urlscan.io logo urlscan.io
SecurityTrails logo

mendapatkannya.xyz Open in urlscan Pro
198.54.114.156  Public Scan

Go To Rescan Add Verdict Report
URL: https://mendapatkannya.xyz/
Submission: On August 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 198.54.114.156, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mendapatkannya.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2024. Valid for: a year.
This is the only time mendapatkannya.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.114.156 22612 (NAMECHEAP...)
5 2a00:1450:400... 15169 (GOOGLE)
17 172.67.162.223 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
7 198.54.115.35 22612 (NAMECHEAP...)
5 104.21.235.70 13335 (CLOUDFLAR...)
2 172.217.16.193 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
41 9
1    198.54.114.156 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium31-1.web-hosting.com
mendapatkannya.xyz
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
17    172.67.162.223 (United States)

ASN13335 (CLOUDFLARENET, US)
imgku.io
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    198.54.115.35 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business32-2.web-hosting.com
img-photo.com
5    104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)
iili.io
2    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
cdn.ampproject.org
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 imgku.io
imgku.io — Cisco Umbrella Rank: 40059
386 KB
7 img-photo.com
img-photo.com
834 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
123 KB
5 iili.io
iili.io — Cisco Umbrella Rank: 28319
6 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 mendapatkannya.xyz
mendapatkannya.xyz
10 KB
41 7
Domain Requested by
17 imgku.io mendapatkannya.xyz
7 img-photo.com mendapatkannya.xyz
7 cdn.ampproject.org mendapatkannya.xyz
cdn.ampproject.org
5 iili.io mendapatkannya.xyz
2 www.facebook.com mendapatkannya.xyz
2 connect.facebook.net mendapatkannya.xyz
connect.facebook.net
1 mendapatkannya.xyz
41 7
Subject Issuer Validity Valid
mendapatkannya.xyz
Sectigo RSA Domain Validation Secure Server CA		 2024-07-30 -
2025-07-30		 a year crt.sh
misc-sni.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
imgku.io
WE1		 2024-06-30 -
2024-09-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-13 -
2024-08-11		 3 months crt.sh
img-photo.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-02 -
2025-03-02		 a year crt.sh
iili.io
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mendapatkannya.xyz/
Frame ID: CFB810039E33CC25E3E2B9BA8BCAA6D5
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HOROR INDONESIA

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

41
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

7140 kB
Transfer

8511 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mendapatkannya.xyz/ 		52 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.114.156 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium31-1.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
670d1a18d0f07c52362af9aa56c21d293b9abb7abe15fbac2a31801aff1f9954

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
9895
content-type
text/html; charset=UTF-8
date
Sun, 04 Aug 2024 09:34:28 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73122
x-xss-protection
0
server
sffe
etag
"2af4af216080b72b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Aug 2024 09:34:29 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11527
x-xss-protection
0
server
sffe
etag
"aef697926ee2e511"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Aug 2024 09:34:29 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15359
x-xss-protection
0
server
sffe
etag
"878b797225258d2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Aug 2024 09:34:29 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796e67ed46a3b39d46856f433f37f3fc4fc913539799946ba3d5947ce59d7d32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14967
x-xss-protection
0
server
sffe
etag
"a469a246442cd668"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Aug 2024 09:34:29 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2467
x-xss-protection
0
server
sffe
etag
"5afdd0604fa01f3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Aug 2024 09:34:29 GMT
lTXvZ3bo.png
imgku.io/download/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/lTXvZ3bo.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa05fa46fe77e355a9ccd0d615b3a79841849108f6c1950576b1077abd4e7e7f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000004773f69dfeb9738f-0065def517-a2c45-default
x-ratelimit-remaining-second
246
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
6184
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 07:59:36 GMT
server
cloudflare
etag
"e7d5fb6e2f06f6a279dcb444e5368ca0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQG6N1D8cwc778RlE6AgGqVFbQLawGWQLeMD6so6FtFYurNRLtd%2FEPoJmHl7W%2B6MZdEXylQVwrpqF8ufqlCxq3o5LCaZD1BDZKMeSMwy%2B4J%2FEQhzx%2Fn1zWJ0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46e9f59948-FRA
ratelimit-remaining
246
x-proxy-cache
HIT
VOTZpfk8.png
imgku.io/download/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/VOTZpfk8.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a81fc358bac023f4bd4e524ac6786147062fcb4348cd2a9a79e2af0b919d2c
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx0000082ee55aa4ebd12fb-0065def517-a50fb-default
x-ratelimit-remaining-second
245
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
3205
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:00:07 GMT
server
cloudflare
etag
"be131ca258d2e0c3d427ac23d94aa73a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2WB6BZ%2B8dJFdrvYPpG86Sdw73WC8%2Fcdi33WRjosj%2FnvdQPVnCMFSuDGloqEndVoBEyV7QTavRT%2FeT1WzPbcvHfUICSRJT5NklToqi6vwYZKPkyLWIzF44gTIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46e9fb9948-FRA
ratelimit-remaining
245
x-proxy-cache
HIT
TIJ8ti3s.png
imgku.io/download/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/TIJ8ti3s.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076f5a345a99303b2c6f1c299532f6fa9d636ca3cdb6ed396476ec10f11a05cb
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000c497f90998613363-0065def517-aa1bd-default
x-ratelimit-remaining-second
247
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
2520
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:00:47 GMT
server
cloudflare
etag
"f5bdc6830092bef924803e41c8e1598b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sJ2Irgkm0RNn8Yv5WSMco4sRTBhURUjJSQhE1poO0LYGsFVGnG%2FfPWWlHPlokyggSIG3vHvogauTOR%2FdluOdyix7WgZo2MzdCyVuWIQMCR3J3gjLufS5OYHFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46e9f89948-FRA
ratelimit-remaining
247
x-proxy-cache
HIT
1ocEfmbx.png
imgku.io/download/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/1ocEfmbx.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a978dc9d553dfe63d21ad363b6ba525e0ccbe73b9fd6b9bc1a0706dd18eed3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000cee818bb13c23bc6-0065def517-a50fb-default
x-ratelimit-remaining-second
248
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
3779
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:01:03 GMT
server
cloudflare
etag
"c96f140b59f8bd0698dd0dde020356be"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8oGfW3tGGUmhpu5%2F1CHwR6sJ2waEklph3NxtZqPzp%2FMJq7NCIdNzrVF6ULTxx%2BNrZ4S6DLRlS4X363I1LwxiHs6wEWOLKRcaUrpTF9bjYQ4dbOaGL3fd23Iyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46e9fe9948-FRA
ratelimit-remaining
248
x-proxy-cache
REVALIDATED
cLoISpRC.png
imgku.io/download/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/cLoISpRC.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e7a9fca10a80b2d8e941d3a4fd5ded42b99fa0ee54d3f320c85a95ae72c96f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx0000017c48358ee04dcc1-0065def517-aa172-default
x-ratelimit-remaining-second
249
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
2000
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:01:56 GMT
server
cloudflare
etag
"7bd612e49e2d10270e31027b752db252"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcojWgJeV7bQj4CCmFRik4M5AvK5bNGUnAqfPyyRaRPTslyUK6l%2Fd3ZV0oivhrc9jnKMlYMzGsKxLeVD2gYWTMzdBTvwrxJlYXV3jGdZ%2F%2FL6BWgtEEkpflVPIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46e9ff9948-FRA
ratelimit-remaining
249
x-proxy-cache
HIT
OAICsEfy.png
imgku.io/download/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/OAICsEfy.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0eecd2716bd1f2c068986235adb678770f051aacaa7f68c1ca445872867a9f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000009b7a23ea71b1cc4e-0065def518-aa140-default
x-ratelimit-remaining-second
244
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
5286
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:04:25 GMT
server
cloudflare
etag
"c0a4ccbec423d0ca7f9006197d4344cd"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM2RKOmYy%2FKYv0QVCxfXnA8oie8sS%2BXvE%2FYw%2BA2Wnr5exnzbCUkJxEarD1SFPnIrMwDMM4Ejf%2BG5rL4rI%2Bz%2BJEFLzLPM%2FMI5Ywf8dg2i11yLSJ4k0yxQBIR6pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d46ea019948-FRA
ratelimit-remaining
244
x-proxy-cache
HIT
Tk5bf2Ls.png
imgku.io/download/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/Tk5bf2Ls.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de17553dd6b2d65034af1ca45a18c1f8a7d746dfb24b34382e34caa2e2cb74a6
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000b6e2cc736c30fcab-0065def517-a5038-default
x-ratelimit-remaining-second
248
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
2362
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:04:56 GMT
server
cloudflare
etag
"48825fadcc338c68169243762f7845f6"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8I0nbUjzsY8eEGWhfly9GEUXd%2FBVikpGj9fXDdqzyEJI1x%2Bck%2FOsIG9lqtYTjYmAz9eWHxENScoP3z3qFvuc0yQELTYUtStDWeQTzBMnGfEEsj0FXeQtcpLYIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d470a209948-FRA
ratelimit-remaining
248
x-proxy-cache
HIT
0yxJch4P.png
imgku.io/download/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/0yxJch4P.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a7fe0748e242b012477977e3efd5b5de04bcdd37c42473d05e380f71247dc3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000ab040fee8356630c-0065def517-a2b46-default
x-ratelimit-remaining-second
248
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
3310
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:05:34 GMT
server
cloudflare
etag
"0fd9ace64419b6871485c874d1712ec5"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qduX3sdaunKl4Ri%2B98uoLA8WXHjQbPs%2FBUyyX1arKTqHqOadg9DiwYDniAkHnoFw3qPLrKYx4Z1mAE%2F8pZVtflFdsgNbwWrgfEBLsVuXmTN8lOWJPphbrwyTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d470a1e9948-FRA
ratelimit-remaining
248
x-proxy-cache
HIT
JnRNzQrE.gif
imgku.io/download/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/JnRNzQrE.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bea378a7392fc87336003c7d1b155193d7e7ca6a59a5a3ed9a84acbeb1da1f9
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx0000074d2048b3d0a72e5-0065def80a-a0601-default
x-ratelimit-remaining-second
240
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
23062
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 09:04:21 GMT
server
cloudflare
etag
"45c9ce355774fd7aa0f8b3e362b11a8a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iTgiOfcWAbrjuL8KrE8yzbZy25ZY6DlOvc5rr7Qgo4hX04ql91Bcl62kU4V5MwTDOdhJGcDFuO%2BgNVySZ9SL7jwSwVaxfllOlc1qcLBIX4w1a4Kt5Kn%2FiKHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d470a239948-FRA
ratelimit-remaining
240
x-proxy-cache
HIT
FVemTW58.gif
imgku.io/download/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/FVemTW58.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7d555a5a59587be49fc4a93cab93a35433e89e31558c318f216f9ed939d4bf
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000002a28b851061768f4-0065def80a-aa19f-default
x-ratelimit-remaining-second
246
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
22727
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 09:04:03 GMT
server
cloudflare
etag
"21ccf2a0893335aa84fcc542f553f578"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDDOilX%2FR%2B%2B6rcyVcAjjREFj7yy3vggj%2FwMsa7fevkKcc5VUI86XpDowLEMyCffswbfgfd9XnZN4VqcOwXRgWgV4X1o4rK%2Flc%2FFQCYNI%2BjTi0hBDFyDlrc98UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d470a289948-FRA
ratelimit-remaining
246
x-proxy-cache
HIT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 09:34:29 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
5ogElxcHsjOV/mmRSEkFrccVUkpTTFeSvERUcWoInjSMVwgDXnRQdZBbThVilRv94MIPIjak5PxM5eG4OG6j9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bghitam.jpg
img-photo.com/images/bg/ 		1008 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/bg/bghitam.jpg
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
28e2b4a6c98ffa370e7fb1969d7f30e0a34c4f93ae36e6ed8cd690ace0cbe853

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 11:54:16 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1008
expires
Sun, 11 Aug 2024 09:34:29 GMT
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
581c446e8aabb72e88b74433f22705b8c0512d585fe869068fbd8cd88339fc29

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53c500e24192a0625c5b1ee2f83159068a36ce929991c108869feec2fef839d8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeff44402b29c49f113bf3a98bc87e4e75b3065cb858d07be080f8a26c2973b0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
favicon.png
img-photo.com/images/favipopo/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/favipopo/favicon.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
f631eed687dbe79b00319ec620a25c74e69179acd4d259ac7fd9d5defb4074a1

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 10:32:38 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3559
expires
Sun, 11 Aug 2024 09:34:29 GMT
popo.png
img-photo.com/images/logopopo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/logopopo/popo.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
711445a193eaf3b639064360c631c87dce69401af1c9dbb6ad40c7f9c86350ec

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sat, 02 Mar 2024 18:41:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
7233
expires
Sun, 11 Aug 2024 09:34:29 GMT
HDWp6x9.gif
iili.io/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/HDWp6x9.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc373794a3dbbf0c2d04d1efbacf92a538b250fa2e11f1c95174cca79548ebb

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48732
alt-svc
h3=":443"; ma=86400
content-length
12558
last-modified
Mon, 14 Aug 2023 05:24:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7izxiPFunk9wY39ofNT9U%2BfF6%2BZFWUQ%2BB8LHbUh35xHs0GDOxe%2FTXARXCVmROgVW7wvC5mEP08y%2F5HFFx28xMpZ9J1gLItTxagsjAv4DvX27VfALfMqun7B%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8add8d492c39366e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HDWprD7.gif
iili.io/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/HDWprD7.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea6e992206822bed12e29f2bb3a12fd2372c80571eeb54e50643a5d30acc927e

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48731
alt-svc
h3=":443"; ma=86400
content-length
1750192
last-modified
Mon, 14 Aug 2023 05:24:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bd%2FDrprShWEk3RwgiPxoIXt51JS5b5FslRjCuKhGr9Xa48Yx1RPHHPXCbvWz%2BKmMfW%2BG3ipFpMTXJepedVKtz6KePTSNiC4VGL15C6KR0StrYVSbc%2FeelIg%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8add8d492c40366e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HDWpPVe.gif
iili.io/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/HDWpPVe.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08216a9cda23707c0242db834fe495f9dbccdb480753aca6b8f138d64a6a41c9

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48730
alt-svc
h3=":443"; ma=86400
content-length
1184254
last-modified
Mon, 14 Aug 2023 05:24:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ay4VEm%2BD0HRNlNryC2EjStZdM%2B9M64feo5mGRjYjGxZHDDAJQ%2BhWCA3zDTTySs8defViuLm%2FebaI8efqyVZskDGXFd1ZlRGCVQqNRoU4LZe14MV4164tbbhg"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8add8d492c3f366e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HDWpgNS.gif
iili.io/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/HDWpgNS.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b742f837f426822898765b1cc1a0ee32af920f06ae12450f9be143e1441591bd

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48731
alt-svc
h3=":443"; ma=86400
content-length
1352089
last-modified
Mon, 14 Aug 2023 05:24:52 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBxOt8Y%2FTaVE9xx7GRrOFTKfHHCIttrznO4G%2Bw486Th51vVDZQi%2BmkoMuJYrNNkLuJzqzhCn2CFADxEEueWPKqag4ssc5HHECD9z7EOkBE6grV5USQAg8pP7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8add8d492c3e366e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HDWpUR2.gif
iili.io/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/HDWpUR2.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23da404e4b6bf5b3167c7f2ec56db9cb91a9575c133011c9fa84a1ae7114b368

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48730
alt-svc
h3=":443"; ma=86400
content-length
1544009
last-modified
Mon, 14 Aug 2023 05:24:52 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTc7qEltz5V3DXQfP5H%2Bcys9LFaI%2FaS8QcvMhgX6SOVSPhMk%2BHqdtAm4ekmPgjNFqSZcZOpY%2BMBnPrva1FfOqB9T53Q5JAnwfqboDtxwBtM5Axq1MseRt%2Fjt"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8add8d492c3d366e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
IiSXTqoe.png
imgku.io/download/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/IiSXTqoe.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c66cf8e2373c963998708fce91a87547798c7585445346c1ecce47f1569b7
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000997f1f5debce9429-0065d6e20f-a2b5a-default
x-ratelimit-remaining-second
247
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
21850
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 05:46:36 GMT
server
cloudflare
etag
"f45f37e7a8a6868e3de71ab016a527b6"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxAic0i2vaPFs1hnyRjUzzruCVnTvUaWRCGGRRHVSv8sZbQ2GttA7YbuigY51ikG7VEz%2B0TdcG5QGn4OfbDRBe0Qc%2FEnc7BoUs7NNJnPzocb4bWyNJechZQWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f609948-FRA
ratelimit-remaining
247
x-proxy-cache
HIT
DafqzIhO.png
imgku.io/download/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/DafqzIhO.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5066eec38b9d3ae5060b54d49b35b06b0bc711df754c031bf3642f1122d3301
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000ddf801441259df79-0065d6e20f-a50fb-default
x-ratelimit-remaining-second
240
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
19418
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 05:46:49 GMT
server
cloudflare
etag
"0e11ce91e37ffd3753a668360ab6c924"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSiYD6A0J9xvfBLXriWqLi%2B%2F21Il9R0mHEsofcW%2Bf9Xrk7xGTxkvr5mPTS1tpIKDEpTcfvqheX7jyJhAuSYjbmxmQujWSDL4h377clxe2KHyQtuuA8lAdq3Krg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f639948-FRA
ratelimit-remaining
240
x-proxy-cache
HIT
WG18aEDg.png
imgku.io/download/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/WG18aEDg.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a16e2d7690137b331f8d16d1eca00ad4550ac33fe60f83c3765a9ae0492439
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
x-ratelimit-limit-second
250
x-amz-request-id
tx000009dfee30399db18c3-0065d6e20f-aa1bd-default
age
1490
x-ratelimit-remaining-second
247
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
20095
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 05:46:58 GMT
server
cloudflare
etag
"dad9a86276a9555d56432a472be59f09"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHqtjF1L3B9%2FmNjzQcRXia0caop98ajiScsUxIN7ZZILjuSc60yvV2ZvC2LEv3%2BhRgIOM1Wwb%2BHo15VczBMwJfy9B6H8YeheLRekn19UfnX0ueoKysLPCGJdhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f649948-FRA
ratelimit-remaining
247
x-proxy-cache
HIT
zXYKTB1Q.png
imgku.io/download/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/zXYKTB1Q.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43d1b9c9a00ddbd40b031da2f435b5551d736de9f2cafc7b9d61d7326e29481
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000001c9bcfb380534361-0065d6e20f-a2b46-default
x-ratelimit-remaining-second
246
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
20494
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 05:47:13 GMT
server
cloudflare
etag
"05e752815963122173371902968bed31"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=028uQMSGkzftDVnrdd2a%2BVkm1faBOcoNx6jpo1rnPd0q9HWkpruy3M2NqpIjQKmT%2BaaWmk17RrARn2%2FaiwOVLZYK3awdsjZqzAuL%2BCuLpt3fxbS0L49VZi40%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f669948-FRA
ratelimit-remaining
246
x-proxy-cache
HIT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
Origin
https://mendapatkannya.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jul 2024 11:47:33 GMT
age
424016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"3bb766b5672b9f2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Jul 2025 11:47:33 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
Origin
https://mendapatkannya.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jul 2024 14:59:19 GMT
age
412510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"db107aa2d6068f23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Jul 2025 14:59:19 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
852122270193206
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/852122270193206?v=2.9.164&r=stable&domain=mendapatkannya.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3119c3d84704d24ef80f6472d89c22d6649cd5c1b51d437967708450c7d94513
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 09:34:29 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=61, mss=1297, tbw=64418, tp=-1, tpl=-1, uplat=83, ullat=0
pragma
public
x-fb-debug
o4YegUOoAmS6aB1uKMeYjulDeEgiELealvut5z8WyMfmGTNofsRGnquzrOX0PUYLmfDjApZ5yoUmfhY5ByYs2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
popo.gif
img-photo.com/images/giftpopo/ 		815 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/giftpopo/popo.gif
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 10:14:49 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2482596
expires
Sun, 11 Aug 2024 09:34:29 GMT
lp9.jpg
img-photo.com/images/slide/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/slide/lp9.jpg
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
6b4c3c41cf7e8119f7cfa999bf6291d8997734ec727ffbab948528459b8a9591

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 10:18:57 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
264766
expires
Sun, 11 Aug 2024 09:34:29 GMT
s4.jpg
img-photo.com/images/slide/ 		270 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/slide/s4.jpg
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
602f9810a8980cf65b78c49e98be00e000df42f270a8a5c29be2e3c143aefe81

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 10:18:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
276034
expires
Sun, 11 Aug 2024 09:34:29 GMT
s3.jpg
img-photo.com/images/slide/ 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-photo.com/images/slide/s3.jpg
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business32-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
7722aeb4fb71e9b4357a27c441c359e8f58e7417f67121e23a4bc209a3db7f05

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:29 GMT
last-modified
Sun, 03 Mar 2024 10:18:54 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
299597
expires
Sun, 11 Aug 2024 09:34:29 GMT
4Kl5x1JC.png
imgku.io/download/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/4Kl5x1JC.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480fd71795efffd9bdbb385c9dfecabe357853ab065e63eaa0c33697191ea85c
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
MISS
x-ratelimit-limit-second
250
x-amz-request-id
tx0000099db5c1c398d9f19-0065df5c77-a7921-default
x-ratelimit-remaining-second
248
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
74940
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:32:12 GMT
server
cloudflare
etag
"59b18999806c5e357d369b16cdee65b7"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WNTB36Z%2BTFy5gF6xkIj%2FDBuC1G6mdabzvCB6yiH1RXTT8zSaUwWZss6ZszkHrcW4wmheSV18Ag5sGm%2BvoV3i8cgO9RKYcCOCZbosPDVj7nvRhM3WZSbJhE4ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f689948-FRA
ratelimit-remaining
248
x-proxy-cache
HIT
tdBLTYSf.png
imgku.io/download/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/tdBLTYSf.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e825acf4c0746a2963d1bd96bd74a83270ad4e06f8f190e4bbe5a89297cf826
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
MISS
x-ratelimit-limit-second
250
x-amz-request-id
tx00000851495c080971f31-0065df5c83-a79e4-default
x-ratelimit-remaining-second
248
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
75571
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:31:33 GMT
server
cloudflare
etag
"9429d2bf5caa07e2277cbb30373fe915"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUbYla1MOBOdRZ5%2BySlnJymE61hrzauooXlEJSmIyBZaPlZfCmJTn7Mh6Fmjbr%2F4tXijznZtrELTJWLsIhFvViSuqMP9Ot2EJWJXhnMnwEyE33aB7iRRRw0MSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f699948-FRA
ratelimit-remaining
248
x-proxy-cache
HIT
edHbhMzj.png
imgku.io/download/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgku.io/download/edHbhMzj.png
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda7fdf45107beafdb475b4395febee215c55ed7aabbb1d55c6e82c9c23007d0
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 09:34:30 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
MISS
x-ratelimit-limit-second
250
x-amz-request-id
tx00000067feefb5845cdde-0065df5c77-a2be6-default
x-ratelimit-remaining-second
249
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
76821
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 08:31:51 GMT
server
cloudflare
etag
"cdf7d43ecbdb284731d41f325106c0b0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIKic88Q8I4p4Jqq3o1m3vDr0UjKqTALumtThF8DomkiNzOuI1Ylcy5%2F1OqfgtdxQ1jNFDYzlkecx6Vs45XeOEyEimggwJ9OWs44pVuPHPZZeuVtG%2F3jhjkBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8add8d4b8f6a9948-FRA
ratelimit-remaining
249
x-proxy-cache
HIT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=852122270193206&ev=PageView&dl=https%3A%2F%2Fmendapatkannya.xyz%2F&rl=&if=false&ts=1722764069833&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722764069830.903897927373978521&cs_est=true&ler=empty&cdl=API_unavailable&it=1722764069326&coo=false&rqm=GET
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 09:34:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=852122270193206&ev=PageView&dl=https%3A%2F%2Fmendapatkannya.xyz%2F&rl=&if=false&ts=1722764069833&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722764069830.903897927373978521&cs_est=true&ler=empty&cdl=API_unavailable&it=1722764069326&coo=false&rqm=FGET
Requested by
Host: mendapatkannya.xyz
URL: https://mendapatkannya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://mendapatkannya.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 09:34:30 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399215340338604262", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1297, tbw=3127, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
eybfz+Lqt2h938mXbaoBu4+4jvnhov9+OvFkW5fS0NzRpA3km3EvjQEfJG00K3aVEWTEMQrqnr3DCCTfYeD6ow==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399215340338604262"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy

1 Cookies

Domain/Path Name / Value
.mendapatkannya.xyz/ Name: _fbp
Value: fb.1.1722764069830.903897927373978521

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://mendapatkannya.xyz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
connect.facebook.net
iili.io
img-photo.com
imgku.io
mendapatkannya.xyz
www.facebook.com
104.21.235.70
172.217.16.193
172.67.162.223
198.54.114.156
198.54.115.35
2a00:1450:4001:806::2001
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
05a7fe0748e242b012477977e3efd5b5de04bcdd37c42473d05e380f71247dc3
076f5a345a99303b2c6f1c299532f6fa9d636ca3cdb6ed396476ec10f11a05cb
08216a9cda23707c0242db834fe495f9dbccdb480753aca6b8f138d64a6a41c9
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
1dc373794a3dbbf0c2d04d1efbacf92a538b250fa2e11f1c95174cca79548ebb
23da404e4b6bf5b3167c7f2ec56db9cb91a9575c133011c9fa84a1ae7114b368
269c66cf8e2373c963998708fce91a87547798c7585445346c1ecce47f1569b7
28e2b4a6c98ffa370e7fb1969d7f30e0a34c4f93ae36e6ed8cd690ace0cbe853
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
3119c3d84704d24ef80f6472d89c22d6649cd5c1b51d437967708450c7d94513
3e825acf4c0746a2963d1bd96bd74a83270ad4e06f8f190e4bbe5a89297cf826
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
45e7a9fca10a80b2d8e941d3a4fd5ded42b99fa0ee54d3f320c85a95ae72c96f
46a16e2d7690137b331f8d16d1eca00ad4550ac33fe60f83c3765a9ae0492439
480fd71795efffd9bdbb385c9dfecabe357853ab065e63eaa0c33697191ea85c
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
53c500e24192a0625c5b1ee2f83159068a36ce929991c108869feec2fef839d8
581c446e8aabb72e88b74433f22705b8c0512d585fe869068fbd8cd88339fc29
5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056
5bea378a7392fc87336003c7d1b155193d7e7ca6a59a5a3ed9a84acbeb1da1f9
602f9810a8980cf65b78c49e98be00e000df42f270a8a5c29be2e3c143aefe81
670d1a18d0f07c52362af9aa56c21d293b9abb7abe15fbac2a31801aff1f9954
6b4c3c41cf7e8119f7cfa999bf6291d8997734ec727ffbab948528459b8a9591
711445a193eaf3b639064360c631c87dce69401af1c9dbb6ad40c7f9c86350ec
7722aeb4fb71e9b4357a27c441c359e8f58e7417f67121e23a4bc209a3db7f05
796e67ed46a3b39d46856f433f37f3fc4fc913539799946ba3d5947ce59d7d32
8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb
95a978dc9d553dfe63d21ad363b6ba525e0ccbe73b9fd6b9bc1a0706dd18eed3
9d0eecd2716bd1f2c068986235adb678770f051aacaa7f68c1ca445872867a9f
a5066eec38b9d3ae5060b54d49b35b06b0bc711df754c031bf3642f1122d3301
a9a81fc358bac023f4bd4e524ac6786147062fcb4348cd2a9a79e2af0b919d2c
aa05fa46fe77e355a9ccd0d615b3a79841849108f6c1950576b1077abd4e7e7f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aeff44402b29c49f113bf3a98bc87e4e75b3065cb858d07be080f8a26c2973b0
b43d1b9c9a00ddbd40b031da2f435b5551d736de9f2cafc7b9d61d7326e29481
b742f837f426822898765b1cc1a0ee32af920f06ae12450f9be143e1441591bd
de17553dd6b2d65034af1ca45a18c1f8a7d746dfb24b34382e34caa2e2cb74a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ea6e992206822bed12e29f2bb3a12fd2372c80571eeb54e50643a5d30acc927e
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
ef7d555a5a59587be49fc4a93cab93a35433e89e31558c318f216f9ed939d4bf
f631eed687dbe79b00319ec620a25c74e69179acd4d259ac7fd9d5defb4074a1
fda7fdf45107beafdb475b4395febee215c55ed7aabbb1d55c6e82c9c23007d0