duchove.com Open in urlscan Pro
2606:4700:3031::6815:4e2f  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response duchove.com/	463 KB 109 KB	514ms 486ms	Document text/html	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 7e487fa6c8c50af5aa18f3d26effee8ee671a8ad06d36556deed8ccee081ae10 Request headers Host duchove.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/7.4.11 link <http://duchove.com/wp-json/>; rel="https://api.w.org/" vary Accept-Encoding x-turbo-charged-by LiteSpeed CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CB0jIqu0vIaWy54W4UaLuMOQvnnmALk8YcU4zeDQG6t1Sm8iVJrM2VvsbjKSOmNH%2BQniZjyAJ2%2Bxu0N4UqH71w3kMc2sY54GZ7PFa8wiM8XXDaZirKKeot8gFpApduZbGYGcAnCvJeVtA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 68b249b77ca24e13-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	style.min.css duchove.com/wp-includes/css/dist/block-library/	79 KB 11 KB	259ms 253ms	Stylesheet text/css	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 10496 last-modified Fri, 30 Jul 2021 15:53:32 GMT Server cloudflare etag "13abe-6104207c-68b10de6a928fbf6;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maeW7a7mRKYmQqv2YAivJxuDgE3s%2Bf8VtDBVL7JMq7K0gC26sn1vrAQhtKiGwt%2B5G8224C5QWWi8Vrt7f4ujQJkMtQwxNCC5rbx6kf3e9d5l6Dr6B9Vsvc3VpDAGR6%2Fdm1At0oK1lDmFcg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249ba9d3497b4-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 907 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 64495f831a662f48a73ff5631bb271af23389be842cb6d86db441ee2c50f2897 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 07 Sep 2021 18:49:03 GMT server ESF date Tue, 07 Sep 2021 19:19:19 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Sep 2021 19:19:19 GMT
GET H/1.1	200 OK	style.css duchove.com/wp-content/themes/twentytwelve/	37 KB 9 KB	279ms 273ms	Stylesheet text/css	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-content/themes/twentytwelve/style.css?ver=20190507 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2cca208f01efed5ce188873153408bedc75479efda82b59ade5ecbab5560ce6 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 8235 last-modified Thu, 05 Aug 2021 10:14:12 GMT Server cloudflare etag "93c6-610bb9f4-689a8631cf738bb1;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk4Z7C98oMf80G%2Fpq9CQ7EaMnYH84mNpETVm3QHaqFzTTd7R1%2Bn7TKeYo47mbqNH%2BHgnmIfdTVwC7vnf1irp6fOWSEeNVpVDr6AaZu%2FqSbgcWExTXFtXzVlInK5%2FBsm3xcYkcQJwnk6dfw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249ba9f461f25-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H/1.1	200 OK	blocks.css duchove.com/wp-content/themes/twentytwelve/css/	10 KB 3 KB	246ms 240ms	Stylesheet text/css	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-content/themes/twentytwelve/css/blocks.css?ver=20190406 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1862 last-modified Thu, 05 Aug 2021 10:14:12 GMT Server cloudflare etag "2939-610bb9f4-c715f148749add15;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA2x2vACVTS54RRgsXz4o9x%2F9WRElX2dYvGDEu5SsiviVuvsYQsJAws0pnheIc2A13QBUbMi21mp0p98FS4m7%2BplvLs98OY9OGgd9cKNfwx2MM9d6fZagppjL3TGhABhJM1hH%2BpaGhgm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249ba9e495b32-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H/1.1	200 OK	jquery.min.js Show response duchove.com/wp-includes/js/jquery/	87 KB 31 KB	355ms 349ms	Script application/x-javascript	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 30969 last-modified Fri, 30 Jul 2021 15:53:32 GMT Server cloudflare etag "15db1-6104207c-7680388b41544692;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXIuIZ8%2BNOWJ3KwrGrq7L7WEmiuu7oEe9mRPmx6MvsjWArTjy8j8h9yKJ259AWoWfKOTBewrvHAOd321MezO3VYLCAVeO8tnA4BlglFPi0N8jze1gMjvd2w%2BmnQpMOVdolJt5cd87Ua7zw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249ba9c954a7f-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H/1.1	200 OK	jquery-migrate.min.js Show response duchove.com/wp-includes/js/jquery/	11 KB 5 KB	240ms 234ms	Script application/x-javascript	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 4168 last-modified Thu, 25 Feb 2021 09:15:51 GMT Server cloudflare etag "2bd8-60376ac7-40aa10dc5c3db3fb;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcdnayaIkYDaACCAzuGwb%2Blr%2Br9rrPsXh50BQuJa2CrD8hrW1AimNG%2BqPFWfQ7Cn0tc%2B6oTUE3uTVhphWvg1SbSHWh%2BZtp8Scu5IIWCy6h7BTNvhYRGFH2YyI5bSyqO1PFCfOFfOeGrrwA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249ba98f24339-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H2	200	st-michaels-golden-domed-monastery-fabrizio-troiani.jpg images.fineartamerica.com/images/artworkimages/mediumlarge/2/	185 KB 185 KB	582ms 510ms	Image image/jpeg	2600:9000:2113:1a00:d:8a0c:6440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.fineartamerica.com/images/artworkimages/mediumlarge/2/st-michaels-golden-domed-monastery-fabrizio-troiani.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2113:1a00:d:8a0c:6440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b19d9bdd49962b08cfe2e5a8e2f62741423cf361be4ee8e9bb8ba5a30dce83b Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:21 GMT via 1.1 730be2df670a5459f9c003b1710f56b2.cloudfront.net (CloudFront) last-modified Fri, 05 Apr 2019 09:06:53 GMT server AmazonS3 x-amz-request-id H9RMEA9W1WAWZ6BX etag "402f10ef987143aa598a3e6e15243862" x-cache Miss from cloudfront content-type image/jpeg cache-control public, max-age=1296000 x-amz-cf-pop CDG3-C1 accept-ranges bytes content-length 189054 x-amz-id-2 zjB839uxCxNr0C237OX1Ru72xunFyrZdmuTPRl7OauEPih2e3dIupcxqzHu4Kktbo8ts4LD/gLs= x-amz-cf-id g85nOH4k_ZBpezi3afT_nn7D_nuKYQpzt6kWa5-yisiJy-47xRUh-Q==
GET H2	200	grassalkovich-palace-bratislava-slovakia-grasalkovicov-palac-residence-president-30943089.jpg thumbs.dreamstime.com/b/	209 KB 209 KB	296ms 176ms	Image image/jpeg	192.229.233.122 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://thumbs.dreamstime.com/b/grassalkovich-palace-bratislava-slovakia-grasalkovicov-palac-residence-president-30943089.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.122 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (oxr/8374) / Resource Hash 1762d2db445ba253564bf33da1684b0ef9feb37f9866d74289f2d3ca8f983adc Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:20 GMT last-modified Tue, 27 Oct 2020 18:12:16 GMT server ECS (oxr/8374) age 4276255 etag "3687079550" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 213602 expires Wed, 07 Sep 2022 19:19:20 GMT
GET H2	200	Most_SNP_v_noci.jpg upload.wikimedia.org/wikipedia/commons/1/10/	146 KB 146 KB	329ms 301ms	Image image/jpeg	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/1/10/Most_SNP_v_noci.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash fd59b66cf7c42edc3a918d05b81e0934f7c72b101399c519987b04c3a4f8570b Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:20 GMT nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 1 x-cache-status miss x-cache cp3065 miss, cp3065 miss server-timing cache;desc="miss", host;desc="cp3065" content-length 149182 x-client-ip 2a01:4f8:121:131a::2 x-object-meta-sha1base36 n0gsh3lmq8uiechhuldppdm3hkprj6l last-modified Sun, 17 Jan 2021 13:00:20 GMT server ATS/8.0.8 etag eb6bc3189076a37222d6f0fba8a37179 strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/jpeg access-control-allow-origin * x-timestamp 1610888419.67385 permissions-policy interest-cohort=() accept-ranges bytes timing-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
GET H2	200	letecka-vychod-slnka-hrad-800x533.jpg www.visitbratislava.com/wp-content/uploads/2014/10/	114 KB 114 KB	287ms 100ms	Image image/jpeg	37.9.175.22 WEBSUPPORT-SRO-SK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.visitbratislava.com/wp-content/uploads/2014/10/letecka-vychod-slnka-hrad-800x533.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.175.22 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK), Reverse DNS 22.175.9.37.in-addr.arpa.websupport.sk Software openresty / Resource Hash 013a0ddc1253d7461f2f00c6b1eb456522fc0864901b4071d09cff637345a59e Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:20 GMT content-encoding gzip last-modified Tue, 04 Aug 2015 19:18:34 GMT server openresty etag "1c7ba-51c8126fc9680-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes expires Thu, 07 Oct 2021 19:19:20 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response duchove.com/wp-includes/js/	18 KB 6 KB	231ms 229ms	Script application/x-javascript	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 4937 last-modified Fri, 30 Jul 2021 15:53:32 GMT Server cloudflare etag "4705-6104207c-b395465e5cc4c976;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Bbcc5BSdvrVZ3EpRch8XfVA1usRIZS43Ho7YdsEq9dMsdipX0fHybQLdEzw2lV80Nsmzhf2%2F5HcfpebIJF4xcEWQjPeS8j65biLxO8Q96PWqnu%2FYk09igZxCHtbMf5VDI1IYtDGWccrlw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249bcda024a7f-FRA expires Tue, 14 Sep 2021 19:19:19 GMT
GET H/1.1	200 OK	csm_Slav%25C3%25ADn%2520002%2520%25282%2529_e2a8f35b21.jpg sacr3-files.s3-eu-west-1.amazonaws.com/_processed_/	168 KB 168 KB	304ms 138ms	Image image/jpeg	52.218.102.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sacr3-files.s3-eu-west-1.amazonaws.com/_processed_/csm_Slav%25C3%25ADn%2520002%2520%25282%2529_e2a8f35b21.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.102.88 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash cc5a49e0de0ad67d7d0acef519ec3d044c4ddc64a440b06b2f3abf2d7c849942 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:21 GMT Last-Modified Mon, 04 May 2020 16:03:04 GMT Server AmazonS3 x-amz-request-id H9RTRN04G8TNKC60 ETag "9b880a90d5bf488f6ffa92baf62a290e" x-amz-version-id .5BaUZ_r85rbiQoyk.WpeYDG4DMMWThk x-amz-replication-status COMPLETED Accept-Ranges bytes Content-Type image/jpeg Content-Length 171993 x-amz-id-2 xjUJJ1xqR1mdb9RnGEHp0Yr9UUJ8BHsD8151fBrFNMJmTNqLqsPvT2NLYhv2aR1vAA9f+NLfSA0=
GET H2	200	qk0flnq0tvzoq6is_1596433143.jpeg img.republicworld.com/republic-prod/stories/promolarge/xhdpi/	40 KB 40 KB	158ms 61ms	Image image/webp	13.225.25.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.republicworld.com/republic-prod/stories/promolarge/xhdpi/qk0flnq0tvzoq6is_1596433143.jpeg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.25.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-25-24.cdg3.r.cloudfront.net Software / Resource Hash 9c5e840990a69dc89d223dfa76e18e0b0568c4b9456a9e64759e6ab6c925f0d6 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 06 Sep 2021 11:04:43 GMT via 1.1 3e49d1b7d94458397e7bc6421c922a19.cloudfront.net (CloudFront) age 116075 etag W/"a02e-8BCInJAfTPPA1M0+fhRwtQ" vary Accept x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control public, s-maxage=15552000, max-age=15552000, must-revalidate x-server ImageKit.io x-amz-cf-pop CDG3-C2 timing-allow-origin * content-length 41006 x-amz-cf-id V87xr8FPbLFuHIjCXxobPXKqetbO7_8OjWiM81FujhOJ5-P4yJYxyw==
GET H2	200	Peggy-Lee-portrait-1960s-billboard-1548-1587679045-1024x677.jpg static.billboard.com/files/2020/04/	97 KB 98 KB	2312ms 2284ms	Image image/jpeg	2606:4700::6811:6e1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.billboard.com/files/2020/04/Peggy-Lee-portrait-1960s-billboard-1548-1587679045-1024x677.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:6e1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b270164f487e2983eeaec6d8e0b1cd4873615e74ea0696f4ac91ed2d10e4b99 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:22 GMT cf-cache-status MISS x-amz-request-id 1NQ20RTR186MS1BS cf-ray 68b249bcf9265c44-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 99462 x-amz-id-2 fF+3KNKqxrebzrtKMZW+vSDQvLjC4r0xWj7YqspnrnxCKk0qHk4aW1xXSP0rD4kLX2QMhH3v2vk= last-modified Thu, 23 Apr 2020 21:57:32 GMT server cloudflare etag "281ac9e38577f2adea3c096a2d4108c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id Ungpcadq497MLgfkzqX74GoYYhbrAacp accept-ranges bytes content-type image/jpeg expires Sun, 21 Apr 2030 21:57:28 GMT
GET H2	200	health-benefits-of-lemons-1440x810.jpg images.everydayhealth.com/images/diet-nutrition/	96 KB 96 KB	158ms 45ms	Image image/jpeg	92.123.225.106 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.everydayhealth.com/images/diet-nutrition/health-benefits-of-lemons-1440x810.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.225.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-225-106.deploy.static.akamaitechnologies.com Software / Resource Hash ac5a474b48fe85f7404f41e692bbdb51e2246508f95db032e0617733e2b6c9af Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:19 GMT etag "33a6c68c8799785c1dc61d68da4fb816" x-amzn-remapped-content-length 97902 x-amzn-requestid 088f989f-7c73-4f35-9cc4-f1f20ac3bff6 x-amz-apigw-id D9FUfFZ2IAMFX8Q= content-length 97902 last-modified Thu, 19 Sep 2019 09:32:34 GMT x-amzn-trace-id Root=1-61151c1c-2974a96b39cb218c5629ba7f;Sampled=0 access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/jpeg access-control-allow-origin * cache-control max-age=15552000 access-control-allow-credentials false access-control-allow-headers GET,POST x-amzn-remapped-date Thu, 12 Aug 2021 13:03:24 GMT x-amzn-remapped-connection close
GET H/1.1	200 OK	main_image_8254.jpg cdn.yukepo.com/content-images/main-images/2017/05/03/	73 KB 73 KB	849ms 382ms	Image image/jpeg	13.213.106.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.yukepo.com/content-images/main-images/2017/05/03/main_image_8254.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.213.106.203 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-213-106-203.ap-southeast-1.compute.amazonaws.com Software nginx / Resource Hash a788e94bcbfa33e23751b96518f2d1cc33cf1b9dc8e03ff324298c7d88ad9dd2 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 07 Sep 2021 19:19:20 GMT Last-Modified Wed, 03 May 2017 11:27:08 GMT Server nginx ETag "5909be8c-12230" Content-Type image/jpeg Cache-Control max-age=2592000, public Connection keep-alive Accept-Ranges bytes Content-Length 74288 Expires Thu, 07 Oct 2021 19:19:20 GMT
GET H2	200	ponds%2Bvitamin%2Bmicellar%2Bwater%2B1.jpg 1.bp.blogspot.com/-VzDufdMpmmY/X01mMO1NQxI/AAAAAAAAec0/vDwqyFyvQvQLjuz-GTn4BQGEaAEpa6A6wCLcBGAsYHQ/s751/	104 KB 104 KB	365ms 344ms	Image image/jpeg	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-VzDufdMpmmY/X01mMO1NQxI/AAAAAAAAec0/vDwqyFyvQvQLjuz-GTn4BQGEaAEpa6A6wCLcBGAsYHQ/s751/ponds%2Bvitamin%2Bmicellar%2Bwater%2B1.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ace60fbb936780a0ea7181da705001d2e090f5b3c1e3e515b3224455fd32bf1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:20 GMT x-content-type-options nosniff server fife etag "v79cf" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="ponds vitamin micellar water 1.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 106478 x-xss-protection 0 expires Wed, 08 Sep 2021 19:19:20 GMT
GET H2	200	Emina_Micellar_Water_Drop_Cleanser_000_Bright_Stuff_100ml.jpg s1.bukalapak.com/img/13402605621/large/	29 KB 29 KB	933ms 495ms	Image image/jpeg	2.16.186.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://s1.bukalapak.com/img/13402605621/large/Emina_Micellar_Water_Drop_Cleanser_000_Bright_Stuff_100ml.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-138.deploy.static.akamaitechnologies.com Software / Resource Hash 021a5770c6a1e46ab3746c7ee48729544189683d2b56e7bcf42878f1b3e2a5c4 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 07 Sep 2021 19:19:20 GMT cache-control public, max-age=10368000 expires Wed, 05 Jan 2022 19:19:20 GMT content-length 29966 content-type image/jpeg
GET H2	200	Wardah-Perfect-Bright-Tone-Up-Micellar-Water-news20191017-Micellar-Water-Wardah-2.png jatenglive.com/images/news/	483 KB 483 KB	951ms 207ms	Image image/png	156.67.222.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://jatenglive.com/images/news/Wardah-Perfect-Bright-Tone-Up-Micellar-Water-news20191017-Micellar-Water-Wardah-2.png Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 156.67.222.31 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f65e6d112cc56e821c6f20daa0fac1547324bff8bfb748faba9da51af30d04f3 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:21 GMT last-modified Thu, 17 Oct 2019 04:50:22 GMT server LiteSpeed etag "78ba5-5da7f30e-8f3d4263e0b18a1f;;;" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 494501 expires Wed, 07 Sep 2022 19:19:21 GMT
GET H2	200	FOTO_UTAMA.JPG s2.bukalapak.com/bukalapak-kontenz-production/content_attachments/37712/original/	113 KB 113 KB	922ms 518ms	Image image/jpeg	2.16.186.195 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://s2.bukalapak.com/bukalapak-kontenz-production/content_attachments/37712/original/FOTO_UTAMA.JPG Requested by Host: duchove.com URL: http://duchove.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-195.deploy.static.akamaitechnologies.com Software / Resource Hash 9ed1c12fb6a16fc9c59a560428fe304d1668ed46d7ba836de181ef207b21cbd9 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:21 GMT cache-control max-age=10367963 expires Wed, 05 Jan 2022 19:18:44 GMT content-type image/jpeg
GET H/1.1	200 OK	35fc1e59838782b9cd1ca267012d56b4 cf.shopee.co.id/file/	84 KB 84 KB	1069ms 386ms	Image image/jpeg	1.37.34.207 GLOBE-TELECOM-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://cf.shopee.co.id/file/35fc1e59838782b9cd1ca267012d56b4 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 1.37.34.207 , Philippines, ASN4775 (GLOBE-TELECOM-AS Globe Telecoms, PH), Reverse DNS Software openresty / Resource Hash ce3c4660e0ca040345035bf6f902fea238a84b6f95fcce0917e4fc62b1847bda Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers nginx-hit 1 Date Tue, 07 Sep 2021 19:19:21 GMT via EA-PHL-manila-EDGE1-CACHE1[29],EA-PHL-manila-EDGE1-CACHE5[0,TCP_HIT,27],EA-HKG-GLOBAL1-CACHE3[25],EA-HKG-GLOBAL1-CACHE11[0,TCP_HIT,24] X-CCDN-CacheTTL 2592000 x-cdn huawei Age 2337237 x-cdn-origin huawei Connection keep-alive Content-Length 85860 Last-Modified Thu, 22 Jul 2021 12:49:36 GMT Server openresty Etag "35fc1e59838782b9cd1ca267012d56b4" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=36000000 X-CCDN-Expires 254763 Accept-Ranges bytes Timing-Allow-Origin * x-hcs-proxy-type 1
GET H/1.1	200 OK	gl.png www.beautycrew.com.au/media/38858/	987 KB 987 KB	1506ms 469ms	Image image/png	54.253.222.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.beautycrew.com.au/media/38858/gl.png Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.253.222.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-253-222-115.ap-southeast-2.compute.amazonaws.com Software / Resource Hash e63d158ba7eba1ba91e8e7e3ed826b3445a6cb0e63d9000310391a91facebc04 Request headers Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:19 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET, PUT, POST, DELETE, HEAD Content-Type image/png Cache-Control private Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 1010416 X-UA-Compatible IE=Edge,chrome=1
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://duchove.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 03 Sep 2021 08:00:30 GMT x-content-type-options nosniff age 386329 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15112 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:34 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 03 Sep 2022 08:00:30 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v23/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://duchove.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 05 Sep 2021 14:18:31 GMT x-content-type-options nosniff age 190848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14440 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:25 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 05 Sep 2022 14:18:31 GMT
GET H2	200	mem6YaGs126MiZpBA-UFUK0Zdc0.woff2 fonts.gstatic.com/s/opensans/v23/	13 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://duchove.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 05 Sep 2021 14:27:55 GMT x-content-type-options nosniff age 190284 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13792 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:08 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 05 Sep 2022 14:27:55 GMT
GET H3-29	200	memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2 fonts.gstatic.com/s/opensans/v23/	13 KB 13 KB	17ms 14ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://duchove.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 06 Sep 2021 15:01:13 GMT x-content-type-options nosniff age 101886 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13792 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:46 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 06 Sep 2022 15:01:13 GMT
GET H/1.1	200 OK	Penjahat-Pedofilia-Paling-Kejam-Di-Denmark-Tahun-1970-an-624x351.jpg duchove.com/wp-content/uploads/2021/09/	28 KB 29 KB	331ms 331ms	Image image/jpeg	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://duchove.com/wp-content/uploads/2021/09/Penjahat-Pedofilia-Paling-Kejam-Di-Denmark-Tahun-1970-an-624x351.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1770a7146ab5edcc3588a70f796c423526a9231f0cb3c0ddb057889ae5c605f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 28376 last-modified Mon, 06 Sep 2021 14:23:10 GMT Server cloudflare etag "6ed8-6136244e-4f0fb5e8f766c465;;;" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwqRZakstAG5rHH3fhZ2fT8ni9zl3mlxQuVS5EKnRzhkVHLXpdZXY%2BZiKhOgp9dIoe5vkAGR8bLwqwuXgcgdF%2FmCOWNJ8J8QvaACP22n8loErz2vCGAn0K7DeYfutir8sjrgrPj3Ue8yjA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249be5dee1f25-FRA expires Tue, 14 Sep 2021 19:19:20 GMT
GET H/1.1	200 OK	Alpukat-Sangat-Baik-Untuk-Perawatan-Dan-Kesuburan-Rambut-624x416.jpg duchove.com/wp-content/uploads/2021/09/	25 KB 25 KB	332ms 332ms	Image image/jpeg	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://duchove.com/wp-content/uploads/2021/09/Alpukat-Sangat-Baik-Untuk-Perawatan-Dan-Kesuburan-Rambut-624x416.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 462bfba5ee4d26a8247cf10541c93c67a260e9972148143e479dbe9af0d3d0a6 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 25095 last-modified Thu, 02 Sep 2021 13:33:13 GMT Server cloudflare etag "6207-6130d299-9db866e94b2e3801;;;" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99F9DEg1EVFzuT8E3rLASVSqYyJGBtMgAe2r0n0get0NhXxtcxUZU%2B1%2FAARKcAzrfGf7I32w7JrJtwlXO7DI8eReBJXc2t14fhMt2%2F8iXWvkyKdedGJ9Cg3w8gx%2BG%2FPUtcsGFA83k2Q7fg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249bfc9164a7f-FRA expires Tue, 14 Sep 2021 19:19:20 GMT
GET H/1.1	200 OK	Dysphoria-Menjadi-Salah-Satu-Gejala-Dari-Gangguan-Mental-Health-624x351.jpg duchove.com/wp-content/uploads/2021/08/	22 KB 23 KB	330ms 329ms	Image image/jpeg	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://duchove.com/wp-content/uploads/2021/08/Dysphoria-Menjadi-Salah-Satu-Gejala-Dari-Gangguan-Mental-Health-624x351.jpg Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d7b55b1118f1c8730aa3a172b2689b4b05c9061d58c5141f5692a52b8754b4b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 22612 last-modified Mon, 30 Aug 2021 12:39:23 GMT Server cloudflare etag "5854-612cd17b-e3874f15661b9143;;;" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DBU%2Fmv7VFXVwNgJF87yz4w7kgUlzpvB%2Btf5htvq0arbavP2D0PJZ1YQUXl%2Bfkc2ktW5oEJ0o5myOXEIJEe%2B5ZAYZVL3zaYJ5BMzB87yVoKA0QCwt8YLg%2FrZ3E2nRi9aDDqKNahqY9EQDA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249c12ac71f25-FRA expires Tue, 14 Sep 2021 19:19:20 GMT
GET H/1.1	200 OK	navigation.js Show response duchove.com/wp-content/themes/twentytwelve/js/	2 KB 2 KB	228ms 228ms	Script application/x-javascript	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 659 last-modified Thu, 05 Aug 2021 10:14:12 GMT Server cloudflare etag "610-610bb9f4-bcd8a2e36c2e3daa;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEDawnmsM0COHebQ3xHhN0zGyLR9gHoMccd%2ByWBg9AqLfAN4VPTbr9vANoeN2dKQymMDq%2Bld7W6jWOuQG3HFPdGDc3j5DXEFeta%2B08iq5HE2gvhqv%2BMWkhNWaUFX2G7QZwlwHn5WK9yBQQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249be4d794e13-FRA expires Tue, 14 Sep 2021 19:19:20 GMT
GET H/1.1	200 OK	wp-embed.min.js Show response duchove.com/wp-includes/js/	1 KB 2 KB	229ms 228ms	Script application/x-javascript	2606:4700:3031::6815:4e2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://duchove.com/wp-includes/js/wp-embed.min.js?ver=5.8 Requested by Host: duchove.com URL: http://duchove.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:4e2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host duchove.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://duchove.com/ Connection keep-alive Cache-Control no-cache Referer http://duchove.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 07 Sep 2021 19:19:20 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 769 last-modified Thu, 25 Feb 2021 09:15:51 GMT Server cloudflare etag "592-60376ac7-a8faead13e1591ab;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJQF4lH4puMJJZdVqUzAZif%2FsYusCe88hD15GhC1MtjdwsNxQ0iNZL%2Bkz6xk3ivPdjZhSx36K87%2B4yPddFk38BNn6UnDcuX6rYCkIwJBkIzEqg%2Fhv9LUrXgT7LMLdB8XGvoIQU6jrxcTZA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 68b249be4db74a7f-FRA expires Tue, 14 Sep 2021 19:19:20 GMT

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://duchove.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.yukepo.com
cf.shopee.co.id
duchove.com
fonts.googleapis.com
fonts.gstatic.com
images.everydayhealth.com
images.fineartamerica.com
img.republicworld.com
jatenglive.com
s1.bukalapak.com
s2.bukalapak.com
sacr3-files.s3-eu-west-1.amazonaws.com
static.billboard.com
thumbs.dreamstime.com
upload.wikimedia.org
www.beautycrew.com.au
www.visitbratislava.com
1.37.34.207
13.213.106.203
13.225.25.24
156.67.222.31
192.229.233.122
2.16.186.138
2.16.186.195
2600:9000:2113:1a00:d:8a0c:6440:93a1
2606:4700:3031::6815:4e2f
2606:4700::6811:6e1f
2620:0:862:ed1a::2:b
2a00:1450:4001:802::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
37.9.175.22
52.218.102.88
54.253.222.115
92.123.225.106
013a0ddc1253d7461f2f00c6b1eb456522fc0864901b4071d09cff637345a59e
021a5770c6a1e46ab3746c7ee48729544189683d2b56e7bcf42878f1b3e2a5c4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1762d2db445ba253564bf33da1684b0ef9feb37f9866d74289f2d3ca8f983adc
2d7b55b1118f1c8730aa3a172b2689b4b05c9061d58c5141f5692a52b8754b4b
462bfba5ee4d26a8247cf10541c93c67a260e9972148143e479dbe9af0d3d0a6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
64495f831a662f48a73ff5631bb271af23389be842cb6d86db441ee2c50f2897
6b270164f487e2983eeaec6d8e0b1cd4873615e74ea0696f4ac91ed2d10e4b99
7e487fa6c8c50af5aa18f3d26effee8ee671a8ad06d36556deed8ccee081ae10
8b19d9bdd49962b08cfe2e5a8e2f62741423cf361be4ee8e9bb8ba5a30dce83b
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9c5e840990a69dc89d223dfa76e18e0b0568c4b9456a9e64759e6ab6c925f0d6
9ed1c12fb6a16fc9c59a560428fe304d1668ed46d7ba836de181ef207b21cbd9
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a788e94bcbfa33e23751b96518f2d1cc33cf1b9dc8e03ff324298c7d88ad9dd2
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ac5a474b48fe85f7404f41e692bbdb51e2246508f95db032e0617733e2b6c9af
ace60fbb936780a0ea7181da705001d2e090f5b3c1e3e515b3224455fd32bf1c
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1770a7146ab5edcc3588a70f796c423526a9231f0cb3c0ddb057889ae5c605f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc5a49e0de0ad67d7d0acef519ec3d044c4ddc64a440b06b2f3abf2d7c849942
ce3c4660e0ca040345035bf6f902fea238a84b6f95fcce0917e4fc62b1847bda
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2cca208f01efed5ce188873153408bedc75479efda82b59ade5ecbab5560ce6
e63d158ba7eba1ba91e8e7e3ed826b3445a6cb0e63d9000310391a91facebc04
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
f65e6d112cc56e821c6f20daa0fac1547324bff8bfb748faba9da51af30d04f3
fd59b66cf7c42edc3a918d05b81e0934f7c72b101399c519987b04c3a4f8570b