urlscan.io logo urlscan.io
SecurityTrails logo

20.125.130.72 Open in urlscan Pro
20.125.130.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://20.125.130.72/
Submission Tags: falconsandbox
Submission: On January 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 19 domains to perform 42 HTTP transactions. The main IP is 20.125.130.72, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 20.125.130.72.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 9th 2023. Valid for: 3 months.
This is the only time 20.125.130.72 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 20.125.130.72 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 66.29.146.14 22612 (NAMECHEAP...)
2 63.250.38.11 22612 (NAMECHEAP...)
2 162.19.58.161 16276 (OVH)
1 192.0.77.2 2635 (AUTOMATTIC)
1 162.215.117.239 46606 (UNIFIEDLA...)
1 68.65.120.87 22612 (NAMECHEAP...)
1 198.187.29.188 22612 (NAMECHEAP...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 149.56.240.132 16276 (OVH)
1 192.0.72.24 2635 (AUTOMATTIC)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 172.96.191.90 59253 (LEASEWEB-...)
1 194.163.42.8 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 21
13    20.125.130.72 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
20.125.130.72
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dukunangkajitu.net
1    66.29.146.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium223-3.web-hosting.com
prediksiwaktogel.com
2    63.250.38.11 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium91-1.web-hosting.com
prediksigaduntoto.club
2    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    162.215.117.239 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-117-239.unifiedlayer.com
prediksimacau99.com
1    68.65.120.87 (Huntingdon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business42-3.web-hosting.com
prediksipreman.com
1    198.187.29.188 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium39-5.web-hosting.com
prediksimedan4d.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net
s4.histats.com
1    192.0.72.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
benuatg.files.wordpress.com
1    2400:52e0:1e00::874:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
sp-ao.shortpixel.ai
1    172.96.191.90 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.90-static.reverse.arandomserver.com
mbahtogell.net
1    194.163.42.8 (Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv139.niagahoster.com
quiz4dgaming.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
5 dukunangkajitu.net
www.dukunangkajitu.net
806 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 18843
s4.histats.com — Cisco Umbrella Rank: 16123
11 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
4 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 13508
334 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13465
72 KB
2 prediksigaduntoto.club
prediksigaduntoto.club
401 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
49 KB
1 quiz4dgaming.com
quiz4dgaming.com
286 KB
1 mbahtogell.net
mbahtogell.net
145 KB
1 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18334
678 B
1 wordpress.com
benuatg.files.wordpress.com
93 KB
1 prediksimedan4d.com
prediksimedan4d.com
23 KB
1 prediksipreman.com
prediksipreman.com
1 KB
1 prediksimacau99.com
prediksimacau99.com
3 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3063
2 KB
1 prediksiwaktogel.com
prediksiwaktogel.com
137 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
915 B
42 19
Domain Requested by
5 www.dukunangkajitu.net 20.125.130.72
2 s10.histats.com 20.125.130.72
s10.histats.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net 20.125.130.72
2 blogger.googleusercontent.com 20.125.130.72
2 i.ibb.co 20.125.130.72
2 prediksigaduntoto.club 20.125.130.72
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 pagead2.googlesyndication.com cdn.jsdelivr.net
1 quiz4dgaming.com 20.125.130.72
1 mbahtogell.net 20.125.130.72
1 sp-ao.shortpixel.ai 1 redirects
1 benuatg.files.wordpress.com 20.125.130.72
1 s4.histats.com s10.histats.com
1 prediksimedan4d.com 20.125.130.72
1 prediksipreman.com 20.125.130.72
1 prediksimacau99.com 20.125.130.72
1 i0.wp.com 20.125.130.72
1 prediksiwaktogel.com 20.125.130.72
1 fonts.googleapis.com 20.125.130.72
42 20

This site contains links to these domains. Also see Links.

Domain
www.histats.com
Subject Issuer Validity Valid
20.125.130.72
ZeroSSL RSA Domain Secure Site CA		 2023-01-09 -
2023-04-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.dukunangkajitu.net
E1		 2022-12-16 -
2023-03-16		 3 months crt.sh
www.prediksiwaktogel.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-17 -
2023-10-13		 a year crt.sh
prediksigaduntoto.club
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
ibb.co
R3		 2022-12-08 -
2023-03-08		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
prediksimacau99.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-16 -
2023-06-16		 a year crt.sh
prediksipreman.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-15		 a year crt.sh
prediksimedan4d.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-04 -
2023-05-04		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
histats.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.files.wordpress.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.quiz4dgaming.com
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://20.125.130.72/
Frame ID: 2FE9B63A163D132BD450FE2E1818A412
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 3BF453C43FA1C2B4331D1E5320684A14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zona Macau | Forum Syair Macau

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <link[^>]+recaptcha

Page Statistics

42
Requests

98 %
HTTPS

38 %
IPv6

19
Domains

20
Subdomains

21
IPs

7
Countries

2524 kB
Transfer

3029 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://sp-ao.shortpixel.ai/client/q_lossy,ret_img,w_366,h_401/https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg HTTP 302
  • https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
20.125.130.72/ 		120 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5c8010b849942bb17a6f930aad1da514d00ff6fdbecc07e610b8e2148bcbc732

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private,max-age=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 15 Jan 2023 05:40:27 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
styles.css
20.125.130.72/site/themes/kincaimedia/assets/css/ 		194 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/css/styles.css?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
49f54b3a8101175eab0e973d64b5eec00ef2e69deeac8be3a4f7f8a674bea053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:27 GMT
content-encoding
br
last-modified
Mon, 12 Sep 2022 16:26:06 GMT
server
LiteSpeed
etag
"306be-631f5d9e-3f347;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
24942
expires
Sun, 22 Jan 2023 05:40:27 GMT
css
fonts.googleapis.com/ 		1 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400,500&display=swap&v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e2d3d79abc0ed2ccb2adda002cf5c818bb17b2a396584acf621f689357b1d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Jan 2023 05:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 15 Jan 2023 05:19:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Jan 2023 05:40:27 GMT
Z.png
20.125.130.72/site/uploads/2023/Jan/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://20.125.130.72/site/uploads/2023/Jan/09/Z.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4d737dc203d6906f63fc7e32298e83fb20d4a3668290508c50eeedbef1803fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Mon, 09 Jan 2023 17:07:59 GMT
server
LiteSpeed
etag
"25b3-63bc49ef-3f709;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
9651
expires
Sun, 22 Jan 2023 05:40:28 GMT
circle.png
20.125.130.72/site/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://20.125.130.72/site/assets/img/circle.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bebaee8b5c8c5acceb47eac4bcba8e6c93abcf9459933ad743a5f05a9b75d0f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 31 Dec 2020 20:00:00 GMT
server
LiteSpeed
etag
"8fb-5fee2dc0-3f289;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2299
expires
Sun, 22 Jan 2023 05:40:28 GMT
everything.png
20.125.130.72/site/assets/img/ 		398 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://20.125.130.72/site/assets/img/everything.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9e80cecde94e949338b581c600baded9fb2e1399f18e47aa2cd7ed9fd6317232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 31 Dec 2020 20:00:00 GMT
server
LiteSpeed
etag
"18e-5fee2dc0-3f28b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
398
expires
Sun, 22 Jan 2023 05:40:28 GMT
macau-22-13.jpg
www.dukunangkajitu.net/wp-content/uploads/2023/01/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dukunangkajitu.net/wp-content/uploads/2023/01/macau-22-13.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ece5e1f66df65756d6b4a93aa09b88262e7c6e640f2d5ba8e8990157de34d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Jan 2023 00:08:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31e8e-5f242438e5eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT7KaYCWLi%2Fl7JtNsrlegppDJj%2B4q%2FX0YXh%2Fvq6XsTtRgLIzRLPsoEx%2Fhb6jdI7jlQTCSXkhfCPeJqpVDfFtSHV8U4yFNweZhJOVDf73JBKUCFaB4Dab9HXThP7WByOwtm5w0YrgLi%2BHRuoSrUaixMP9QA4c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
789c46db9d0a9b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
204430
macau-19-14.jpg
www.dukunangkajitu.net/wp-content/uploads/2023/01/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dukunangkajitu.net/wp-content/uploads/2023/01/macau-19-14.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d149b01fa00b049f562473589de9904c07eea69165b967cfea6b29648d1af75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Jan 2023 00:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31e91-5f24242b6ca6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLyohS63cQoLEKTWwvRF7YLfQmZ7rk2erageyIgnKcPCY4cDERy9%2BI9IS%2BDDsDKfbmnmGzxe%2ByFOLtiGan9rC%2FQNuWxZylEpN6OWL%2BdUh3Gde5gNPRvkSXcS2bbQ5gxaw%2FE%2FPpXnpwj7hEWXcRzUD2Un8xzm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
789c46db9d0b9b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
204433
macau-16-14.jpg
www.dukunangkajitu.net/wp-content/uploads/2023/01/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dukunangkajitu.net/wp-content/uploads/2023/01/macau-16-14.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f166a42fdde290dc7e27a71f83958d31264adbe7ea9e783befc6e7767599616f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cf-cache-status
HIT
last-modified
Sat, 14 Jan 2023 23:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32342-5f241cc2f127c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V29U0unie6W1lobt6hjEYTf5usW2hRWdR1ejleJZ6EnZnhkR2yhSWVoemh6Hz0NLQIqIKRi8PB0oeko%2By5P8AlkKNLA9NikltqJd0mL%2BbbnG3Stw0RcGxi02%2Fcuslclw0eAz7TDuvmz%2BU%2BmXg26eW2yAdpxK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
789c46db9d0c9b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205634
prediksi-togel-tercepat-dan-jitu-langsung-dari-bandar-pusat.jpg
prediksiwaktogel.com/wp-content/uploads/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksiwaktogel.com/wp-content/uploads/prediksi-togel-tercepat-dan-jitu-langsung-dari-bandar-pusat.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.146.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium223-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
6eb644dfae3e3353094fcf8bf425f37a2bd4b185230c72209d7c4944a789831d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Sun, 16 Oct 2022 09:25:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
140087
expires
Sun, 22 Jan 2023 05:40:28 GMT
macau-13-16.jpg
www.dukunangkajitu.net/wp-content/uploads/2023/01/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dukunangkajitu.net/wp-content/uploads/2023/01/macau-13-16.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14ed09779e3b140a3b9562ea8a0c3536c1c40c8b601701235bd9a2afdff60c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cf-cache-status
HIT
last-modified
Sat, 14 Jan 2023 23:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3211e-5f241cb526915"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2e%2Fp1gqivEhdgIqLdU%2Bn84f%2FC7xoGYlia0oR4hpolAbtklzWBCBm0HqVIGm3D%2BK38WABR2JbODosP35glRFMJZsL2xtJKI37piy1nXVAAaMA%2BedF2%2BzFIHK%2BfxB21UoN0swHR9t2F%2B3JGsZFkpOyvdQAPNXq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
789c46db9d0d9b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205086
MACAU-5D.jpg
prediksigaduntoto.club/wp-content/uploads/2022/09/ 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksigaduntoto.club/wp-content/uploads/2022/09/MACAU-5D.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.11 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium91-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
3ae299077fbd11586bebc7a589871c5bb2ed1cc45ccbfdebc1fc20cde30fdaf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 22 Sep 2022 21:18:00 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
288064
expires
Sun, 22 Jan 2023 05:40:28 GMT
photo6311899185791743046-1.jpg
prediksigaduntoto.club/wp-content/uploads/2022/05/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksigaduntoto.club/wp-content/uploads/2022/05/photo6311899185791743046-1.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.11 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium91-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
37ec92d48d9d4b5b657e5520dadedb7aa9228df5b2f395185cabd1c733ee3f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 05 May 2022 18:06:23 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
121574
expires
Sun, 22 Jan 2023 05:40:28 GMT
banner-macau.jpg
i.ibb.co/85rhQ6b/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/85rhQ6b/banner-macau.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
106eabe6e8c0805128c26ce9fd91be9250585aa4db7588f7069fb38e86e2adf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 17 Feb 2022 21:53:10 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
36402
expires
Thu, 31 Dec 2037 23:55:55 GMT
malam-2.jpg
i.ibb.co/nwDSjDR/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/nwDSjDR/malam-2.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
4a69c52b18e5beb21431b5a172abb1bb140d712e666610d4dede568ac68dabba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Thu, 17 Feb 2022 23:02:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
36392
expires
Thu, 31 Dec 2037 23:55:55 GMT
cropped-judi-togel-online-32x32.png
www.dukunangkajitu.net/wp-content/uploads/2018/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dukunangkajitu.net/wp-content/uploads/2018/08/cropped-judi-togel-online-32x32.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe7323ec454c83f64395cee93508c7753283c7177d0a42e2bb7769ccfa89323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Aug 2018 11:32:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"aba-574a56d13e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BVzmAVmCLrzqxz4aTdgDTmomYr0BUYEXPQxZ8Yz9MLE8cfOOfy%2FOz7702s89eyFTGmPl2SsZ5Pc5quK5k4FczthyE7SHsHFMBv8c1E4PAy22wqmYIO680XJ78z6%2BTWsSTCzlu5VJ9HI1hY0DPWHnT%2Bm0OpX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
789c46dbad159b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2746
cropped-favicon-waktogel.png
i0.wp.com/prediksiwaktogel.com/wp-content/uploads/2022/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/prediksiwaktogel.com/wp-content/uploads/2022/10/cropped-favicon-waktogel.png?fit=32%2C32&ssl=1
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3d5349062e59945ed3c023ed6e8b177fb6a5be68a180bac22691297c9abc32ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 15 Jan 2023 05:40:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 Jan 2023 05:40:28 GMT
server
nginx
etag
"d320a1a974a785ae"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://prediksiwaktogel.com/wp-content/uploads/2022/10/cropped-favicon-waktogel.png>; rel="canonical"
content-length
2024
expires
Tue, 14 Jan 2025 17:40:28 GMT
cropped-55-32x32.png
prediksimacau99.com/wp-content/uploads/2022/06/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksimacau99.com/wp-content/uploads/2022/06/cropped-55-32x32.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.215.117.239 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-215-117-239.unifiedlayer.com
Software
Apache /
Resource Hash
201e4070e3f477ddffaebf53274bdefa5de0e3fd927c57a6dc8a8dbdff26e025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:29 GMT
referrer-policy
last-modified
Thu, 16 Jun 2022 11:58:51 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2471
expires
Mon, 15 Jan 2024 05:40:29 GMT
icontoto.png
prediksipreman.com/wp-content/uploads/2022/12/ 		656 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksipreman.com/wp-content/uploads/2022/12/icontoto.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.120.87 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business42-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5c8a44c9005ad5ee768588873e5216822dd8f5b71a5efa6ec786efe954f6f925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 18 Dec 2022 19:00:55 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
656
x-xss-protection
1; mode=block
expires
Sun, 22 Jan 2023 05:40:28 GMT
web-prediksi-medan4d-favicon-1-150x150.png
prediksimedan4d.com/wp-content/uploads/2022/05/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prediksimedan4d.com/wp-content/uploads/2022/05/web-prediksi-medan4d-favicon-1-150x150.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.188 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium39-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
fa7336e7a3c7ce5d95ae9415a4bda34a79d809ec41cd7a4502abde29f9a4e754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Mon, 09 May 2022 11:11:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
23262
expires
Sun, 22 Jan 2023 05:40:28 GMT
AVvXsEijg0eELO1p-ZwoE56rWz1g_ADUnr8W21rOkmoL-1y_XOg9k_J_EpD73n4p7eiMezCju74NadSx2VzFqrKZggDl9GFsxV3XnZA3LKbNwV-ksaMVU7XdifFFCx7FXaU8WoGBuJ6vxXa7mvbcXlVrC7zfXNqNCT9qbs82s-_idBtlUpjf5YwT8SRNQALGqw=s900
blogger.googleusercontent.com/img/a/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEijg0eELO1p-ZwoE56rWz1g_ADUnr8W21rOkmoL-1y_XOg9k_J_EpD73n4p7eiMezCju74NadSx2VzFqrKZggDl9GFsxV3XnZA3LKbNwV-ksaMVU7XdifFFCx7FXaU8WoGBuJ6vxXa7mvbcXlVrC7zfXNqNCT9qbs82s-_idBtlUpjf5YwT8SRNQALGqw=s900
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aca0ae4819864e577da3ec4bc00dc5b25c07d6d900df7da00aed0fdddbc04a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
x-content-type-options
nosniff
server
fife
etag
"v13f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ALLLOGO7.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254970
x-xss-protection
0
expires
Mon, 16 Jan 2023 05:40:28 GMT
en_US.png
20.125.130.72/site/themes/kincaimedia/languages/en_US/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://20.125.130.72/site/themes/kincaimedia/languages/en_US/en_US.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9525b4fb695198614b6d6880daaf8dbd9131d7a7699043de2a445339c35c90ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Mon, 15 Nov 2021 16:05:36 GMT
server
LiteSpeed
etag
"4b5-61928550-3f358;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1205
expires
Sun, 22 Jan 2023 05:40:28 GMT
id_ID.png
20.125.130.72/site/themes/kincaimedia/languages/id_ID/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://20.125.130.72/site/themes/kincaimedia/languages/id_ID/id_ID.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a417652e8184751547db429e1d20d515c25bdc7ad8d24669d1a3cf9dbfcc971d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Sun, 14 Nov 2021 02:44:40 GMT
server
LiteSpeed
etag
"b49-61907818-3f35b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2889
expires
Sun, 22 Jan 2023 05:40:28 GMT
jquery-3.3.1.min.js
20.125.130.72/site/assets/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/assets/js/jquery-3.3.1.min.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:27 GMT
content-encoding
br
last-modified
Thu, 31 Dec 2020 20:00:00 GMT
server
LiteSpeed
etag
"1538f-5fee2dc0-3f2b4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
29523
expires
Sun, 22 Jan 2023 05:40:27 GMT
bootstrap.bundle.min.js
20.125.130.72/site/themes/kincaimedia/assets/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/js/bootstrap.bundle.min.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
88cec8f3de1ea9c2c8f2525cb3aceb4585427522ef3062795c59bf48ffc5037b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
content-encoding
br
last-modified
Sun, 14 Nov 2021 00:02:46 GMT
server
LiteSpeed
etag
"1332c-61905226-3f34c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
21222
expires
Sun, 22 Jan 2023 05:40:28 GMT
theme.js
20.125.130.72/site/themes/kincaimedia/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/js/theme.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a183d5a02a95d0e77c0c1f29f494182dbccb1b16c8fea9b319656b848fc95329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
content-encoding
br
last-modified
Sun, 14 Nov 2021 00:02:46 GMT
server
LiteSpeed
etag
"b79-61905226-3f351;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
942
expires
Sun, 22 Jan 2023 05:40:28 GMT
jquery.auto-complete.min.js
20.125.130.72/site/themes/kincaimedia/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/js/jquery.auto-complete.min.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cece1097f127c3259563e9936c64b658830b75f606b503a191e52d39ac0a6556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
content-encoding
br
last-modified
Sun, 14 Nov 2021 00:02:46 GMT
server
LiteSpeed
etag
"f55-61905226-3f34d;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1319
expires
Sun, 22 Jan 2023 05:40:28 GMT
jquery.sticky-sidebar.min.js
20.125.130.72/site/themes/kincaimedia/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/js/jquery.sticky-sidebar.min.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e2890adb9bd41a5801dbd2ba5a6d904c9f804e828d1b53f6c3d008f8eef1d868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
content-encoding
br
last-modified
Sun, 14 Nov 2021 00:02:46 GMT
server
LiteSpeed
etag
"298c-61905226-3f34e;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3098
expires
Sun, 22 Jan 2023 05:40:28 GMT
jquery.unveil.min.js
20.125.130.72/site/themes/kincaimedia/assets/js/ 		661 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://20.125.130.72/site/themes/kincaimedia/assets/js/jquery.unveil.min.js?v=2.0.4
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.130.72 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
465f3a7af8b8519bb793bb3b515751ec06f6e724f4b9061729b67af05aa16fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
content-encoding
br
last-modified
Sun, 14 Nov 2021 00:02:46 GMT
server
LiteSpeed
etag
"295-61905226-3f34f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
347
expires
Sun, 22 Jan 2023 05:40:28 GMT
seosecretidnsmartlink.js
cdn.jsdelivr.net/gh/adigunawanxd/mediabisnis@master/ 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adigunawanxd/mediabisnis@master/seosecretidnsmartlink.js
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d3e95b0f1ccaa9dfb30cb9a825e6307f2f37ded295c6359f89ef82d5c2a6c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 15 Jan 2023 05:40:28 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
2868
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
445
x-served-by
cache-fra-eddf8230100-FRA, cache-hhn-etou8220044-HHN
x-jsd-version-type
branch
etag
W/"438-YT3IC5NA6i44JpmyFaEiksHTy50"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500&display=swap&v=2.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://20.125.130.72
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:40:44 GMT
x-content-type-options
nosniff
age
205184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:40:44 GMT
truncated
/ 		77 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad2845cf9db3c8b7897d293e61f0f7334c782b34f997a26c519151121d9da562

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:38:55 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
22054286
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500&display=swap&v=2.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://20.125.130.72
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 21:14:22 GMT
x-content-type-options
nosniff
age
203166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18240
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 21:14:22 GMT
4731488.php
s4.histats.com/stats/ 		57 B
191 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4731488.php?4731488&@f16&@g1&@h1&@i1&@j1673761228187&@k0&@l1&@mZona%20Macau%20%7C%20Forum%20Syair%20Macau&@n0&@o1000&@q0&@r0&@s2048&@ten-US&@u1600&@b1:163004043&@b3:1673761228&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F20.125.130.72%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534300.ip-149-56-240.net
Software
/
Resource Hash
31c7b1e0172d585e2d2aa7504d36f56c84da9aec58360d09de0bc52bcc9194d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 15 Jan 2023 05:40:28 GMT
Connection
close
Content-Length
57
Content-Type
text/html;charset=UTF-8
14_dadumaster_728x90.gif
benuatg.files.wordpress.com/2021/09/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benuatg.files.wordpress.com/2021/09/14_dadumaster_728x90.gif
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
291776a9ff39cc5069980edb03d4305c8ec89b01d4ee97e2ca4cd327a4b912a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nc
HIT hhn 24 np
date
Sun, 15 Jan 2023 05:40:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 11:32:05 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://benuatg.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
95002
expires
Tue, 17 Jan 2023 18:02:05 GMT
Tabel-shio-2018-1.jpg
mbahtogell.net/wp-content/uploads/2018/05/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/q_lossy,ret_img,w_366,h_401/https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg
  • https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg
144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Server
172.96.191.90 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.90-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
02a03beb27e23c990c837fcd3837910fe7b5ba751b431ec51c34288c12998cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
last-modified
Tue, 01 Nov 2022 07:52:07 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
147771
expires
Sun, 22 Jan 2023 05:40:28 GMT

Redirect headers

date
Sun, 15 Jan 2023 05:40:28 GMT
cdn-edgestorageid
1077
cdn-cachedat
01/15/2023 01:15:12
cdn-pullzone
257218
cdn-tag
0; Domain: mbahtogell.net; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-874
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://mbahtogell.net/wp-content/uploads/2018/05/Tabel-shio-2018-1.jpg
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
1623b9b21d215201f04ab8a01dca9580
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
PREDIKSI-TOGEL-KIM-MACAU.jpg
quiz4dgaming.com/wp-content/uploads/2023/01/ 		285 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quiz4dgaming.com/wp-content/uploads/2023/01/PREDIKSI-TOGEL-KIM-MACAU.jpg
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.8 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv139.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
80b2ba18cbaf9701249d2c97b2efe8cc2e24add6ec3fda68b2e6c8a3ba0277a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 02 Jan 2023 13:26:45 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
292014
x-xss-protection
1; mode=block
expires
Sun, 22 Jan 2023 05:40:29 GMT
TOTO%20MACAU%204D.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXZ_TVuRBA8GVJXvS6yIYM2ChWVGdWuF88Apavv1gAo_Z_wBsp0MEF5zet-CPhkfCYxs1rK5MSGw60Fp92dkFU6u4TKxnc3INwawdp1_Y2ivlOfb0pSQXDCY9y9u0RbfsmPaIA6SbrhiMyRBQo... 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXZ_TVuRBA8GVJXvS6yIYM2ChWVGdWuF88Apavv1gAo_Z_wBsp0MEF5zet-CPhkfCYxs1rK5MSGw60Fp92dkFU6u4TKxnc3INwawdp1_Y2ivlOfb0pSQXDCY9y9u0RbfsmPaIA6SbrhiMyRBQojJWdsayptgyqnJ9sLwK_lml79P4ZOqybKQWVlD9W/w1200-h630-p-k-no-nu/TOTO%20MACAU%204D.png
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
eb676b46a70dc8cd01c8e29c5b40ad3524233dca4f2287ae0c3d46ec9db221f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:28 GMT
x-content-type-options
nosniff
server
fife
etag
"v7444"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="TOTO MACAU 4D.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86200
x-xss-protection
0
expires
Mon, 16 Jan 2023 05:40:28 GMT
cc_2048.js
s10.histats.com/counters/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_2048.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
25a8c5560b499c3a1dcd1dc92a21fb9c26724e3d5dd2580689eec8f648dd8564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:39:49 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:21 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-1894286708"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
6055
x-request-id
94536578
truncated
/ 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3ad690e80f32b3a845771fde03b720ee0945ab2d4872daee5c6c46c353bf3e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
seosecretidnblockads.js
cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/seosecretidnblockads.js
Requested by
Host: 20.125.130.72
URL: https://20.125.130.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
882a7d999458a32f26d3e283cb39593346675b30bc175d0cc01b9dc5b62ff8ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 15 Jan 2023 05:40:30 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
18260
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3197
x-served-by
cache-fra-eddf8230068-FRA, cache-hhn-etou8220044-HHN
x-jsd-version-type
branch
etag
W/"1ed9-YqR5f2IBREzeEfnC9JFYOrceAdo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/seosecretidnblockads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f686bbb9baea5c6dca378b3a900b05c7064e344368e47679f47ce2b961c1a197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.125.130.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:40:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49311
x-xss-protection
0
server
cafe
etag
8402184846669251030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 Jan 2023 05:40:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 3BF4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20.125.130.72/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Jan 2023 01:12:28 GMT
etag
10353107486223812946
expires
Sun, 29 Jan 2023 01:12:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| base_uri string| current_route_uri string| csrf_token string| csrf_token_amp object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats function| $ function| jQuery object| bootstrap object| parsleyOptions function| StickySidebar string| suggestionEndpoint undefined| xhr function| myFunction function| downloadJSAtOnload function| smartLink object| f object| _HistatsCounterGraphics_2048_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_2048 function| histats_canvascounters_base.js function| _0x575c function| _0xcaaa object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint

8 Cookies

Domain/Path Name / Value
20.125.130.72/ Name: __spark_sess_id
Value: c80jd1jjg5ttnhsvabkm2km5kl
20.125.130.72/ Name: HstCfa4731488
Value: 1673761228187
20.125.130.72/ Name: HstCla4731488
Value: 1673761228187
20.125.130.72/ Name: HstCmu4731488
Value: 1673761228187
20.125.130.72/ Name: HstPn4731488
Value: 1
20.125.130.72/ Name: HstPt4731488
Value: 1
20.125.130.72/ Name: HstCnv4731488
Value: 1
20.125.130.72/ Name: HstCns4731488
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benuatg.files.wordpress.com
blogger.googleusercontent.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
i0.wp.com
mbahtogell.net
pagead2.googlesyndication.com
prediksigaduntoto.club
prediksimacau99.com
prediksimedan4d.com
prediksipreman.com
prediksiwaktogel.com
quiz4dgaming.com
s10.histats.com
s4.histats.com
sp-ao.shortpixel.ai
www.dukunangkajitu.net
149.56.240.132
162.19.58.161
162.215.117.239
172.96.191.90
192.0.72.24
192.0.77.2
194.163.42.8
198.187.29.188
20.125.130.72
2400:52e0:1e00::874:1
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:82f::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2003
2a04:4e42:400::485
2a06:98c1:3120::3
46.105.201.240
63.250.38.11
66.29.146.14
68.65.120.87
02a03beb27e23c990c837fcd3837910fe7b5ba751b431ec51c34288c12998cda
106eabe6e8c0805128c26ce9fd91be9250585aa4db7588f7069fb38e86e2adf3
14ed09779e3b140a3b9562ea8a0c3536c1c40c8b601701235bd9a2afdff60c28
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
201e4070e3f477ddffaebf53274bdefa5de0e3fd927c57a6dc8a8dbdff26e025
25a8c5560b499c3a1dcd1dc92a21fb9c26724e3d5dd2580689eec8f648dd8564
291776a9ff39cc5069980edb03d4305c8ec89b01d4ee97e2ca4cd327a4b912a1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2fe7323ec454c83f64395cee93508c7753283c7177d0a42e2bb7769ccfa89323
31c7b1e0172d585e2d2aa7504d36f56c84da9aec58360d09de0bc52bcc9194d5
37ec92d48d9d4b5b657e5520dadedb7aa9228df5b2f395185cabd1c733ee3f40
3ae299077fbd11586bebc7a589871c5bb2ed1cc45ccbfdebc1fc20cde30fdaf1
3d5349062e59945ed3c023ed6e8b177fb6a5be68a180bac22691297c9abc32ac
465f3a7af8b8519bb793bb3b515751ec06f6e724f4b9061729b67af05aa16fe0
49f54b3a8101175eab0e973d64b5eec00ef2e69deeac8be3a4f7f8a674bea053
4a69c52b18e5beb21431b5a172abb1bb140d712e666610d4dede568ac68dabba
4d737dc203d6906f63fc7e32298e83fb20d4a3668290508c50eeedbef1803fa5
5c8010b849942bb17a6f930aad1da514d00ff6fdbecc07e610b8e2148bcbc732
5c8a44c9005ad5ee768588873e5216822dd8f5b71a5efa6ec786efe954f6f925
6e2d3d79abc0ed2ccb2adda002cf5c818bb17b2a396584acf621f689357b1d82
6eb644dfae3e3353094fcf8bf425f37a2bd4b185230c72209d7c4944a789831d
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
7d3e95b0f1ccaa9dfb30cb9a825e6307f2f37ded295c6359f89ef82d5c2a6c00
80b2ba18cbaf9701249d2c97b2efe8cc2e24add6ec3fda68b2e6c8a3ba0277a0
882a7d999458a32f26d3e283cb39593346675b30bc175d0cc01b9dc5b62ff8ea
88cec8f3de1ea9c2c8f2525cb3aceb4585427522ef3062795c59bf48ffc5037b
9525b4fb695198614b6d6880daaf8dbd9131d7a7699043de2a445339c35c90ae
99ece5e1f66df65756d6b4a93aa09b88262e7c6e640f2d5ba8e8990157de34d7
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e80cecde94e949338b581c600baded9fb2e1399f18e47aa2cd7ed9fd6317232
a183d5a02a95d0e77c0c1f29f494182dbccb1b16c8fea9b319656b848fc95329
a3ad690e80f32b3a845771fde03b720ee0945ab2d4872daee5c6c46c353bf3e2
a417652e8184751547db429e1d20d515c25bdc7ad8d24669d1a3cf9dbfcc971d
aca0ae4819864e577da3ec4bc00dc5b25c07d6d900df7da00aed0fdddbc04a6d
ad2845cf9db3c8b7897d293e61f0f7334c782b34f997a26c519151121d9da562
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
bebaee8b5c8c5acceb47eac4bcba8e6c93abcf9459933ad743a5f05a9b75d0f5
cece1097f127c3259563e9936c64b658830b75f606b503a191e52d39ac0a6556
d149b01fa00b049f562473589de9904c07eea69165b967cfea6b29648d1af75f
e2890adb9bd41a5801dbd2ba5a6d904c9f804e828d1b53f6c3d008f8eef1d868
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
eb676b46a70dc8cd01c8e29c5b40ad3524233dca4f2287ae0c3d46ec9db221f7
f166a42fdde290dc7e27a71f83958d31264adbe7ea9e783befc6e7767599616f
f686bbb9baea5c6dca378b3a900b05c7064e344368e47679f47ce2b961c1a197
fa7336e7a3c7ce5d95ae9415a4bda34a79d809ec41cd7a4502abde29f9a4e754