urlscan.io logo urlscan.io
SecurityTrails logo

shofatour.com Open in urlscan Pro
152.53.36.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shofatour.com.sanicha.ca/
Effective URL: https://shofatour.com/
Submission: On December 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 33 HTTP transactions. The main IP is 152.53.36.14, located in Austria and belongs to netcup netcup GmbH, DE. The main domain is shofatour.com.
TLS certificate: Issued by E6 on December 25th 2024. Valid for: 3 months.
This is the only time shofatour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.235.219.232 16276 (OVH OVH SAS)
8 152.53.36.14 214996 (netcup ne...)
15 2600:9000:250... 16509 (AMAZON-02)
7 142.251.179.94 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 18.160.18.73 16509 (AMAZON-02)
33 5
1    15.235.219.232 (Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: rs5-sgp.serverhostgroup.com
shofatour.com.sanicha.ca
8    152.53.36.14 (Austria)

ASN214996 (netcup netcup GmbH, DE)
PTR: v2202407124861276986.luckysrv.de
shofatour.com
15    2600:9000:250b:9a00:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ml9silbgvimi.i.optimole.com
7    142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net
fonts.gstatic.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    18.160.18.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-73.iad12.r.cloudfront.net
ml9silbgvimi.i.optimole.com
Apex Domain
Subdomains		 Transfer
16 optimole.com
ml9silbgvimi.i.optimole.com
574 KB
8 shofatour.com
shofatour.com
119 KB
7 gstatic.com
fonts.gstatic.com
135 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3804
pixel.wp.com — Cisco Umbrella Rank: 3757
3 KB
1 sanicha.ca
shofatour.com.sanicha.ca
298 B
33 5
Domain Requested by
16 ml9silbgvimi.i.optimole.com shofatour.com
8 shofatour.com shofatour.com
7 fonts.gstatic.com shofatour.com
1 pixel.wp.com shofatour.com
1 stats.wp.com shofatour.com
1 shofatour.com.sanicha.ca 1 redirects
33 6

This site contains links to these domains. Also see Links.

Domain
haji.kemenag.go.id
Subject Issuer Validity Valid
shofatour.com
E6		 2024-12-25 -
2025-03-25		 3 months crt.sh
*.i.optimole.com
Amazon RSA 2048 M03		 2024-02-10 -
2025-03-10		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
wp.com
E6		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shofatour.com/
Frame ID: 9EEC1AD0859D3CC3725A6A9CCD866153
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shofa Tour | PT. Safa Insan Armani

Page URL History Show full URLs

  1. https://shofatour.com.sanicha.ca/ HTTP 301
    https://shofatour.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

831 kB
Transfer

8429 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shofatour.com.sanicha.ca/ HTTP 301
    https://shofatour.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shofatour.com/
Redirect Chain
  • https://shofatour.com.sanicha.ca/
  • https://shofatour.com/
180 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed / PHP/8.2.26
Resource Hash
d384357e25c9a25a5f7f4014c9e09d8f4d7d4f1d26bbfa9750802cd8b40d4c79

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 16:46:55 GMT
server
LiteSpeed
vary
Accept-Encoding
x-jetpack-boost-cache
hit
x-litespeed-tag
846_
x-powered-by
PHP/8.2.26
x-qc-pop
NA-US-IAD-89

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 16:46:54 GMT
location
https://shofatour.com/
server
LiteSpeed
x-jetpack-boost-cache
miss
x-powered-by
PHP/8.2.26
x-redirect-by
WordPress
/
shofatour.com/_jb_static/ 		51 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/_jb_static/??def689469b
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed / PHP/8.2.26
Resource Hash
4bccb22182dccf9f14606589d8562d594982679c817bb8b751feb80ab33bdb44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-page-optimize
uncached
x-qc-cache
hit
cache-control
max-age=31536000
content-encoding
br
x-jetpack-boost-cache
miss
etag
"5185e37b4481d378355d9d80640cb305"
server
LiteSpeed
content-length
7240
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
text/css;charset=UTF-8
x-powered-by
PHP/8.2.26
vary
Accept-Encoding
last-modified
Wed, 25 Dec 2024 15:26:12 GMT
x-qc-pop
NA-US-IAD-89
shofa-logo.png
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/id:b491ce70c25a579b4cc42d10680aab0a/https://shofatour.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/id:b491ce70c25a579b4cc42d10680aab0a/https://shofatour.com/shofa-logo.png
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
2560491c47e77c3ae03d73a3743a96658359a03e6952058d00c8013528abe505
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
ZxzHDuxh1RlFhJugZI5nG
etag
"0Zb1dpHFqUsKDodTzEpZc6ot1XbYbRW0mrdWHPlcXlQ/RIjg2MWJkYjQ2NTAzMjc4ZmRiMTI3YmU2YmY2YThmNjFkIg"
age
7097
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
98rudJm4L-QdDXmzNZ0Oh-8WYPL6BztISiESY6fD9BUaLzA1-bJfnQ==
date
Wed, 25 Dec 2024 14:48:38 GMT
content-type
image/png
content-disposition
inline; filename="shofa-logo.png"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
5925
x-amz-cf-pop
IAD12-P4
server
Optimole
kemenag-himpuh.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/kemenag-himpuh.jpg?w=1080&ssl=1
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
ab850676b34243fdbeab313d58583787431081234066cf0055ed1538463ab37e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
6GWWnahepZZQKIBGLi0DW
etag
"mJ4q9XoYj54dp-1RclKuvO-Ll5JqsNHmiF2g3_6wAZY/RIjNiYWM4MmNlMDU4NWViMWNiZWRlY2VlYzgwOTA2NTIxIg"
age
5684
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Cp-vJob6Emk6nAVCtW12eHRPVd6lHxRn3Hv74swCGZb0deqP2sInOg==
date
Wed, 25 Dec 2024 15:12:11 GMT
content-type
image/webp
content-disposition
inline; filename="kemenag-himpuh.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
18058
x-amz-cf-pop
IAD12-P4
server
Optimole
spice-shop-32.png
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/ 		482 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/spice-shop-32.png?w=1080&ssl=1
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
4fbfe53dcf3e6aba8fb1fe8d1f5fae95ffb7b39bd61f63b5ebc61d79a03e1f4e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
5Kp7yIppr1x1kWqxLSheb
etag
"ZZjilr15hLoRrsVq9Y0i-pvEtF_CrXBkOMHZ6jW4MJA/RImVhM2IzMDNlYmM1OGZjMjkxYThhZTExNWM1MDk0ZGZhIg"
age
5684
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yGfZacOXVXEZonroSwZBNLwZNmKjzZP0ATrSWLE7sbtyt9tGiOiQ9w==
date
Wed, 25 Dec 2024 15:12:11 GMT
content-type
image/webp
content-disposition
inline; filename="spice-shop-32.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
482
x-amz-cf-pop
IAD12-P4
server
Optimole
banner.mp4
shofatour.com/wp-content/uploads/2023/02/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/wp-content/uploads/2023/02/banner.mp4
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://shofatour.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-litespeed-tag
846_
Content-Range
bytes 0-9624301/9624302
Content-Length
9624302
date
Wed, 25 Dec 2024 16:46:56 GMT
content-type
video/mp4
last-modified
Wed, 25 Dec 2024 12:02:16 GMT
server
LiteSpeed
x-qc-pop
NA-US-IAD-89
preloader.gif
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/themes/Divi/includes/builder/styles/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
14da3589427f3143821132429f5de8d638e49cf6128321080f3792b5669bff62
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
p0wzfMF6JQbwoPe_W8qJs
etag
"AyYAywfALRDlYW6lVFuxPE9KSTPIxBOZOX3iItdsGQE/RIjk4OTVhMDI3ZDcyYTFhOWJkN2MyZTkyMmQwYWQyNzNjIg"
age
8489
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
oFMojjHRrglNvPwuCHS1fHmdCKdzJh3Sw-i_QAIqWGAbrLFJW2YNeQ==
date
Wed, 25 Dec 2024 14:25:26 GMT
content-type
image/webp
content-disposition
inline; filename="preloader.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
4620
x-amz-cf-pop
IAD12-P4
server
Optimole
00d.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/00d.jpg
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
1967b293c17586ebcc9ae6c058eb50af565bcb8c023cc7a765f3283671fb236d
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
eaeqcOUY4dNdPcHxugeXK
etag
"4hL1nUgJuM-4aqtvN_kO-XeByVel4H9xQwVUHncxoi8/RImYyYjgwMTUyM2FmMzA1NTM1MGQ5OTAxODUyMDgwZmVmIg"
age
7091
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TeoaijaYYumdelIag6-j_7R1ytOTxCSJ3sX2suUssdVkR_ow1q7B4Q==
date
Wed, 25 Dec 2024 14:48:44 GMT
content-type
image/webp
content-disposition
inline; filename="00d.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
96296
x-amz-cf-pop
IAD12-P4
server
Optimole
masjid-al-haram-3.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/masjid-al-haram-3.jpg
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
5575ec2016261b6f8a7f8da1611dfeded55fd3006614e2529ab3ec5dd594f883
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
IYMQJofOjjaMbWQPU51u5
etag
"5msGfMYovx-l92GMfxlAqbHCAqy0tvUPTQ9jdPGsVQI/RIjRiMjNkNGU2MGRjZWE2ZGIzMGJmOTgzYWNlYzU1ZDQzIg"
age
8677
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
T9dLoPKBbLjjHiDPIrFpYH_PC_ngsro_NyBfE5Lw1e4uqK08RLeDJw==
date
Wed, 25 Dec 2024 14:22:18 GMT
content-type
image/jpeg
content-disposition
inline; filename="masjid-al-haram-3.jpg"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
173619
x-amz-cf-pop
IAD12-P4
server
Optimole
4.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/4.jpg
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
ac3d328c885ae77dcbd0225dc129fa733412332ab17e6c75b7b95e5a82b52077
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
-Ec5gDNb8JjsPrAewr_ry
etag
"CVps6vvlV1vzvXNrep8hGOLQD6g1U5DSel4GLZLYQQQ/RImZmNzM2NmJjZDgwNDQ4MzYyOGM4ZjIwN2MwNzcwODkwIg"
age
7096
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
O2SoTjzeVSpGYpFLTXB-wJ_vu-_oGiNWkR0nwNOzkAlFFnGI79h8WA==
date
Wed, 25 Dec 2024 14:48:39 GMT
content-type
image/webp
content-disposition
inline; filename="4.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
55502
x-amz-cf-pop
IAD12-P4
server
Optimole
kaaba_07.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/kaaba_07.jpg
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
ea6af0cf1942b25b4f0bb0e546cf935bfad4a4925179f9b11e6ecbbe75e45a8f
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
wfxCDkR2Y5fao6fnrYXjD
etag
"8zzVyJLOzSvY3Xmr5FQEhWI-7JPdNegISAnTeiQ4nEo/RIjM4OWUxNWYyNzc3NWU4ZmFkYzFkNWU2NzA1NjdjN2NjIg"
age
8677
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ji0P-cM3_7bWR_bCpUId5KdSOt704GjoP4D_k292v4P0LvGSpTM8Tw==
date
Wed, 25 Dec 2024 14:22:18 GMT
content-type
image/webp
content-disposition
inline; filename="kaaba_07.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
111180
x-amz-cf-pop
IAD12-P4
server
Optimole
mosques-dome-on-dusk-sunset-twilight-sky-and-bokeh-2023-01-03-20-33-46-utc-scaled.jpg
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://shofatour.com/wp-content/uploads/2023/02/mosques-dome-on-dusk-sunset-twilight-sky-and-bokeh-2023-01-03-20-33-46-utc-scaled.jpg
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
e0d975e0e116e0c04844baf25354fad64e31aa30ed22aed2891567e1a9b80b84
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
yfzm5pxIbpq_YJA8pXU3f
etag
"IUr2FnU5_zMu3p-rTta4wJABDrszJtus_GC5dhfCNpM/RImQ2MWUyMjU2ZTA4ZmJiYjlmN2ZjZjZiZTFjN2NiZWI0Ig"
age
7096
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
6k9eVKtSEmOkJ2-G3YQ5lg8qLOPxHq1pn7qwZkByWvPuNrCNKnxipQ==
date
Wed, 25 Dec 2024 14:48:39 GMT
content-type
image/avif
content-disposition
inline; filename="mosques-dome-on-dusk-sunset-twilight-sky-and-bokeh-2023-01-03-20-33-46-utc-scaled.avif"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
21674
x-amz-cf-pop
IAD12-P4
server
Optimole
modules.woff
shofatour.com/wp-content/themes/Divi/core/admin/fonts/modules/base/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed /
Resource Hash
ef71c937db7d4381cd982493ff9728723d27dd44282cc5adef9e16bc7025ad26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

x-qc-cache
hit
cache-control
public, max-age=604800
etag
"304565666-1735145215;;;"
expires
Wed, 01 Jan 2025 16:46:55 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6152
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
font/woff
last-modified
Wed, 25 Dec 2024 12:02:57 GMT
server
LiteSpeed
x-qc-pop
NA-US-IAD-89
Qw3aZQZaHCLgIWa29ZBTjecUA3x4.woff2
fonts.gstatic.com/s/economica/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/economica/v15/Qw3aZQZaHCLgIWa29ZBTjecUA3x4.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
388b43d0c0ba1ae5823ea55ef72f111a2b70917a9a7f4ea600fd7265c603cd24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
369459
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 10:09:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 10:09:16 GMT
last-modified
Thu, 24 Aug 2023 20:21:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10876
x-xss-protection
0
server
sffe
Qw3fZQZaHCLgIWa29ZBbOMIB.woff2
fonts.gstatic.com/s/economica/v15/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/economica/v15/Qw3fZQZaHCLgIWa29ZBbOMIB.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
a53b0965050079cdbe08c5c76ded4417795a6b999f44ffbdc4d1fbe8b77b2a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
369465
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 10:09:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 10:09:10 GMT
last-modified
Thu, 24 Aug 2023 20:17:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10600
x-xss-protection
0
server
sffe
8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQkEz-A.woff2
fonts.gstatic.com/s/redhatdisplay/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v20/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQkEz-A.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
3212b122ba5131c1708b165bab3ae71d3143ccf2cd0019431ee95220f154420d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
413165
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 22:00:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 22:00:50 GMT
last-modified
Wed, 04 Dec 2024 06:50:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17520
x-xss-protection
0
server
sffe
8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbouRQkEz-A.woff2
fonts.gstatic.com/s/redhatdisplay/v20/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v20/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbouRQkEz-A.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
fc4f7adc0ad4f636d805b076fe82c4ff52c0c086ebd712be389074e1eef0cb61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
415153
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:27:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:27:42 GMT
last-modified
Wed, 04 Dec 2024 06:50:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18216
x-xss-protection
0
server
sffe
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w3aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w3aXo.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
0e5b4643dcc42154130c3ebcb95da980bd3c93852468ab3857167a6644ec7a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
415456
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:22:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:22:39 GMT
last-modified
Wed, 06 Nov 2024 17:30:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
43804
x-xss-protection
0
server
sffe
8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbl6WQkEz-A.woff2
fonts.gstatic.com/s/redhatdisplay/v20/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v20/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbl6WQkEz-A.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
be52c8e8d28a075fd213b7c44c53b791fed1cb422e42b97a014fdf9f1cd150ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
416467
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:05:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:05:48 GMT
last-modified
Wed, 04 Dec 2024 06:50:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18332
x-xss-protection
0
server
sffe
8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbrKRQkEz-A.woff2
fonts.gstatic.com/s/redhatdisplay/v20/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v20/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbrKRQkEz-A.woff2
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
2a3013386abeb49e6dc768d25c4edf049cc1f368a512a67236cca7482179f1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shofatour.com
Referer
https://shofatour.com/

Response headers

age
415892
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:15:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:15:23 GMT
last-modified
Wed, 04 Dec 2024 06:50:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18332
x-xss-protection
0
server
sffe
optimole_lib_no_poly.min.js
ml9silbgvimi.i.optimole.com/js-lib/v2/latest/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

vary
accept-encoding
cache-control
max-age=31536000,public
content-encoding
gzip
etag
W/"0eb89ca19c4471edb661005556332adc"
age
9809355
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
EcccdeUeYublrlWSRNtuVrOokuEZXZMPhsK9jQZdY3gfCH5yKa5pIA==
date
Tue, 03 Sep 2024 03:57:41 GMT
content-type
text/javascript
last-modified
Mon, 18 Sep 2023 08:33:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
et-divi-dynamic-tb-869-525-late.css
ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:css/q:mauto/m:1/https://shofatour.com/wp-content/et-cache/525/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:css/q:mauto/m:1/https://shofatour.com/wp-content/et-cache/525/et-divi-dynamic-tb-869-525-late.css
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ca3b46663cee843db4a0c0949827ef9b88a20ca2f7dbb777a29cfee761ffcd33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

access-control-expose-headers
Content-Length, ETag, Cache-Control
content-encoding
br
x-amzn-requestid
e595921a-db9f-4eec-88b1-bd4c656af3c6
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Y_qw7NHUIhIcxx9o1MCZR6UhYJ-D9kM-RfSXo8_AcKttjdt-sl2euw==
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Dec 2024 16:46:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate
x-amz-apigw-id
DW2H5FF0IAMEsDg=
accept-ch
ECT
x-amzn-trace-id
Root=1-676c36fe-175cf7b8301ef0c72b6214aa;Parent=13ea49fb754c3e1c;Sampled=0;Lineage=1:251f2a46:0
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront), 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3, IAD12-P4
jquery.min.js
ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:js/q:mauto/m:0/https://shofatour.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:js/q:mauto/m:0/https://shofatour.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

access-control-expose-headers
Content-Length, ETag, Cache-Control
content-encoding
br
age
7097
x-amzn-requestid
ae042ff4-8c85-4dc0-b367-a762c05578e9
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8jeaRQTV81LgscLeFz3l84sSrGi0y7jfPSYZqJzYHUmgcgRsPbD8gQ==
date
Wed, 25 Dec 2024 14:48:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 14:48:38 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate
x-amz-apigw-id
DWkzAGHkoAMEh6w=
accept-ch
ECT
x-amzn-trace-id
Root=1-676c1b46-701f8a0b3cde044b297b165a;Parent=5aaa967737619e70;Sampled=0;Lineage=1:251f2a46:0
via
1.1 9edb8d9b9614520133cf2257f302ebaa.cloudfront.net (CloudFront), 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3, IAD12-P4
/
shofatour.com/_jb_static/ 		284 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/_jb_static/??d68f10237e
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed / PHP/8.2.26
Resource Hash
e2b9b3f08a7c143bfd949a117c02385aeed7dd7142842b458e311d2c615ac419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-page-optimize
cached
x-qc-cache
hit
cache-control
max-age=31536000
content-encoding
br
x-jetpack-boost-cache
miss
etag
"715438c066b24c8874976f6bba7858af"
server
LiteSpeed
content-length
75980
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
application/javascript
x-powered-by
PHP/8.2.26
vary
Accept-Encoding
last-modified
Wed, 25 Dec 2024 12:03:08 GMT
x-qc-pop
NA-US-IAD-89
e-202452.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202452.js
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT yyz
etag
W/14421-1717166113332.616
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Mon, 22 Dec 2025 20:06:45 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
mediaelement-and-player.min.js
ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:js/q:mauto/m:0/https://shofatour.com/wp-includes/js/mediaelement/ 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/cb:KdBw.532ca/f:js/q:mauto/m:0/https://shofatour.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

access-control-expose-headers
Content-Length, ETag, Cache-Control
content-encoding
br
age
8427
x-amzn-requestid
fcce35fb-a024-4468-8bf7-24a2702536ec
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0mGBsrbBxnmEvdMyZJrTaFjUwxZazrTIvrrfFGpU6owd_kPP4SffmA==
date
Wed, 25 Dec 2024 14:26:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 14:26:28 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate
x-amz-apigw-id
DWhjRHm6oAMEPiA=
accept-ch
ECT
x-amzn-trace-id
Root=1-676c1614-7e3307b910d5fdb439e6642f;Parent=26d9f93108eb358f;Sampled=0;Lineage=1:251f2a46:0
via
1.1 e4c06b6e6eb895470e2fd65bbc93b3b6.cloudfront.net (CloudFront), 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3, IAD12-P4
/
shofatour.com/_jb_static/ 		2 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/_jb_static/??c507b51a3a
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed / PHP/8.2.26
Resource Hash
6a63f68c53cc110101fd4b59082b19a65a859e52e2b8d9bdd5c7269995eb13dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-page-optimize
cached
x-qc-cache
hit
cache-control
max-age=31536000
content-encoding
br
x-jetpack-boost-cache
miss
etag
"b07f3f16262ec07b26db30555a7917eb"
server
LiteSpeed
content-length
937
date
Wed, 25 Dec 2024 16:46:55 GMT
content-type
application/javascript
x-powered-by
PHP/8.2.26
vary
Accept-Encoding
last-modified
Wed, 25 Dec 2024 12:03:08 GMT
x-qc-pop
NA-US-IAD-89
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=240176273&post=525&tz=7&srv=shofatour.com&j=1%3A14.1&host=shofatour.com&ref=&fcp=2671&rand=0.212929814814673
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Wed, 25 Dec 2024 16:46:56 GMT
content-type
image/gif
server
nginx
banner.mp4
shofatour.com/wp-content/uploads/2023/02/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/wp-content/uploads/2023/02/banner.mp4
Requested by
Host: shofatour.com
URL: https://shofatour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://shofatour.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-litespeed-tag
846_
Content-Range
bytes 0-9624301/9624302
Content-Length
9624302
date
Wed, 25 Dec 2024 16:46:56 GMT
content-type
video/mp4
last-modified
Wed, 25 Dec 2024 12:02:16 GMT
server
LiteSpeed
x-qc-pop
NA-US-IAD-89
shofa-logo.png
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/id:b491ce70c25a579b4cc42d10680aab0a/https://shofatour.com/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/id:b491ce70c25a579b4cc42d10680aab0a/https://shofatour.com/shofa-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
2560491c47e77c3ae03d73a3743a96658359a03e6952058d00c8013528abe505
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
ZxzHDuxh1RlFhJugZI5nG
etag
"0Zb1dpHFqUsKDodTzEpZc6ot1XbYbRW0mrdWHPlcXlQ/RIjg2MWJkYjQ2NTAzMjc4ZmRiMTI3YmU2YmY2YThmNjFkIg"
age
7097
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
98rudJm4L-QdDXmzNZ0Oh-8WYPL6BztISiESY6fD9BUaLzA1-bJfnQ==
date
Wed, 25 Dec 2024 14:48:38 GMT
content-type
image/png
content-disposition
inline; filename="shofa-logo.png"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
5925
x-amz-cf-pop
IAD12-P4
server
Optimole
cropped-Ramadhan-Flat-Icon-14.png
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/ 		10 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/cropped-Ramadhan-Flat-Icon-14.png?fit=32%2C32&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:9a00:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Optimole /
Resource Hash
06e8f82159ebcb4ebf53de80e08ddf8b190ee6ae58c85c966e23a0384add6d72
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
zMmLfH7ghcqiAWJ9UpoAu
etag
"7bu6TMhXtXOKTbjB2PE__0Eaw3jrs2fGKUAjQKM-4sI/RIjI1ZGE1MDlmYzE1YTA3NzkxODcxZDYzZWZkNGIzNzc5Ig"
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Xyxzrdp1MR_3zJe9jyqxfWqRitNPyFhWvYtFq-d-PQWyFKRZMY6qtQ==
date
Wed, 25 Dec 2024 16:46:57 GMT
content-type
image/webp
content-disposition
inline; filename="cropped-Ramadhan-Flat-Icon-14.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
10654
x-amz-cf-pop
IAD12-P4
server
Optimole
cropped-Ramadhan-Flat-Icon-14.png
ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/ 		10 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ml9silbgvimi.i.optimole.com/cb:dEu_.53276/w:auto/h:auto/q:mauto/f:best/https://i0.wp.com/shofatour.com/wp-content/uploads/2023/02/cropped-Ramadhan-Flat-Icon-14.png?fit=192%2C192&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.160.18.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-73.iad12.r.cloudfront.net
Software
Optimole /
Resource Hash
06e8f82159ebcb4ebf53de80e08ddf8b190ee6ae58c85c966e23a0384add6d72
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shofatour.com/

Response headers

x-request-id
G3OR_l-xZhYWdCsRIByws
etag
"7bu6TMhXtXOKTbjB2PE__0Eaw3jrs2fGKUAjQKM-4sI/RIjI1ZGE1MDlmYzE1YTA3NzkxODcxZDYzZWZkNGIzNzc5Ig"
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
wPK-R2V4jI45lh5G8YdgOymeIGDoZ9YkvgFSDY7sUZiEgzrji8fOkA==
date
Wed, 25 Dec 2024 16:46:57 GMT
content-type
image/webp
content-disposition
inline; filename="cropped-Ramadhan-Flat-Icon-14.webp"
content-security-policy
script-src 'none'
cache-control
max-age=31536000, public
accept-ch
ECT
via
1.1 665d1c5fbd9802ee4a4f61e7446fc81e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
10654
x-amz-cf-pop
IAD12-P4
server
Optimole
banner.mp4
shofatour.com/wp-content/uploads/2023/02/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://shofatour.com/wp-content/uploads/2023/02/banner.mp4
Protocol
H2
Security
QUIC, , AES_128_GCM
Server
152.53.36.14 , Austria, ASN214996 (netcup netcup GmbH, DE),
Reverse DNS
v2202407124861276986.luckysrv.de
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://shofatour.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=4525822-

Response headers

x-litespeed-tag
846_
Content-Range
bytes 4525822-9624301/9624302
Content-Length
5098480
date
Wed, 25 Dec 2024 16:47:00 GMT
last-modified
Wed, 25 Dec 2024 12:02:16 GMT
x-qc-pop
NA-US-IAD-89
server
LiteSpeed
content-type
video/mp4

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery function| $ object| optimoleData object| _wpmejsSettings object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_fixed_nav function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars object| ET_SmoothScroll function| st_go function| linktracker_init object| wpcom object| _stq object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| wp function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_pb_video_section_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| et_pb_init_woo_custom_button_icon string| waypointContextKey

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
ml9silbgvimi.i.optimole.com
pixel.wp.com
shofatour.com
shofatour.com.sanicha.ca
stats.wp.com
142.251.179.94
15.235.219.232
152.53.36.14
18.160.18.73
192.0.76.3
2600:9000:250b:9a00:2:6f7a:6f00:93a1
06e8f82159ebcb4ebf53de80e08ddf8b190ee6ae58c85c966e23a0384add6d72
0e5b4643dcc42154130c3ebcb95da980bd3c93852468ab3857167a6644ec7a97
14da3589427f3143821132429f5de8d638e49cf6128321080f3792b5669bff62
1967b293c17586ebcc9ae6c058eb50af565bcb8c023cc7a765f3283671fb236d
2560491c47e77c3ae03d73a3743a96658359a03e6952058d00c8013528abe505
2a3013386abeb49e6dc768d25c4edf049cc1f368a512a67236cca7482179f1ed
3212b122ba5131c1708b165bab3ae71d3143ccf2cd0019431ee95220f154420d
388b43d0c0ba1ae5823ea55ef72f111a2b70917a9a7f4ea600fd7265c603cd24
4bccb22182dccf9f14606589d8562d594982679c817bb8b751feb80ab33bdb44
4fbfe53dcf3e6aba8fb1fe8d1f5fae95ffb7b39bd61f63b5ebc61d79a03e1f4e
5575ec2016261b6f8a7f8da1611dfeded55fd3006614e2529ab3ec5dd594f883
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6a63f68c53cc110101fd4b59082b19a65a859e52e2b8d9bdd5c7269995eb13dc
a53b0965050079cdbe08c5c76ded4417795a6b999f44ffbdc4d1fbe8b77b2a85
ab850676b34243fdbeab313d58583787431081234066cf0055ed1538463ab37e
ac3d328c885ae77dcbd0225dc129fa733412332ab17e6c75b7b95e5a82b52077
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
be52c8e8d28a075fd213b7c44c53b791fed1cb422e42b97a014fdf9f1cd150ba
ca3b46663cee843db4a0c0949827ef9b88a20ca2f7dbb777a29cfee761ffcd33
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d384357e25c9a25a5f7f4014c9e09d8f4d7d4f1d26bbfa9750802cd8b40d4c79
d9eef86302b4cafaa9ceb5705c0791ecfda2ea2a20d7b9b84adbe352a1df7374
e0d975e0e116e0c04844baf25354fad64e31aa30ed22aed2891567e1a9b80b84
e2b9b3f08a7c143bfd949a117c02385aeed7dd7142842b458e311d2c615ac419
ea6af0cf1942b25b4f0bb0e546cf935bfad4a4925179f9b11e6ecbbe75e45a8f
ef71c937db7d4381cd982493ff9728723d27dd44282cc5adef9e16bc7025ad26
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fc4f7adc0ad4f636d805b076fe82c4ff52c0c086ebd712be389074e1eef0cb61