urlscan.io logo urlscan.io
SecurityTrails logo

eleganttourist.ucokpltrnih.com Open in urlscan Pro
64.23.212.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://eleganttourist.ucokpltrnih.com/
Submission: On November 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 25 HTTP transactions. The main IP is 64.23.212.120, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is eleganttourist.ucokpltrnih.com.
TLS certificate: Issued by E5 on November 15th 2024. Valid for: 3 months.
This is the only time eleganttourist.ucokpltrnih.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.23.212.120 14061 (DIGITALOC...)
1 2 199.232.196.193 54113 (FASTLY)
3 198.187.29.220 22612 (NAMECHEAP...)
1 104.18.11.207 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 162.19.58.159 16276 (OVH OVH SAS)
2 142.250.181.225 15169 (GOOGLE)
1 216.58.206.65 ()
25 10
1    64.23.212.120 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
eleganttourist.ucokpltrnih.com
2    199.232.196.193 (United States)

ASN54113 (FASTLY, US)
imgur.com
i.imgur.com
3    198.187.29.220 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium96-5.web-hosting.com
eleganttourist.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
11    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    162.19.58.159 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3096667.ip-162-19-58.eu
i.ibb.co
2    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
1    216.58.206.65 (None, )

ASN- ()
blogger.googleusercontent.com
Apex Domain
Subdomains		 Transfer
12 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10221
3 MB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
116 KB
3 eleganttourist.com
eleganttourist.com
2 KB
2 imgur.com
imgur.com — Cisco Umbrella Rank: 8339
i.imgur.com — Cisco Umbrella Rank: 8961
10 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 14048
1 MB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
7 KB
1 ucokpltrnih.com
eleganttourist.ucokpltrnih.com
8 KB
25 7
Domain Requested by
12 blogger.googleusercontent.com eleganttourist.ucokpltrnih.com
6 cdn.ampproject.org eleganttourist.ucokpltrnih.com
cdn.ampproject.org
3 eleganttourist.com eleganttourist.ucokpltrnih.com
1 i.ibb.co eleganttourist.ucokpltrnih.com
1 maxcdn.bootstrapcdn.com eleganttourist.ucokpltrnih.com
1 i.imgur.com eleganttourist.ucokpltrnih.com
1 imgur.com 1 redirects
1 eleganttourist.ucokpltrnih.com
25 8

This site contains links to these domains. Also see Links.

Domain
pohon4dabadi.id
Subject Issuer Validity Valid
eleganttourist.ucokpltrnih.com
E5		 2024-11-15 -
2025-02-13		 3 months crt.sh
eleganttourist.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-25 -
2025-09-25		 a year crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ibb.co
E6		 2024-10-21 -
2025-01-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://eleganttourist.ucokpltrnih.com/
Frame ID: E17D4F9A521D8C6402D48081FFF4D4E5
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pohon4d - Link Situs Gaming Online Aman Terjamin 100%

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

25
Requests

96 %
HTTPS

22 %
IPv6

7
Domains

8
Subdomains

10
IPs

4
Countries

4285 kB
Transfer

4644 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://imgur.com/j8jMSXH.png HTTP 302
  • https://i.imgur.com/j8jMSXH.png

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
eleganttourist.ucokpltrnih.com/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.23.212.120 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0b5a5be7472380f7b7f9d3171745c7d7237090fb5f44d64c277debc638608ba8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
7909
content-type
text/html
date
Fri, 15 Nov 2024 17:50:20 GMT
etag
"9ac3-67372671-13b04f;br"
last-modified
Fri, 15 Nov 2024 10:46:09 GMT
server
LiteSpeed
vary
Accept-Encoding
j8jMSXH.png
i.imgur.com/
Redirect Chain
  • https://imgur.com/j8jMSXH.png
  • https://i.imgur.com/j8jMSXH.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/j8jMSXH.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
397f494646c32c321479fc6e57051f56dc3a0c5611435e7f4b9357f044657664
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

etag
"12cd1de3a686907f20ef662adca42171"
age
3456758
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
Y38ULsln-Ce3Bkm8U454VMlOl7RYeRKjc47hx4iCaw3gt-TFk59iEw==
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
image/png
last-modified
Thu, 25 Jul 2024 11:12:08 GMT
x-cache-hits
19, 0
x-served-by
cache-iad-kjyo7100177-IAD, cache-fra-etou8220131-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731693021.521296,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
9816
x-amz-cf-pop
IAD12-P2
server
cat factory 1.0
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=300
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
retry-after
0
location
https://i.imgur.com/j8jMSXH.png
x-timer
S1731693020.473777,VS0,VE0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
x-cache
HIT
content-length
0
date
Fri, 15 Nov 2024 17:50:20 GMT
x-served-by
cache-fra-etou8220131-FRA
x-cache-hits
0
server
cat factory 1.0
x-frame-options
DENY
favicon.png
eleganttourist.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eleganttourist.com/img/favicon.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.220 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium96-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
49652191b78d587275239afecd256f3787bd79da328574e3c983c8e2da19e4ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

cache-control
public, max-age=604800
expires
Fri, 22 Nov 2024 17:50:20 GMT
accept-ranges
bytes
content-length
1793
date
Fri, 15 Nov 2024 17:50:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/png
last-modified
Wed, 25 Sep 2024 15:25:00 GMT
server
LiteSpeed
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
1759546
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 15 Nov 2024 17:50:20 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/17/2024 22:45:09
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e892c78fa29b11fad1bfd6202dd9f3be
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8e311541bc10e50b-TXL
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"6cd5bd85d22351ce"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
73112
x-xss-protection
0
server
sffe
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"9925a53ff9d805bc"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
11524
x-xss-protection
0
server
sffe
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f545c2c8d8565237195d0d801b8b7c45ca45031309847b2b52195a9c919456a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"76ebed84b749973c"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
14992
x-xss-protection
0
server
sffe
amp-image-lightbox-0.1.js
cdn.ampproject.org/v0/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-image-lightbox-0.1.js
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
088cf891cd2be2b04fcad377a4582050c3e1dee67c66020c9980c4e8558c96da
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"85d0d1390d83ee04"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
10879
x-xss-protection
0
server
sffe
prediksi.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0P983lrlK7a2IaKl-39izxeDeNJ-b1uS2k4mjTmXGEUcFUERzDMOEhtagk7iSaULWrPgBR-ZgPejWW7clEqyP-oANZ0colxbtWz0Ghnxtytoev5Wa6OO_btZrUC5lx2fiHQachsMFGv4M-v9R... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0P983lrlK7a2IaKl-39izxeDeNJ-b1uS2k4mjTmXGEUcFUERzDMOEhtagk7iSaULWrPgBR-ZgPejWW7clEqyP-oANZ0colxbtWz0Ghnxtytoev5Wa6OO_btZrUC5lx2fiHQachsMFGv4M-v9Rt5imzwodxX52VN4picBhwCduh7XSIYyFemB55SF6hKbL/s1600/prediksi.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
661747668a653ead4d2d402156251e13208fd019cf5f054897e849c9d066144b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6dd"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10983
date
Fri, 15 Nov 2024 17:50:20 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="prediksi.png"
promosi.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQfjsZRiqJN3wLeqP0QerrIvACkZ5_g2KymeQoW_YQmz1iaaO6EQQc-l4jhxwhLMCeMwBDnEGke6wI3EA-MONnm86N5zRHvh8o5ixf9X3S4Zy7OHAid9BvXD699YoZt49LqFTOOB03tu5ntb36... 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQfjsZRiqJN3wLeqP0QerrIvACkZ5_g2KymeQoW_YQmz1iaaO6EQQc-l4jhxwhLMCeMwBDnEGke6wI3EA-MONnm86N5zRHvh8o5ixf9X3S4Zy7OHAid9BvXD699YoZt49LqFTOOB03tu5ntb36QeLHgOt-B79rnF6oR5iVnbtzVLP4wO3KHD97jprl4aBY/s1600/promosi.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7f16d60ca0b3e5181fc67e20f6c4ee43567aab9ac051144eadb018e64dd7f261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6de"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41772
date
Fri, 15 Nov 2024 17:50:20 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="promosi.png"
cbjfvlg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjm5K1x_BBl_vpZmHYnC4IHXpCCfKiBrn1m_3PCxhHmArSx9c5q0NoF3MLTcManeZbb_0swVTwTwywFaMHRUuRKf5iX1Dj0W9m5oStMfCPeRkQ7D8q8mKmttI9aQpubWkXwkCgb3Kb7ftzGx8p... 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjm5K1x_BBl_vpZmHYnC4IHXpCCfKiBrn1m_3PCxhHmArSx9c5q0NoF3MLTcManeZbb_0swVTwTwywFaMHRUuRKf5iX1Dj0W9m5oStMfCPeRkQ7D8q8mKmttI9aQpubWkXwkCgb3Kb7ftzGx8ptgeJWx1fCCeedJkoDWsHYsM3oLjs4I5UOI-xTEck33LR/s1600/cbjfvlg.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a3c35b9c20cf1e33f85ce855c0143dfa8906ef16abb9996c8da805c684bf9c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6dd"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54179
date
Fri, 15 Nov 2024 17:50:20 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="cbjfvlg.png"
buktijp.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2CaBqedqQUBXGN2FAZqQ4FfE7urzcN3oybHf2xlG5cAd0XywINUPH1r5ELXB6-u-FO4HvHfOgCdfP58Q30xSGxKe6yAVkZLm7pA46KQxQG9Ov6LU9q4Jcvt2y4urvYtFqM5GZU4TO-4wNvWOI... 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2CaBqedqQUBXGN2FAZqQ4FfE7urzcN3oybHf2xlG5cAd0XywINUPH1r5ELXB6-u-FO4HvHfOgCdfP58Q30xSGxKe6yAVkZLm7pA46KQxQG9Ov6LU9q4Jcvt2y4urvYtFqM5GZU4TO-4wNvWOIoe1Wml8XeK99q89uOmOI2BdCPUu0jiNnpdxf7oUItBD7/s1600/buktijp.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
99a4277a428fbfed57bdd1523cd3f311800ebc67995ef78fa7b442386537ef4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6de"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20837
date
Fri, 15 Nov 2024 17:50:20 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="buktijp.png"
keluhan.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXnxDg6zqA-NdyCExLWSsVjf4lMD6dFPzaRn5qRklUlI5iIbioAuDFxRqN6O9TnZbCvHKxkmM_t_ky30G0Lf2dCg0zPw9B3-TtG0T1lFgI0awhIwVrTwm0nn5kPYW4qi0wAk7PHp5pmtCYEApN... 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXnxDg6zqA-NdyCExLWSsVjf4lMD6dFPzaRn5qRklUlI5iIbioAuDFxRqN6O9TnZbCvHKxkmM_t_ky30G0Lf2dCg0zPw9B3-TtG0T1lFgI0awhIwVrTwm0nn5kPYW4qi0wAk7PHp5pmtCYEApNrF1oi4Qvm83xqFX0mmIfO5j1FoZtdXYtn5ukUXBr-jVx/s1600/keluhan.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
232150ea3ae3a73177b3cb7251ba1594f83be320d926aa3249fb03d7b4de9c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6df"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7793
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="keluhan.png"
logo%20fortune.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhElSG-0wUt_3S48LexH3HKRGHrcb-c0fBEZ5TqVeqEusCxEpT8HjdaeZhPOwoXtFU4vrtwTPm6D5qRvlbdK-vOR37HwB-4VZmR7K_07ShGsz1yHv1Pam_nffLc1axdeFPX71wEzjt1sd3R0zf-... 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhElSG-0wUt_3S48LexH3HKRGHrcb-c0fBEZ5TqVeqEusCxEpT8HjdaeZhPOwoXtFU4vrtwTPm6D5qRvlbdK-vOR37HwB-4VZmR7K_07ShGsz1yHv1Pam_nffLc1axdeFPX71wEzjt1sd3R0zf-1M28KhzZlHMVcdeAyMvNgqUiWqfyTsz8WVDLqyfEXEg/s1600/logo%20fortune.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
46f5e387cb60c4e5063e20627abf7034e0e181740e5a08edc209a94f42ec4144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vfbf"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143366
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="logo fortune.png"
bgm-6.jpg
i.ibb.co/rttdMLV/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/rttdMLV/bgm-6.jpg
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
5f7782de6048e6a5b9b79bf68b18bf9c743aedcdf2986a202df108dadba24536

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1211707
date
Fri, 15 Nov 2024 17:50:20 GMT
content-type
image/jpeg
last-modified
Mon, 08 Jan 2024 08:26:13 GMT
server
nginx
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_B2Y-FOG37HCDZUYS67Ya-9L7f0R86MN8D2eHn1_YLFa9EYhwr0UfeNbkZIPTxjudhidjumMK1GUS_zNxGGkaPgTB4FPUA7F-PjeOz7UKstXoHHCq_dwzeevSUGRKOoNJSyTgQhRUy5ot1rrg... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_B2Y-FOG37HCDZUYS67Ya-9L7f0R86MN8D2eHn1_YLFa9EYhwr0UfeNbkZIPTxjudhidjumMK1GUS_zNxGGkaPgTB4FPUA7F-PjeOz7UKstXoHHCq_dwzeevSUGRKOoNJSyTgQhRUy5ot1rrgnERBEawK6AjMgdVM0Ppv02O4_OhxTfXuzsIM9CpXGV1U/s1600/logo.png
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6efadcfe355f67ff10b23ded88e0fdc29e68775e01d4b1f30e483420e8e9d3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"ve10"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9800
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="logo.png"
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012410292120000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eleganttourist.ucokpltrnih.com
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"f0f2b169fa87a905"
age
14803
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 13:43:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 13:43:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2970
x-xss-protection
0
server
sffe
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012410292120000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eleganttourist.ucokpltrnih.com
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

content-encoding
br
etag
"b22012622c63a36b"
age
76556
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 20:34:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 20:34:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3929
x-xss-protection
0
server
sffe
GAMBAR%208.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgdkGVYYPRVkcY8hqlcrG_Se1lhbYK6SBRn3cfOxJgu305rbJ_v3cn9EaWSXzt-UKpxV5zjadgTfEZvWJ2U3qiGr7S67H7ERqfeXlYeF_57clE1G1sfBPPmd2bz9iw7ZyAa9kntgpdt09wYA2e... 		497 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgdkGVYYPRVkcY8hqlcrG_Se1lhbYK6SBRn3cfOxJgu305rbJ_v3cn9EaWSXzt-UKpxV5zjadgTfEZvWJ2U3qiGr7S67H7ERqfeXlYeF_57clE1G1sfBPPmd2bz9iw7ZyAa9kntgpdt09wYA2ezir1X9Xayb1i1se2aU5GRGxwDed_dwf2txLUAl9TPQA/s1600/GAMBAR%208.jpg
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d21c16616ad76f619260b28e0d2532933867db3fc98295913110cad938498ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vd20"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
509038
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="GAMBAR 8.jpg"
GAMBAR%201.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3HO4NucpSVWoVsl-7vzn_R8yq7Bh4nu2gmug5-Ymj1NXLfdcx39Sd96RpnZ0QaNg5Aq5kGXuCUSNZU0abJKB5pCkMvxi5B29Jwwo1RivfGtFJhUZsd4DgphfbC9-C1LssiYFs69RnO6z6Jxej... 		683 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3HO4NucpSVWoVsl-7vzn_R8yq7Bh4nu2gmug5-Ymj1NXLfdcx39Sd96RpnZ0QaNg5Aq5kGXuCUSNZU0abJKB5pCkMvxi5B29Jwwo1RivfGtFJhUZsd4DgphfbC9-C1LssiYFs69RnO6z6JxejjOtnPVpWuxlI6X6TuUhK34RTSaIGiNK-L-q0mExPeNI/s1600/GAMBAR%201.jpg
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
18b2286984dece51e1a55a87a67c7ca04a74c33bc26cb1d3b8f7d9ac0ab0c4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vd1e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
699688
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="GAMBAR 1.jpg"
GAMBAR%202.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL4z0P5EefMHcNgUbu3iIYePT0B7ZKCm6NIBB-YNuLgPV9GXbqkFQcBWM6_s3MjiLDXZpToiE9rYMRnLW6VjEg0sA66RY00h-MpHW6APaU4PfKgjMt-TtU0F2H2M1ZmZ8P-7TzCcBd5oVyRswd... 		693 KB
693 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL4z0P5EefMHcNgUbu3iIYePT0B7ZKCm6NIBB-YNuLgPV9GXbqkFQcBWM6_s3MjiLDXZpToiE9rYMRnLW6VjEg0sA66RY00h-MpHW6APaU4PfKgjMt-TtU0F2H2M1ZmZ8P-7TzCcBd5oVyRswdj6_ODk-6Wcz-5zOPMw3Ir7PN_17DQWmU2yU4GxD5C8_P/s1600/GAMBAR%202.jpg
Requested by
Host: eleganttourist.ucokpltrnih.com
URL: https://eleganttourist.ucokpltrnih.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
432575bb1c8809501dbe2467d78803105205961a862535c0629568ac2fb602da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v673"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
709589
date
Fri, 15 Nov 2024 17:50:21 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="GAMBAR 2.jpg"
favicon.png
eleganttourist.com/img/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://eleganttourist.com/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.220 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium96-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
49652191b78d587275239afecd256f3787bd79da328574e3c983c8e2da19e4ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

cache-control
public, max-age=604800
expires
Fri, 22 Nov 2024 17:50:20 GMT
accept-ranges
bytes
content-length
1793
date
Fri, 15 Nov 2024 17:50:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/png
last-modified
Wed, 25 Sep 2024 15:25:00 GMT
server
LiteSpeed
favicon.png
eleganttourist.com/img/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://eleganttourist.com/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.220 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium96-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
49652191b78d587275239afecd256f3787bd79da328574e3c983c8e2da19e4ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

cache-control
public, max-age=604800
expires
Fri, 22 Nov 2024 17:50:20 GMT
accept-ranges
bytes
content-length
1793
date
Fri, 15 Nov 2024 17:50:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/png
last-modified
Wed, 25 Sep 2024 15:25:00 GMT
server
LiteSpeed
GAMBAR%204.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2h9u-fY5Yqtf__ZRAdX7GWCpJfs-CFrJeaOMDRmkpMgMHVV-YRpu5FaEdJJ65dTOTJQaGyLtlbPNSAaLYETKzWvLqrLaoGrA6nZVgOQhVbcgx3ub-rJehtOvVW53i7FlB2vlyN0jN0U1_u4J5... 		575 KB
575 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2h9u-fY5Yqtf__ZRAdX7GWCpJfs-CFrJeaOMDRmkpMgMHVV-YRpu5FaEdJJ65dTOTJQaGyLtlbPNSAaLYETKzWvLqrLaoGrA6nZVgOQhVbcgx3ub-rJehtOvVW53i7FlB2vlyN0jN0U1_u4J5cEsyCvbPfj7QYEOlxCNGFy2iSBSJJrODcL9cjvyq8rI/s1600/GAMBAR%204.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
862a884150453861b3ee6a71b04bafb72829de51acbd89786798f2c0cb2a9d00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vd1e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
588659
date
Fri, 15 Nov 2024 17:50:24 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="GAMBAR 4.jpg"
GAMBAR%2010.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEiZImKgENbt9Np9vTdfr3qFAtvoOp9-rYrzlBTj6ZD6s-tq1uPxTV94W1_PkCrXVTOjx5MJB2iPgjnAD1K-UY1bauFWbOAQ1l__RGZ8S6g354Wrje-A78TLNT85sp7FY3W0N5pQUKsRj8pSYJ... 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEiZImKgENbt9Np9vTdfr3qFAtvoOp9-rYrzlBTj6ZD6s-tq1uPxTV94W1_PkCrXVTOjx5MJB2iPgjnAD1K-UY1bauFWbOAQ1l__RGZ8S6g354Wrje-A78TLNT85sp7FY3W0N5pQUKsRj8pSYJeuQGUAQviGPbjVlI_rZNga8LGObcxTg9oAfPNv-4wCQ/s1600/GAMBAR%2010.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 -, , ASN (),
Reverse DNS
Software
fife /
Resource Hash
1f10168cbb40070d01f433cba1abf8517add2307b4aa8b281d6f0593f6f53ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eleganttourist.ucokpltrnih.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vb1c"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 17:50:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229188
date
Fri, 15 Nov 2024 17:50:27 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="GAMBAR 10.jpg"

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy

0 Cookies

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://eleganttourist.ucokpltrnih.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript warning URL: https://eleganttourist.ucokpltrnih.com/
Message:
The resource https://eleganttourist.com/img/favicon.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://eleganttourist.ucokpltrnih.com/
Message:
The resource https://imgur.com/j8jMSXH.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://eleganttourist.ucokpltrnih.com/
Message:
The resource https://eleganttourist.com/img/favicon.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://eleganttourist.ucokpltrnih.com/
Message:
The resource https://imgur.com/j8jMSXH.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.ampproject.org
eleganttourist.com
eleganttourist.ucokpltrnih.com
i.ibb.co
i.imgur.com
imgur.com
maxcdn.bootstrapcdn.com
104.18.11.207
142.250.181.225
162.19.58.159
198.187.29.220
199.232.196.193
216.58.206.65
2a00:1450:4001:81d::2001
2a00:1450:4001:82f::2001
64.23.212.120
088cf891cd2be2b04fcad377a4582050c3e1dee67c66020c9980c4e8558c96da
0b5a5be7472380f7b7f9d3171745c7d7237090fb5f44d64c277debc638608ba8
18b2286984dece51e1a55a87a67c7ca04a74c33bc26cb1d3b8f7d9ac0ab0c4a8
1f10168cbb40070d01f433cba1abf8517add2307b4aa8b281d6f0593f6f53ce6
232150ea3ae3a73177b3cb7251ba1594f83be320d926aa3249fb03d7b4de9c71
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
397f494646c32c321479fc6e57051f56dc3a0c5611435e7f4b9357f044657664
432575bb1c8809501dbe2467d78803105205961a862535c0629568ac2fb602da
46f5e387cb60c4e5063e20627abf7034e0e181740e5a08edc209a94f42ec4144
49652191b78d587275239afecd256f3787bd79da328574e3c983c8e2da19e4ce
5f7782de6048e6a5b9b79bf68b18bf9c743aedcdf2986a202df108dadba24536
661747668a653ead4d2d402156251e13208fd019cf5f054897e849c9d066144b
6efadcfe355f67ff10b23ded88e0fdc29e68775e01d4b1f30e483420e8e9d3f4
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f16d60ca0b3e5181fc67e20f6c4ee43567aab9ac051144eadb018e64dd7f261
862a884150453861b3ee6a71b04bafb72829de51acbd89786798f2c0cb2a9d00
99a4277a428fbfed57bdd1523cd3f311800ebc67995ef78fa7b442386537ef4e
a3c35b9c20cf1e33f85ce855c0143dfa8906ef16abb9996c8da805c684bf9c43
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
d21c16616ad76f619260b28e0d2532933867db3fc98295913110cad938498ff5
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f545c2c8d8565237195d0d801b8b7c45ca45031309847b2b52195a9c919456a2