d77a8af2989169843cdf637b9d7923c8526ee7ff2b36bdc6439f7
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff, nosniff, nosniff
last-modified
Thu, 21 Jun 2018 02:33:28 GMT
server
nginx
status
200
x-orig-src
01_mogdir
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
vary
Origin
content-length
259647
expires
Thu, 20 Aug 2020 18:15:06 GMT
animasi-bergerak-terima-kasih-0071.gif
www.gambaranimasi.org/data/media/466/
Redirect Chain
  • http://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif
  • https://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif
138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:acae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4befac5efae6853640df4556af2445a0b8e9003dbfd03b3552220edeb3572e

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 10:04:05 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 12:40:46 GMT
server
cloudflare
age
4545
etag
"22921-5267666306f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
5b641884dceb63dd-FRA
content-length
141601
cf-request-id
04126da707000063ddebadb200000001

Redirect headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.gambaranimasi.org/data/media/466/animasi-bergerak-terima-kasih-0071.gif
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5b6418843ea51756-FRA
cf-request-id
04126da69f00001756f39fa200000001
Expires
Tue, 21 Jul 2020 11:04:05 GMT
OKKKKK-300x88.png
144.202.112.134/wp-content/uploads/2020/06/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://144.202.112.134/wp-content/uploads/2020/06/OKKKKK-300x88.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
dcd2d01b3384b8745d8466319236135d505dd89bd8e067bbb448228ea736c7b1

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Last-Modified
Mon, 15 Jun 2020 06:47:34 GMT
Server
Apache
ETag
"db506-8644-5a819cd369599"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
34372
barus.gif
benuatg.files.wordpress.com/2020/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2020/03/barus.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11c24d13f7a85964110fdbad9e6d0dcc4cc1279df2ee179241965114074ebcbd
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff, nosniff, nosniff
last-modified
Fri, 13 Mar 2020 07:09:18 GMT
server
nginx
status
200
x-orig-src
01_mogdir
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
vary
Origin
content-length
17890
expires
Tue, 11 Aug 2020 01:40:33 GMT
wp-embed.min.js
144.202.112.134/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://144.202.112.134/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Last-Modified
Wed, 15 Apr 2020 03:04:01 GMT
Server
Apache
ETag
"9e99a-59a-5a34b916e32d5"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1434
hongkongpools2.gif
benuatg.files.wordpress.com/2019/09/ 		858 KB
859 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2019/09/hongkongpools2.gif
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd71cb30f2c20020da19a1a2529c940677311df9ed0d959bd324ff95b4727f38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Sat, 21 Sep 2019 04:24:56 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
878309
expires
Sat, 01 Aug 2020 14:48:49 GMT
close.png
benuatg.files.wordpress.com/2018/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2018/10/close.png
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5c83dcb2e295b8de312ef857e845f5c1b3849ffe6be62d3a5cc2041994e97e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Tue, 21 Jul 2020 10:04:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Oct 2018 06:55:19 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Origin
content-type
image/png
access-control-allow-origin
https://benuatg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
1805
expires
Fri, 31 Jul 2020 15:59:15 GMT
bhitam.jpg
144.202.112.134/wp-content/uploads/2020/02/
Redirect Chain
  • http://bocorantogel2020.com/wp-content/uploads/2020/02/bhitam.jpg
  • http://144.202.112.134/wp-content/uploads/2020/02/bhitam.jpg
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://144.202.112.134/wp-content/uploads/2020/02/bhitam.jpg
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
144.202.112.134 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.112.134.vultr.com
Software
Apache /
Resource Hash
d564089c139ea1415295cfd4a0c98e74a6e35669e0d8838981027b9f0dbbd534

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:11 GMT
Last-Modified
Wed, 15 Apr 2020 05:23:34 GMT
Server
Apache
ETag
"9e484-6a9a-5a34d847fdec6"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
27290

Redirect headers

Location
http://144.202.112.134/wp-content/uploads/2020/02/bhitam.jpg
Date
Tue, 21 Jul 2020 10:04:10 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
268
Content-Type
text/html; charset=iso-8859-1
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.4.2
Origin
http://144.202.112.134

Response headers

Date
Wed, 08 Jul 2020 20:57:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:48:22 GMT
Server
sffe
Age
1083994
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10968
X-XSS-Protection
0
Expires
Thu, 08 Jul 2021 20:57:31 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.4.2
Origin
http://144.202.112.134

Response headers

Date
Fri, 12 Jun 2020 13:45:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:48:17 GMT
Server
sffe
Age
3356320
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10996
X-XSS-Protection
0
Expires
Sat, 12 Jun 2021 13:45:25 GMT
P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v13/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/arimo/v13/P5sMzZCDf9_T_10ZxCFuj5-v.woff2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.4.2
Origin
http://144.202.112.134

Response headers

Date
Thu, 09 Jul 2020 02:56:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 Jul 2019 19:20:03 GMT
Server
sffe
Age
1062448
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9604
X-XSS-Protection
0
Expires
Fri, 09 Jul 2021 02:56:37 GMT
P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2
fonts.gstatic.com/s/arimo/v13/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/arimo/v13/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.4.2
Origin
http://144.202.112.134

Response headers

Date
Fri, 12 Jun 2020 13:19:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 Jul 2019 19:21:52 GMT
Server
sffe
Age
3357898
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9572
X-XSS-Protection
0
Expires
Sat, 12 Jun 2021 13:19:07 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:02:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32090
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4547
X-Request-ID
134775871
tracking.js
cdn.livechatinc.com/
Redirect Chain
  • http://cdn.livechatinc.com/tracking.js
  • https://cdn.livechatinc.com/tracking.js
216 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.248.108 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33cdcd7909f790856ca12bc73e659964a5bf4e8459ee286538261ac0415c1569

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
GQw1jEGalK4mDumHYWPt9svkwcqlG2oj
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2020 07:26:42 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53
Date
Tue, 21 Jul 2020 10:04:05 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Content-Length
60256
X-Amz-Cf-Id
wNDgDvyJmx1usHhDX6c2cEbE6xxHMhualryaW_m1oGes6pLAgPmzTw==
Expires
Tue, 21 Jul 2020 18:04:05 GMT

Redirect headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Server
AkamaiGHost
Location
https://cdn.livechatinc.com/tracking.js
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Content-Length
0
Expires
Tue, 21 Jul 2020 18:04:05 GMT
4370589.php
s4.histats.com/stats/ 		94 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4370589.php?4370589&@f16&@g1&@h1&@i1&@j1595325845211&@k0&@l1&@mBOCORAN%20TOGEL%202020%20-%20Bocoran%20SGP%20-%20Bocoran%20HK%20%2C%20Bocoran%20Sydney&@n0&@o1000&@q0&@r0&@s403&@ten-US&@u1600&@b1:74062965&@b3:1595325845&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2F144.202.112.134%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a339cc5da837df5f1771c64329b5afcccfaa20bef1d51b3a75ca563e558dbc43

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Connection
close
Content-Length
94
Content-Type
text/html;charset=UTF-8
get_dynamic_config.js
secure.livechatinc.com/licence/9342290/v2/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/9342290/v2/get_dynamic_config.js?t=1595325845246&referrer=&url=http%3A%2F%2F144.202.112.134%2F&params=&channel_type=code&jsonp=__lc_data_41337
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.88 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
69aa9afa78a6ae3ea774f87cb70ea07ff38e190af7abb15d6ab0e0ba43ee0fc9

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 10:04:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Expose-Headers
X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control
max-age=0, no-cache, no-store
X-RateLimit-Reset
1595325849
X-RateLimit-Remaining
4997
Connection
keep-alive
Content-Length
534
Expires
Tue, 21 Jul 2020 10:04:05 GMT
get_static_config.0.1035.5.5.1601.11.148.11.5.5.5.5.17.js
secure.livechatinc.com/licence/9342290/v2/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/9342290/v2/get_static_config.0.1035.5.5.1601.11.148.11.5.5.5.5.17.js?&jsonp=__lc_data_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.88 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
56aad463e728f29c530f52866d5c40e19a6cfc375f11e212b626a77938a7b2fc

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 10:04:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://api.chat.io
Access-Control-Expose-Headers
location
Cache-Control
public, max-age=533
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept
Content-Length
2177
Expires
Tue, 21 Jul 2020 10:12:58 GMT
open_chat.cgi
secure.livechatinc.com/licence/9342290/v2/ Frame D390 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/9342290/v2/open_chat.cgi?license=9342290&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.88 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
secure.livechatinc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://144.202.112.134/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__livechat=lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Did%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1595325845%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1595325845.92040a907b%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://144.202.112.134/

Response headers

Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Content-Encoding
gzip
Expires
Tue, 21 Jul 2020 10:04:05 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 21 Jul 2020 10:04:05 GMT
Content-Length
1509
Connection
keep-alive
cc_403.js
s10.histats.com/counters/ 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_403.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
caa34157b3d306f1b1e71f2a55223269a813d6f01e4544986b5fe97dfff81a0b

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 09:54:17 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
W/"942182747"
x-cacheable
Matched cache
content-type
text/javascript
status
200
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
12230
x-request-id
385715558
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e43ec00c2d568f74f0d3899120fbcd2bfef783272507e1125bef9d5078bcf859

Request headers

Referer
http://144.202.112.134/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 		11 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Requested by
Host: 144.202.112.134
URL: http://144.202.112.134/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.248.108 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer
http://144.202.112.134/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Fd28HDfEGNIiQLnbsXY26uGu4aBLIZqj
Last-Modified
Mon, 23 Mar 2020 13:21:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"a37211a6cfcda45352d5abcff1e446bb"
Content-Type
application/octet-stream
Content-Range
bytes 0-11403/11404
Cache-Control
max-age=31536000
Date
Tue, 21 Jul 2020 10:04:07 GMT
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
11404
X-Amz-Cf-Id
EVfdsfcrmJwFqsNdm-AF9yPo8EOJNv7Zy0REBiTJOhNrs3QcKCIHiw==
Expires
Wed, 21 Jul 2021 10:04:07 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| _Hasync object| twemoji object| wp object| __lc function| chfh function| chfh2 string| _HST_cntval object| Histats number| __lc_inited object| AutoInvitation object| PersonalInvitation object| LC_API object| __lc_script_version function| __lc_data_41337 function| __lc_data_static_config object| _HistatsCounterGraphics_403_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_403 function| histats_canvascounters_base.js

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: http://144.202.112.134/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
benuatg.files.wordpress.com
bocorantogel2020.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
s10.histats.com
s4.histats.com
secure.livechatinc.com
www.gambaranimasi.org
104.108.35.88
144.202.112.134
192.0.72.24
192.0.77.2
192.99.8.34
23.210.248.108
2606:4700:3033::681b:acae
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:81b::2001
2a00:1450:4001:825::200a
46.105.201.240
81.19.186.212
033452b75e9b1fa9306ddab1c15bc79184519f181113adaca88ef7e841182615
07fcb347186015e65edbd8fe1d3bba488e383769e063dc16907cfe8cef0c13bf
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
11c24d13f7a85964110fdbad9e6d0dcc4cc1279df2ee179241965114074ebcbd
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f9d12e6dfd09043f6bdd07f4cc8118ce7a840066c3a9d7a831d17778e157a1b
29d452c193c486e59a5ba3b16f316800c9a5420b1d03454da110802b156ea0d6
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
33cdcd7909f790856ca12bc73e659964a5bf4e8459ee286538261ac0415c1569
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3e5c83dcb2e295b8de312ef857e845f5c1b3849ffe6be62d3a5cc2041994e97e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4ba28b820b6fe91cb1f1a03501afd124cbe966059dc0336bd7908973647305dd
56aad463e728f29c530f52866d5c40e19a6cfc375f11e212b626a77938a7b2fc
6554cc1d7be7d98c177066e8bda2575305300c63f1ab477aa9b23c5a573651b2
69aa9afa78a6ae3ea774f87cb70ea07ff38e190af7abb15d6ab0e0ba43ee0fc9
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72
852f18dc6c19a8d1608049d628ac31a9f522bd82009f57b7a17635670de3e510
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
94810c21751806a82cfafb286cb7dbf7232b43378c96c77924d15cbcb69412f3
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
a339cc5da837df5f1771c64329b5afcccfaa20bef1d51b3a75ca563e558dbc43
b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bd71cb30f2c20020da19a1a2529c940677311df9ed0d959bd324ff95b4727f38
caa34157b3d306f1b1e71f2a55223269a813d6f01e4544986b5fe97dfff81a0b
d564089c139ea1415295cfd4a0c98e74a6e35669e0d8838981027b9f0dbbd534
d73141917e334151328a577cd05139c74a1333e45e44c92f0f8f8ba337e61f89
d95037abc75cc45ecbb2a9344926195c48727d2a38125f5bb33d7a2199bc737b
db4befac5efae6853640df4556af2445a0b8e9003dbfd03b3552220edeb3572e
dcd2d01b3384b8745d8466319236135d505dd89bd8e067bbb448228ea736c7b1
e43ec00c2d568f74f0d3899120fbcd2bfef783272507e1125bef9d5078bcf859
ea66b1717190c865780c4c2c11ddc5b19972589f33572658bcd5cecacb433775
f12b30f3260d77a8af2989169843cdf637b9d7923c8526ee7ff2b36bdc6439f7