urlscan.io logo urlscan.io
SecurityTrails logo

turban.blogpl.com Open in urlscan Pro
2606:4700:3030::681f:5685  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turban.blogpl.com/
Effective URL: https://turban.blogpl.com/
Submission: On December 10 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3030::681f:5685, located in United States and belongs to CLOUDFLARENET, US. The main domain is turban.blogpl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.
This is the only time turban.blogpl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:9::84 54113 (FASTLY)
2 192.0.77.48 2635 (AUTOMATTIC)
1 151.101.36.84 54113 (FASTLY)
32 8
19    2606:4700:3030::681f:5685 (United States)

ASN13335 (CLOUDFLARENET, US)
turban.blogpl.com
1    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a02:26f0:6c00:2a3::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
i.pinimg.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)
assets.pinterest.com
2    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
log.pinterest.com
Domain Requested by
19 turban.blogpl.com 1 redirects turban.blogpl.com
8 i.pinimg.com turban.blogpl.com
2 s.w.org turban.blogpl.com
2 pagead2.googlesyndication.com turban.blogpl.com
pagead2.googlesyndication.com
1 log.pinterest.com
1 assets.pinterest.com turban.blogpl.com
32 6

This site contains links to these domains. Also see Links.

Domain
themezee.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-15 -
2021-08-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://turban.blogpl.com/
Frame ID: 2A8CA8AD814FBBAA2E33278D419E6D78
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://turban.blogpl.com/ HTTP 301
    https://turban.blogpl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

32
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

8
IPs

4
Countries

1620 kB
Transfer

2127 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turban.blogpl.com/ HTTP 301
    https://turban.blogpl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
turban.blogpl.com/
Redirect Chain
  • http://turban.blogpl.com/
  • https://turban.blogpl.com/
32 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13 PleskLin
Resource Hash
2f819435b456b4d2d505541503605c6253990dd0a010eee8774839103a1b6a45

Request headers

:method
GET
:authority
turban.blogpl.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=da545189d1d7810c664b58326956f38681607593721; PHPSESSID=ppu3go4ichd3f23mblsjvsvm19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.13 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://turban.blogpl.com/wp-json/>; rel="https://api.w.org/"
x-cache-status
BYPASS
cf-cache-status
DYNAMIC
cf-request-id
06eda69a73000005f9723d6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u6%2FM8x1nigiMIQqbC8ZPvV3C0ePi9glvKYKqPOdR2f68OlYZW75tvfmGEoviHsiGZ0zYIGyPrl0OQcBqW7%2BV%2FWAPdysqVG4ZACe1f9kL4%2FNrG%2FpqYG9oaZRpmK05DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ff60d3d883d05f9-FRA
content-encoding
br

Redirect headers

Date
Thu, 10 Dec 2020 09:48:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da545189d1d7810c664b58326956f38681607593721; expires=Sat, 09-Jan-21 09:48:41 GMT; path=/; domain=.blogpl.com; HttpOnly; SameSite=Lax PHPSESSID=ppu3go4ichd3f23mblsjvsvm19; path=/
X-Powered-By
PHP/7.4.13 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Redirect-By
WordPress
Location
https://turban.blogpl.com/
X-Cache-Status
BYPASS
CF-Cache-Status
DYNAMIC
cf-request-id
06eda698420000c29f10220000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h9wa0Kn9a6UOuwREPqDXDnzWr%2BGgxfcQET1N3%2BPBAyXCxKqSNFK0EOxUlIQLdmfB9uz5J20bVyYURQDqwYx362b%2FKEFzG9SPJbzdgMjv8NoY8Y0KT84DFsBqK6E1zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5ff60d3a0919c29f-FRA
custom-fonts.css
turban.blogpl.com/wp-content/themes/napoli/assets/css/ 		4 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e31c882765ae95595506b5dc2de2a2f983e5ba66a71cf6f4673b56eda46771a1

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6e000005f90cbdc000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
W/"5e260e9d-fb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aXqOWd2YpEocOlSbH0HZxqhoj3TTm0cki9Hto5C2Mj0cwCEDVKFnj7%2BbyXcfjk1t5Y8kFPNrf7gWIBsNDIp2mL0by4JhFpto%2BqIdCK7BGCmFEal%2BdnaEK82r8%2B%2B%2B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5ff60d43eac905f9-FRA
style.min.css
turban.blogpl.com/wp-includes/css/dist/block-library/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6e000005f94303b000000001
last-modified
Wed, 29 Apr 2020 23:05:19 GMT
server
cloudflare
etag
W/"5eaa082f-d159"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lk5GjhJSKx%2BqCI2xMLcvHDROqt9flmkXoIXCK35Ilkg695X93xoHZBSCJqX9gox56UHd7Yu3nAjV3CJmv%2FnrGaiC4ZH0OLID82nAJe7kZ20lkjKgiXq9jGWp8TkFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5ff60d43eacd05f9-FRA
style-frontend.css
turban.blogpl.com/wp-content/plugins/social-pug/assets/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/plugins/social-pug/assets/css/style-frontend.css?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7f1c970c300c14d218675005aaf506b0a4a0c06a39ef3d09645e8911331b0a0b

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f91cba9000000001
last-modified
Mon, 20 Jan 2020 21:59:37 GMT
server
cloudflare
etag
W/"5e2622c9-4d26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FhkzpzUnVqyoHQkd7IGbawubvvCF5E%2FRX4uQiwSDPrAp1%2B5czEzsDhfMBJjAT64tw%2BCMKlrDi4HOG%2B%2FQqJFgY7T9hjd%2Be2fBxoRFVEQ9x7WYGzEQgT7lsM97l73Img%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5ff60d43eacf05f9-FRA
style.css
turban.blogpl.com/wp-content/themes/napoli/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/style.css?ver=1.7.3
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
236e8220ec628fc65a67a61cb8b16e2c783dde2ab6c73041e0d0008181472312

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f92d8ba000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
W/"5e260e9d-e064"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMAKuDLsOpmwoq8RXCUAeG%2FM%2Fysi0xIv30x25heZVvg%2B0iLc62St6cowCX6SK11RZFqY%2FuRs5CtWxV3K4T1m9MdkVijd7dFSRmBm12U1yCSQWDbm%2FVJpOE3LQZ6UKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5ff60d43ead105f9-FRA
genericons.css
turban.blogpl.com/wp-content/themes/napoli/assets/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f922a35000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
W/"5e260e9d-6e6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MIvzRqMkAtQne4MJd2ROvjZEoyA9YgnWVg3TO%2FCKq4zL8IpSqRQq3JPQyCWSrXHRP%2B2UoKbN26ev7GtYSP9%2Bu%2BDSfSUSoEZuuWw5UIPuwpWn8sdQYJLreoSUooJjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5ff60d43ead305f9-FRA
jquery.js
turban.blogpl.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f95d146000000001
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
etag
W/"5cde37d2-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iV%2BXucif4WPiLOMRvswHtkiKp4EwKAL6%2BCvUyroiNXqa8EGti0XOKybO721bFX5%2BGdBt0pXj5neulAhQdjKUe6vGyVso%2BdeUW922DNaZybJ8aIhSzKS3j887qp4lRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d43ead505f9-FRA
jquery-migrate.min.js
turban.blogpl.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f972b8a000000001
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"573eaa90-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WDkqguxmBCWPCuAL%2Bwq19Dok0klzQCETiu53SQ95tf%2Bjvgsd67i7ssS%2BPmST8ZKgXsM4CCJHmpxUlY8ixEhHhnhkmrOCyva2FI5%2F%2Bhelf5IgXdLFjJd5y%2BedOzIkkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d43ead805f9-FRA
front-end.js
turban.blogpl.com/wp-content/plugins/social-pug/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/plugins/social-pug/assets/js/front-end.js?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
27c9487edebcf50602888db4178566d1c41b930220c32d06293e4e28346a33e8

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e6f000005f91e08e000000001
last-modified
Mon, 20 Jan 2020 21:59:37 GMT
server
cloudflare
etag
W/"5e2622c9-920"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8xNpKYZu75hAmzOIp107h3y68QSKh%2B2sP6E6CofvAhm31kpTjYDAlQYKL08WIBpbmdpEBH3PyzPqmrEt7lF%2BoIY9KA4hy68IZBUm%2F2oNj3dSiNDO4UixDXGCUDd%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d43eada05f9-FRA
navigation.js
turban.blogpl.com/wp-content/themes/napoli/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/js/navigation.js?ver=20170105
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8e86a9b56629bcb88db6e96b4a023a23f24d99b36778eb5afb532cc0811bffa0

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda69e70000005f927a3a000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
W/"5e260e9d-1528"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AQtWF6zi3xsC6b3MQCC7Yr90BGhRlemiWlIqtQX1049kb7QpEyQLVsf2q4chlL5bZAi6Eccj82tYuV36RpSG52bGNjTfZCrqJ5PcKsY7SkJMFS30LU7r%2FL%2F8bbheug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d43eadc05f9-FRA
pinit.js
turban.blogpl.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 		782 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda6a07f000005f9003a8000000001
last-modified
Mon, 20 Jan 2020 21:48:46 GMT
server
cloudflare
etag
W/"30e-59c99417a0b80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A0LnhKQawoEYELGbuzfnw4QONR%2Fr4pW3XWDZBEckwyb%2BNPwhsc1wPGVLs8KvjlezabsBgcQlvkPOvrwiU59eNY0%2FpQlb2DlWwdWourRAGk5jNM0QqXbfcaqx5%2FG%2FVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=14400
cf-ray
5ff60d473c3305f9-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47114
x-xss-protection
0
server
cafe
etag
10026942970525496094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Dec 2020 09:48:44 GMT
574dc6c6c318f8a3cdb1ba43abffe4d7.jpg
i.pinimg.com/originals/57/4d/c6/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/57/4d/c6/574dc6c6c318f8a3cdb1ba43abffe4d7.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8ccc9f6acdbfd556443c0104e169be394bc7330a9b31d3c03904a2740824613

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"3b32ea501795ad691e74cdd9496763a5"
content-length
73441
vary
Origin
content-type
image/jpeg
bfa47b689547d7fb39bba4252e41a6b8.jpg
i.pinimg.com/originals/bf/a4/7b/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/bf/a4/7b/bfa47b689547d7fb39bba4252e41a6b8.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9cd77185e24c3108d52eae7afe0b48323b0650687c0e2c9e43f154fc716e4331

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"5d90c5a1d0c1ec4a31d2ec64714c7396"
content-length
27346
vary
Origin
content-type
image/jpeg
126dba41d4870347a61c39f8d5afab0f.jpg
i.pinimg.com/originals/12/6d/ba/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/12/6d/ba/126dba41d4870347a61c39f8d5afab0f.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9a0f5948d0749dab323556cbbd83aa1d46898d3376b052a8b8873c52058f3a13

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"3baf8b104c7ad0609f5e7bbc97ec2729"
content-length
117675
vary
Origin
content-type
image/jpeg
wp-emoji-release.min.js
turban.blogpl.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda6a07f000005f90c81b000000001
last-modified
Tue, 05 Nov 2019 22:04:02 GMT
server
cloudflare
etag
W/"5dc1f1d2-364d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JVO%2Fil3sdJe%2Fi9D0dxRZyZvYJPOcKVrjx2KeeFzl3lYOfC3YvZSsj5UDGyY06wmdEH53SAGzGCTzqPHSWjAIlre6lcbE3BeTUUiZ%2BkpJY%2BM5gmaMQadvEl%2B6VN0HMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d473c3405f9-FRA
37b8d03fd951a5333a08cbf0d99c845e.jpg
i.pinimg.com/originals/37/b8/d0/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/37/b8/d0/37b8d03fd951a5333a08cbf0d99c845e.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
59e288325d6d4ad3c066f4f16ca7b7f2ed1a374c6db6e323acf2e6b814eb0196

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"c17674e158c576cd87f0fed209c11abc"
content-length
83120
vary
Origin
content-type
image/jpeg
a0f028e54ddcfc6a641943242a1fa426.jpg
i.pinimg.com/originals/a0/f0/28/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/a0/f0/28/a0f028e54ddcfc6a641943242a1fa426.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
57fec2944f7eb03ade7741993ddf4c1d9c1c5a64d0f6c4494fb3c40fc738d145

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"de06542418f63f3a0011764cc09a2ca1"
content-length
94183
vary
Origin
content-type
image/jpeg
91f91f4cd683119f9792a4a0fed96d48.jpg
i.pinimg.com/originals/91/f9/1f/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/91/f9/1f/91f91f4cd683119f9792a4a0fed96d48.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
27173045a10e03fa9225ada25f166d1ec21be988940a7cf7a9b31584d4e8fe12

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"806200b6495642e0de8fcdf9a8f3da49"
content-length
139081
vary
Origin
content-type
image/jpeg
593b4d123b85052e9913416b60375369.jpg
i.pinimg.com/originals/59/3b/4d/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/59/3b/4d/593b4d123b85052e9913416b60375369.jpg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f86caf98f11136cff0110dff2f47b23f92f42e0e9224aa89f580f3c45528fd24

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
immutable, max-age=31536000
x-cdn
akamai
accept-ranges
bytes
etag
"2a0f5abc769a6b4f2520f597a2b02279"
content-length
164562
vary
Origin
content-type
image/jpeg
b10c3b0daaab9de7a1bce166bd0e6651.gif
i.pinimg.com/originals/b1/0c/3b/ 		607 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/b1/0c/3b/b10c3b0daaab9de7a1bce166bd0e6651.gif
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
06ed2aac220667e7c33e9951bc179586d8a99f52aa03f48c66bd2f5a9c3e2331

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
67
x-cdn
akamai
x-edgeconnect-midmile-rtt
3
etag
"a8d1303ab65da450559df29994a0f5f8"
vary
Origin
content-type
image/gif
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
622056
woo.css
turban.blogpl.com/wp-content/plugins/featured-image-from-url/includes/html/css/ 		76 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda6a072000005f925237000000001
last-modified
Tue, 28 Jan 2020 19:42:43 GMT
server
cloudflare
etag
W/"4c-59d386d6ad2c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pOAzjf1TuMVBOp89UVbLgbdEthM2FBw0Vyh1UBloPclcq9VN1VvLVEdFHT0EVb6CDgP1U8Naa8pt476rsMQbp%2B44z6gaDJyC7JIp%2Bza0eeUmDVPfi8KZWezuta5MlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=14400
cf-ray
5ff60d471bff05f9-FRA
wp-embed.min.js
turban.blogpl.com/wp-includes/js/ 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-includes/js/wp-embed.min.js?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda6a072000005f935bb1000000001
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
cloudflare
etag
W/"5db39083-59a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ua2ZG5nU0T757UsZlDINh1caXSQmiay7TbW2ILowSfh4xSZ2N7WXmXpU16cAnPmNcJaxFDpn%2Bn60GIYDe0Hd6Ei5eMA9DSaw%2BIRLV%2F1rSSfpztugSm4PkmuauXS3kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d471c0005f9-FRA
image.js
turban.blogpl.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 		2 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=5.4.4
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1da817667ec53face7a1be6bb20ef504a7b81baf40bc63186799302334c59588

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
cf-request-id
06eda6a07f000005f92e116000000001
last-modified
Tue, 28 Jan 2020 19:42:43 GMT
server
cloudflare
etag
W/"5e308eb3-7c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t08eMUVG2E4m5pLfSqbq2qEtxPoZ6GSV6ZXCs9BiL5yLnHSI5rHN3lWjMfyOGzosxet92uc7gw4DmgYexiZSErl28J2rH%2BvMz26hcXKelasdk2HHlfx47Kml1PDCoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ff60d473c3205f9-FRA
open-sans-v15-latin-ext_latin-regular.woff2
turban.blogpl.com/wp-content/themes/napoli/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/fonts/open-sans-v15-latin-ext_latin-regular.woff2
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Origin
https://turban.blogpl.com
Referer
https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
content-length
18876
cf-request-id
06eda6a082000005f925238000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
"5e260e9d-49bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qntjUn3kcnD7RWBqm9fXgLBJCSlxyuFa9XHkYXqReaFdihzMlEpDiLxEhlZEQnID7tPqyw7H0%2BUO44RiAI%2BkkDbcXH1%2B%2FrU3%2F41rVbipSCM76Kn9Nkt2xfoRJeRZ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ff60d473c4105f9-FRA
montserrat-v12-latin-ext_latin-regular.woff2
turban.blogpl.com/wp-content/themes/napoli/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/fonts/montserrat-v12-latin-ext_latin-regular.woff2
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
086e4cc92c0e4f7be7826fa9cf8ed4f058f19b9fb16de55e0b57dd5e5ad3c355

Request headers

Origin
https://turban.blogpl.com
Referer
https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
content-length
28240
cf-request-id
06eda6a083000005f934884000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
"5e260e9d-6e50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pPJ4ZwJYtSO8DaT35b3QmS7XLHt8PmKHncSRcqq8ZtJaKkGOYKt5HdkJRIm7v4n8CeB2MCVIbVbFHVXZOaAlAohkVHKJy%2FTNVA82cD2ZmEzHybTcW0XFxVlamPf%2FxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ff60d473c4405f9-FRA
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin
https://turban.blogpl.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
open-sans-v15-latin-ext_latin-700.woff2
turban.blogpl.com/wp-content/themes/napoli/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://turban.blogpl.com/wp-content/themes/napoli/assets/fonts/open-sans-v15-latin-ext_latin-700.woff2
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356

Request headers

Origin
https://turban.blogpl.com
Referer
https://turban.blogpl.com/wp-content/themes/napoli/assets/css/custom-fonts.css?ver=20180413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
x-cache-status
BYPASS
content-length
19504
cf-request-id
06eda6a0ad000005f927a7e000000001
last-modified
Mon, 20 Jan 2020 20:33:33 GMT
server
cloudflare
etag
"5e260e9d-4c30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2FWS%2BKQ9%2BDDAArNjQNA9A9GBrITBVLVeeN2bvCZVr9jaMJ5fccvfOpdFYvixGt%2FpMhNUfn1dr%2BQV7TsoE%2Bj7glhoXsgpj07JWtlAcVMqOZttUN3qzolo43iTOig9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ff60d477cf605f9-FRA
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Dec 2020 09:48:44 GMT
pinit_main.js
assets.pinterest.com/js/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee191a0c1c060516fc63204718931a66689a43a4d5c5c5357b220720883f1b74

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
br
x-cdn
fastly
etag
"5f05e941ac40164e893a36ff1cbccf3e"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
18677
access-control-expose-headers
X-CDN
1f339.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 		905 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f339.svg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f64f.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 		1 KB
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f64f.svg
Requested by
Host: turban.blogpl.com
URL: https://turban.blogpl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
8507d163d2a5c3e4ae298f241d74883e6481b720e78543c08291102ec738b433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 10 Dec 2020 09:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
log.pinterest.com/ 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=Mx_Dgy_t6V2Y&tv=2020120701&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fturban.blogpl.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://turban.blogpl.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:48:45 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
3
x-cache-hits
0
content-length
0
x-served-by
cache-ams21071-AMS
pragma
no-cache
x-pinterest-identity
nimbus.cookiemonster.teletraan.aws-us-east-1.cookiemonster.prod-docker
server
envoy
x-timer
S1607593726.504621,VS0,VE97
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
5136648053601402
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| wp object| fifuImageVars function| resizeImg function| disableClick object| jQuery112409854872887368882 boolean| PIN_18606 object| PIN_1607593724374 string| value string| key object| PinUtils object| twemoji

2 Cookies

Domain/Path Name / Value
turban.blogpl.com/ Name: PHPSESSID
Value: ppu3go4ichd3f23mblsjvsvm19
.blogpl.com/ Name: __cfduid
Value: da545189d1d7810c664b58326956f38681607593721

1 Console Messages

Source Level URL
Text
console-api log URL: https://turban.blogpl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.pinterest.com
i.pinimg.com
log.pinterest.com
pagead2.googlesyndication.com
s.w.org
turban.blogpl.com
151.101.36.84
192.0.77.48
2606:4700:3030::681f:5685
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2002
2a02:26f0:6c00:2a3::1931
2a04:4e42:9::84
0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73
06ed2aac220667e7c33e9951bc179586d8a99f52aa03f48c66bd2f5a9c3e2331
086e4cc92c0e4f7be7826fa9cf8ed4f058f19b9fb16de55e0b57dd5e5ad3c355
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1da817667ec53face7a1be6bb20ef504a7b81baf40bc63186799302334c59588
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
236e8220ec628fc65a67a61cb8b16e2c783dde2ab6c73041e0d0008181472312
27173045a10e03fa9225ada25f166d1ec21be988940a7cf7a9b31584d4e8fe12
27c9487edebcf50602888db4178566d1c41b930220c32d06293e4e28346a33e8
2f819435b456b4d2d505541503605c6253990dd0a010eee8774839103a1b6a45
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
57fec2944f7eb03ade7741993ddf4c1d9c1c5a64d0f6c4494fb3c40fc738d145
59e288325d6d4ad3c066f4f16ca7b7f2ed1a374c6db6e323acf2e6b814eb0196
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7f1c970c300c14d218675005aaf506b0a4a0c06a39ef3d09645e8911331b0a0b
8507d163d2a5c3e4ae298f241d74883e6481b720e78543c08291102ec738b433
85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a
8e86a9b56629bcb88db6e96b4a023a23f24d99b36778eb5afb532cc0811bffa0
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9a0f5948d0749dab323556cbbd83aa1d46898d3376b052a8b8873c52058f3a13
9cd77185e24c3108d52eae7afe0b48323b0650687c0e2c9e43f154fc716e4331
a8ccc9f6acdbfd556443c0104e169be394bc7330a9b31d3c03904a2740824613
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
e31c882765ae95595506b5dc2de2a2f983e5ba66a71cf6f4673b56eda46771a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
ee191a0c1c060516fc63204718931a66689a43a4d5c5c5357b220720883f1b74
f86caf98f11136cff0110dff2f47b23f92f42e0e9224aa89f580f3c45528fd24
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149