urlscan.io logo urlscan.io
SecurityTrails logo

www.gayo.capital Open in urlscan Pro
160.153.0.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gayo.capital/
Effective URL: https://www.gayo.capital/
Submission: On January 31 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 160.153.0.36, located in Amsterdam, Netherlands and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.gayo.capital.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2022. Valid for: a year.
This is the only time www.gayo.capital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 160.153.0.36 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:21f... 16509 (AMAZON-02)
3 5 23.36.163.225 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
25 7
12    160.153.0.36 (Amsterdam, Netherlands)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 36.0.153.160.host.secureserver.net
www.gayo.capital
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2600:9000:21f3:7a00:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
mlq7guq4smkk.i.optimole.com
5    23.36.163.225 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
2    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:6c00::210:bb62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
Apex Domain
Subdomains		 Transfer
12 gayo.capital
www.gayo.capital
54 KB
7 optimole.com
mlq7guq4smkk.i.optimole.com
246 KB
5 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8856
img6.wsimg.com — Cisco Umbrella Rank: 11180
20 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12790
584 B
2 gstatic.com
fonts.gstatic.com
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
3 KB
25 6
Domain Requested by
12 www.gayo.capital 1 redirects www.gayo.capital
7 mlq7guq4smkk.i.optimole.com www.gayo.capital
3 img1.wsimg.com 3 redirects
2 events.api.secureserver.net img1.wsimg.com
2 fonts.gstatic.com fonts.googleapis.com
2 img6.wsimg.com www.gayo.capital
1 fonts.googleapis.com www.gayo.capital
25 7

This site contains no links.

Subject Issuer Validity Valid
www.gayo.capital
Cloudflare Inc ECC CA-3		 2022-12-15 -
2023-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.i.optimole.com
Amazon		 2022-04-12 -
2023-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.gayo.capital/
Frame ID: 40AF2EDDA1898D34C1D0626BBB04FA39
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Gayo Capital

Page URL History Show full URLs

  1. http://www.gayo.capital/ HTTP 301
    https://www.gayo.capital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
  • <link [^>]*href=(?:"|')[^"']*uploads/elementor/css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

388 kB
Transfer

706 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gayo.capital/ HTTP 301
    https://www.gayo.capital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 14
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gayo.capital/
Redirect Chain
  • http://www.gayo.capital/
  • https://www.gayo.capital/
57 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
92ebb8f54ad4845a4f3aac99c2503e90c5f78d7e4bfb4ca6b8f69f76b4098fe1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
19
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
792110e90cf3920e-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 31 Jan 2023 08:27:04 GMT
expires
Fri, 03 Mar 2023 08:27:04 GMT
last-modified
Sun, 29 Jan 2023 15:19:01 GMT
server
cloudflare
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
uncached
x-cache-hit
MISS
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
7.4
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
HIT
CF-RAY
792110e7e8af9957-FRA
Cache-Control
public, max-age=2678400
Connection
keep-alive
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 31 Jan 2023 08:27:04 GMT
Expires
Fri, 03 Mar 2023 08:27:04 GMT
Location
https://www.gayo.capital/
Server
cloudflare
Transfer-Encoding
chunked
Vary
User-Agent, Accept-Encoding
X-Backend
local
X-Cache
uncached
X-Cache-Hit
MISS
X-Cacheable
YES:Forced
X-Cacheproxy-Retries
0/2
X-Content-Type-Options
nosniff
X-Php-Version
7.4
X-Xss-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		89 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e052d6c9efde5270fdafdbcdf0f9d9f084a6b5f27c05bbfa5396f4ca27087fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Jan 2023 08:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 08:27:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Jan 2023 08:27:04 GMT
autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
www.gayo.capital/wp-content/cache/autoptimize/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
x-backend
local
cf-cache-status
MISS
server
cloudflare
vary
User-Agent, Accept-Encoding
x-cache
cached
content-type
text/html; charset=iso-8859-1
x-cache-hit
HIT
x-cacheproxy-retries
0/2
cf-ray
792110e95d4c920e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
post-7.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		1 KB
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-7.css?ver=1643924925
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4448efd790188ae1b3a0901b4945e7a7b362953604f23110e97e6422de537b44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:45 GMT
x-php-version
7.4
server
cloudflare
etag
W/"594-5d72419327fd4-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d4e920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
global.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/global.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
550f7783864a15844b0a4473aa0cdbb3a54358589a0ed6a4ba3a62684c640fd3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"9946-5d7241948d251-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d4f920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
post-37.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
b74c91109e668930c0cc5c37a0b1c21fde906a67f86deff0ed111eed7b3010b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 22:25:17 GMT
x-php-version
7.4
server
cloudflare
etag
W/"6135-5d7249bdd6adf-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d50920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
post-156.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		7 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-156.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
455491a08cb90a32303390e0f002fc054499ae5d039bc80dde38a21e71634503
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"1a1f-5d724194c1d25-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d51920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
post-166.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-166.css?ver=1643924926
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
68cd6f4a7ca6682faba5b8d34ab9b57acb231f2406a4a856ab32a7eeedd61ada
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 03 Feb 2022 21:48:46 GMT
x-php-version
7.4
server
cloudflare
etag
W/"3bc8-5d724194d0901-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d53920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
post-267.css
www.gayo.capital/wp-content/uploads/elementor/css/ 		1 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/uploads/elementor/css/post-267.css?ver=1584866864
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
558ccc6b4d31e1f6142d4f767c0ff0fa10cb399d4b5c6a5b33c592a2e6ba0f1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 04 Feb 2022 00:47:31 GMT
x-php-version
7.4
server
cloudflare
etag
W/"55d-5d7269888aa88-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d56920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
jquery.min.js
www.gayo.capital/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
19
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Jan 2023 14:04:15 GMT
x-php-version
7.4
server
cloudflare
etag
W/"15e54-5f3171b845534;59ee221bccb99
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
792110e95d57920e-FRA
expires
Fri, 03 Mar 2023 08:27:04 GMT
cropped-Gayo-Capital-Site-Logo.png
mlq7guq4smkk.i.optimole.com/w:382/h:237/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:382/h:237/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/03/cropped-Gayo-Capital-Site-Logo.png
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
bd24f88c1fe8a13a5d3532f0ead2ce4b421f9631ea177fbd955f2364754ae7fd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:52:07 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
761697
x-cache
Hit from cloudfront
content-disposition
inline; filename="cropped-Gayo-Capital-Site-Logo.avif"
alt-svc
h3=":443"; ma=86400
content-length
6899
x-request-id
tQK3vuX1HXbr3qLi66Gyv
server
Optimole
accept-ch
ECT
etag
"8bV1W08vojDmami4Lb4LRGDa0ECyQv6XWwkAGfXkzTg/RImU5YmFmYjVmMDI2YzUwOGQ3NmQwNmNkMTkwNzY0MGU3Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
y3o0eHUSz5XEpZ8rl6wOzhIPwwTx9uxwzMknLJjYS1TtxbMeFzhwfg==
expires
Mon, 22 Jan 2024 12:52:07 GMT
WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.jpeg
mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2021/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.jpeg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
2d7ed4ba11ae5a7f961aeb8eed79bc5a4966f5c6f2714c0da6dcb25e4f1a018c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 21:29:16 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1853868
x-cache
Hit from cloudfront
content-disposition
inline; filename="WhatsApp-Image-2021-05-18-at-18.06.05-e1621494687167.avif"
alt-svc
h3=":443"; ma=86400
content-length
6807
x-request-id
GTx9frST7zlNzLc6iE2s3
server
Optimole
accept-ch
ECT
etag
"wa7lIo4XSnMRkMlLhNVFeH8Gd7RdF1tGjFxayfzSEis/RIjRhMGJiNDJlMWNkMGYyZThkN2VmNmUyNjA0OGZjOWU2Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
QtTBntUfvMDg05GwIWa6m0hAgS_bRMAfJOy9mow096sgVYPp98pEgg==
expires
Tue, 09 Jan 2024 21:29:16 GMT
1576583099247.jpeg
mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://www.gayo.capital/wp-content/uploads/2020/04/1576583099247.jpeg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
fec4f012b6f15df1764263c916291b370cd3924110694a18fb0ac4cbb3e25ba6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 14:58:59 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
408485
x-cache
Hit from cloudfront
content-disposition
inline; filename="1576583099247.avif"
alt-svc
h3=":443"; ma=86400
content-length
2146
x-request-id
RE08nYL-JeISiFEWf_G1z
server
Optimole
accept-ch
ECT
etag
"ZTWDH91rPwe0fBf3rdfMIMs0aQlPPyA8hoc6_gtWF7g/RIjZlY2IzMjk2N2M3MGFjZjgzYWUwZTc2NTJiYTgxZDI0Ig"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
cDf9KU_HjgWPyqbClPaf5iDUpreT59-l98FWuHeVT2mMm7Ui13D9UQ==
expires
Fri, 26 Jan 2024 14:58:59 GMT
email-decode.min.js
www.gayo.capital/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jan 2023 11:05:52 GMT
server
cloudflare
etag
W/"63ce6a10-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
792110ea0aa59072-FRA
expires
Thu, 02 Feb 2023 08:27:04 GMT
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Tue, 31 Jan 2023 08:27:04 GMT
x-amz-request-id
FH0P3E93SF8PA32Y
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11347
x-amz-id-2
vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
last-modified
Tue, 29 Nov 2022 21:26:18 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Tue, 31 Jan 2023 08:27:04 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 31 Jan 2023 08:57:04 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
357
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
unused62
8096267
date
Tue, 31 Jan 2023 08:27:04 GMT
x-amz-request-id
RJ3J3PMANG6125DE
x-edgeconnect-midmile-rtt
8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7498
x-amz-id-2
nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
last-modified
Mon, 17 Jan 2022 17:21:37 GMT
etag
"ce554d2333f3801abafb32da18213ff7"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin
*
date
Tue, 31 Jan 2023 08:27:04 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Tue, 31 Jan 2023 08:57:04 GMT
autoptimize_76ed294697ba0986d233cdce961101a6.php
www.gayo.capital/wp-content/cache/autoptimize/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_76ed294697ba0986d233cdce961101a6.php
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.36 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
36.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:27:04 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
x-backend
local
cf-cache-status
MISS
server
cloudflare
vary
User-Agent, Accept-Encoding
x-cache
cached
content-type
text/html; charset=iso-8859-1
x-cache-hit
HIT
x-cacheproxy-retries
0/2
cf-ray
792110ea4af09072-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
optimole_lib_no_poly.min.js
mlq7guq4smkk.i.optimole.com/js-lib/v2/latest/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlq7guq4smkk.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea18434666cb331ff2385bdaefb771bcadabad7ccfaa07c7378a85c5870fe296

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 08:39:17 GMT
content-encoding
gzip
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 08:38:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
344868
etag
W/"1e72a1c676d4dee59558f50650d33c4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
a8pcMhFpVZIJyfs4Z642UkpZ7e_jPP6a_R3SefQjrFwHuJhknSmrAw==
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gayo.capital
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 15:34:42 GMT
x-content-type-options
nosniff
age
319942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35660
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:07:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 15:34:42 GMT
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a6a9baade479a81772c2f5b0946e27f7549f8a4de920c2a1525a3b0916f1f7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0524a038576190ff5c9dbb1375914eb5b7f957a800c408e46a560a62f78d9b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
789e75d7e8661087b1720a05725a421ce9f6e1e0b93e05ecd39aa44e19831c56

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f33f30c5b80e5a0d3d791a454c8ee68b96b40988060d8d59bda75f74e892727

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
background2.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-JMjEKaBz/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-JMjEKaBz/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background2.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
d925fc9ee48c4ddf02971289a4fe9ba583d97f7bd749a5cbb2b201699d59eee3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 11:24:59 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
594125
x-cache
Hit from cloudfront
content-disposition
inline; filename="background2.webp"
alt-svc
h3=":443"; ma=86400
content-length
68100
x-request-id
QXutLNRfkhAY4hOQzGe8N
server
Optimole
accept-ch
ECT
etag
"b1nCHGZEjuhZXGF3XmQ5wj6W0ia8miP_8t_13gZ5HxI/RImMxNDU4MDdlZjZhZDA5ZjJjY2M0MTA3YzhlZTM0Y2ZhIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
fZl0S5qh5pReNlufBqUndWt5b9kFRwA3cAwGhloUunkKPCSC2ibNpg==
expires
Wed, 24 Jan 2024 11:24:59 GMT
background5.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-faIPSDaQ/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-faIPSDaQ/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background5.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
6f13801b8938b44f5f47a639c4ae884631810454b383e6a875efd690dce9d9af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 17:34:43 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1263141
x-cache
Hit from cloudfront
content-disposition
inline; filename="background5.webp"
alt-svc
h3=":443"; ma=86400
content-length
98712
x-request-id
KXsXmQIMP5fcqa9ULbLIz
server
Optimole
accept-ch
ECT
etag
"Q7LYxfmGQhNzZ6Y8aseXeRmvUmcc2z0VSFJ4ZImBtT8/RIjY0NWQ5MDM5YTQwZWM5M2YyNmQyZTcxYjEyNDNjODEwIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
b5DrkP0-gP35nxItYSJvySv8LiXiAkSou9UWJe2d6MIxvIvq7dLXOg==
expires
Tue, 16 Jan 2024 17:34:43 GMT
background3.jpg
mlq7guq4smkk.i.optimole.com/Za0PEsI-GTUdyktD/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mlq7guq4smkk.i.optimole.com/Za0PEsI-GTUdyktD/w:auto/h:auto/q:75/http://www.gayo.capital/wp-content/uploads/2020/03/background3.jpg
Requested by
Host: www.gayo.capital
URL: https://www.gayo.capital/wp-content/uploads/elementor/css/post-37.css?ver=1643927117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
e146ff819a452b2fa35f47c7854383db7205a9b4bfda55611162a2559a8dcca0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 08:26:57 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
172807
x-cache
Hit from cloudfront
content-disposition
inline; filename="background3.webp"
alt-svc
h3=":443"; ma=86400
content-length
61870
x-request-id
KeW9ulzPatJi8QUVgwHY6
server
Optimole
accept-ch
ECT
etag
"-BqEXCVOFUKqW5i48x5mW24VogRqGJNnW_HFgMueXaQ/RIjBmYzhhZjhlOGJmMDUwMTEwYWE0Njk0YTU4ODllMGEwIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
lPTaTuMmXbz8e-d-NndR3j7Yutn_ILaey04M_ESOkMKHKxOcE3PB1g==
expires
Mon, 29 Jan 2024 08:26:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gayo.capital
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:49:16 GMT
x-content-type-options
nosniff
age
369468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 01:49:16 GMT
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1675153624887&dh=www.gayo.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&vci=336544461&cv=2.0.1&z=434358459&vg=e688be94-52c1-5b6d-a0e0-26ca3fb91955&vtg=e688be94-52c1-5b6d-a0e0-26ca3fb91955&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%221b6d9e8c-86c8-9ec3-c141-9a3b53910e1b.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data19%22%2C%22xid%22%3A%2243129103%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22296%22%2C%22wp_alloptions_bytes%22%3A%22422072%22%7D&hit_id=95bda1c2-d497-55ac-802b-f26f3bc6a43c&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:bb62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 31 Jan 2023 08:27:05 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://www.gayo.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1675153624959&dh=www.gayo.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&vci=336544461&cv=2.0.1&z=467970137&vg=e688be94-52c1-5b6d-a0e0-26ca3fb91955&vtg=e688be94-52c1-5b6d-a0e0-26ca3fb91955&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%221b6d9e8c-86c8-9ec3-c141-9a3b53910e1b.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data19%22%2C%22xid%22%3A%2243129103%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22296%22%2C%22wp_alloptions_bytes%22%3A%22422072%22%7D&hit_id=8a9d06b9-c10d-532b-b6d5-c5a02ae2c7bf&ht=perf&tce=1675153624479&tcs=1675153624425&tdc=1675153624949&tdclee=1675153624893&tdcles=1675153624893&tdi=1675153624893&tdl=1675153624519&tdle=1675153624425&tdls=1675153624425&tfs=1675153624424&tns=1675153624243&trqs=1675153624479&tre=1675153624518&trps=1675153624517&tles=1675153624949&tlee=0&nt=navigate&lcp=550&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:bb62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gayo.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 31 Jan 2023 08:27:05 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://www.gayo.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| ecs_ajax_params object| optimoleData object| ElementorProFrontendConfig object| elementorFrontendConfig object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| tti

2 Cookies

Domain/Path Name / Value
.gayo.capital/ Name: _tccl_visitor
Value: e688be94-52c1-5b6d-a0e0-26ca3fb91955
.gayo.capital/ Name: _tccl_visit
Value: e688be94-52c1-5b6d-a0e0-26ca3fb91955

2 Console Messages

Source Level URL
Text
network error URL: https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_fa81d15d0d6ed1117a7b5e8cc8cb16b5.php
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.gayo.capital/wp-content/cache/autoptimize/autoptimize_76ed294697ba0986d233cdce961101a6.php
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
img6.wsimg.com
mlq7guq4smkk.i.optimole.com
www.gayo.capital
160.153.0.36
23.36.163.225
2600:9000:21f3:7a00:2:6f7a:6f00:93a1
2a00:1450:4001:80e::200a
2a00:1450:400d:80d::2003
2a02:26f0:6c00::210:bb62
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a6a9baade479a81772c2f5b0946e27f7549f8a4de920c2a1525a3b0916f1f7c
2d7ed4ba11ae5a7f961aeb8eed79bc5a4966f5c6f2714c0da6dcb25e4f1a018c
2f33f30c5b80e5a0d3d791a454c8ee68b96b40988060d8d59bda75f74e892727
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
4448efd790188ae1b3a0901b4945e7a7b362953604f23110e97e6422de537b44
455491a08cb90a32303390e0f002fc054499ae5d039bc80dde38a21e71634503
550f7783864a15844b0a4473aa0cdbb3a54358589a0ed6a4ba3a62684c640fd3
558ccc6b4d31e1f6142d4f767c0ff0fa10cb399d4b5c6a5b33c592a2e6ba0f1e
68cd6f4a7ca6682faba5b8d34ab9b57acb231f2406a4a856ab32a7eeedd61ada
6e052d6c9efde5270fdafdbcdf0f9d9f084a6b5f27c05bbfa5396f4ca27087fa
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6f13801b8938b44f5f47a639c4ae884631810454b383e6a875efd690dce9d9af
789e75d7e8661087b1720a05725a421ce9f6e1e0b93e05ecd39aa44e19831c56
92ebb8f54ad4845a4f3aac99c2503e90c5f78d7e4bfb4ca6b8f69f76b4098fe1
a0524a038576190ff5c9dbb1375914eb5b7f957a800c408e46a560a62f78d9b6
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b74c91109e668930c0cc5c37a0b1c21fde906a67f86deff0ed111eed7b3010b7
bd24f88c1fe8a13a5d3532f0ead2ce4b421f9631ea177fbd955f2364754ae7fd
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d925fc9ee48c4ddf02971289a4fe9ba583d97f7bd749a5cbb2b201699d59eee3
e146ff819a452b2fa35f47c7854383db7205a9b4bfda55611162a2559a8dcca0
ea18434666cb331ff2385bdaefb771bcadabad7ccfaa07c7378a85c5870fe296
fec4f012b6f15df1764263c916291b370cd3924110694a18fb0ac4cbb3e25ba6