urlscan.io logo urlscan.io
SecurityTrails logo

amishgateway.com Open in urlscan Pro
35.215.119.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.amishgateway.com.cp7.ezhostingserver.com/
Effective URL: https://amishgateway.com/
Submission: On August 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 33 HTTP transactions. The main IP is 35.215.119.103, located in Los Angeles, United States and belongs to GOOGLE, US. The main domain is amishgateway.com.
TLS certificate: Issued by R3 on August 7th 2023. Valid for: 3 months.
This is the only time amishgateway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    216.198.207.2 (United States)

ASN7393 (CYBERCON, US)
PTR: subscribetech.com
www.amishgateway.com.cp7.ezhostingserver.com
15    35.215.119.103 (Los Angeles, United States)

ASN15169 (GOOGLE, US)
PTR: 103.119.215.35.bc.googleusercontent.com
amishgateway.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 amishgateway.com
amishgateway.com
278 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
213 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
2 gstatic.com
fonts.gstatic.com
45 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
608 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
1 KB
1 ezhostingserver.com
www.amishgateway.com.cp7.ezhostingserver.com
299 B
33 8
Domain Requested by
15 amishgateway.com amishgateway.com
7 pagead2.googlesyndication.com amishgateway.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com amishgateway.com
1 www.amishgateway.com.cp7.ezhostingserver.com 1 redirects
33 9
Subject Issuer Validity Valid
*.amishgateway.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://amishgateway.com/
Frame ID: 4F7808E9433C9E65336B2543D8FEE428
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 7F9D9F443A5447E383666D044D633A82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1684346102888365&output=html&adk=1812271804&adf=3025194257&lmt=1692303826&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Famishgateway.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692311026659&bpp=4&bdt=1190&idt=227&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2832204966528&frm=20&pv=2&ga_vid=1954844002.1692311027&ga_sid=1692311027&ga_hid=1675576416&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44796632%2C44799578&oid=2&pvsid=3252849911343732&tmod=2115751378&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: 5F514DB528DB2812CE469BF89BEE64F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95F6A8BEFA0272DBCFECEEC06A56A0B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8EE1FFE9823D9F16481681CDA4EA40A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amish Country Info & Resources | Amish Gateway

Page URL History Show full URLs

  1. https://www.amishgateway.com.cp7.ezhostingserver.com/ HTTP 301
    https://amishgateway.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

544 kB
Transfer

1201 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.amishgateway.com.cp7.ezhostingserver.com/ HTTP 301
    https://amishgateway.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amishgateway.com/
Redirect Chain
  • https://www.amishgateway.com.cp7.ezhostingserver.com/
  • https://amishgateway.com/
50 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7cbdda8ca552f86da36d6fd342a41d8ff9840eaaa1549c47fcb47b5c070acaf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 22:23:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://amishgateway.com/wp-json/>; rel="https://api.w.org/", <https://amishgateway.com/wp-json/wp/v2/pages/117>; rel="alternate"; type="application/json", <https://amishgateway.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
x-proxy-cache
HIT

Redirect headers

alt-svc
quic=":443"; ma=2592000; v="39,43,46,50", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 22:23:43 GMT
location
https://amishgateway.com/
server
LiteSpeed
x-powered-by
PHP/7.1.33
x-redirect-by
WordPress
style.css
amishgateway.com/wp-content/themes/eleven40-pro/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/themes/eleven40-pro/style.css?ver=2.2.3
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
21fff3473be463ddcf93f0506faf2f3facbd71d73a05f8e53ac2d46a76d082ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Wed, 24 Jun 2020 09:23:32 GMT
server
nginx
etag
W/"5ef31b94-8f44"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
style.min.css
amishgateway.com/wp-includes/css/dist/block-library/ 		102 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/css/dist/block-library/style.min.css?ver=f76b73ab24c99a6e6415f11ea7ecf99e
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Sat, 12 Aug 2023 07:49:52 GMT
server
nginx
etag
W/"64d739a0-19824"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
dashicons.min.css
amishgateway.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/css/dashicons.min.css?ver=f76b73ab24c99a6e6415f11ea7ecf99e
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Fri, 16 Apr 2021 16:25:56 GMT
server
nginx
etag
W/"6079ba94-e688"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora%3A400%2C700%7COswald%3A400&ver=3.3.3
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9f9f54228036f984821d80677bb442348494f8633fffe25717f711735881277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 22:23:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 22:23:45 GMT
ads_styles.css
amishgateway.com/wp-content/plugins/ads-wp-site-count/css/ 		480 B
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/plugins/ads-wp-site-count/css/ads_styles.css?ver=f76b73ab24c99a6e6415f11ea7ecf99e
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a70cc48e6b925e2f15bd0297a2d04e00b53ece354a079d975c4034552af2199e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Tue, 01 Sep 2020 23:31:45 GMT
server
nginx
etag
W/"5f4ed9e1-1e0"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
jquery.min.js
amishgateway.com/wp-includes/js/jquery/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Sat, 12 Aug 2023 07:49:51 GMT
server
nginx
etag
W/"64d7399f-155ba"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
jquery-migrate.min.js
amishgateway.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Sat, 12 Aug 2023 07:49:51 GMT
server
nginx
etag
W/"64d7399f-3509"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
responsive-menu.js
amishgateway.com/wp-content/themes/eleven40-pro/js/ 		834 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/themes/eleven40-pro/js/responsive-menu.js?ver=1.0.0
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5f852528a2390fb9b04fba4c026d62925b708751dfeb8eb271ef87aa8c9200fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
content-encoding
br
last-modified
Wed, 24 Jun 2020 09:23:32 GMT
server
nginx
etag
W/"5ef31b94-342"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3c4a24f6f4f516a8a333a838bcbef3e7a02e2bca9a2220af8bb4c5b78e1383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50659
x-xss-protection
0
server
cafe
etag
9759267799259262143
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:23:46 GMT
Ohio-Amish-Country-Gateway-142030.jpg
amishgateway.com/wp-content/uploads/2020/10/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amishgateway.com/wp-content/uploads/2020/10/Ohio-Amish-Country-Gateway-142030.jpg
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f78e75fe9e18e26780f4ecd6cdb4be0d3e03aaaa6f40344f51054fe8c9b9fb40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:45 GMT
last-modified
Sat, 10 Oct 2020 00:30:39 GMT
server
nginx
etag
"5f8100af-e7e5"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
59365
expires
Fri, 16 Aug 2024 22:23:45 GMT
Amish-Gateway-1-768x512.jpg
amishgateway.com/wp-content/uploads/2020/08/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amishgateway.com/wp-content/uploads/2020/08/Amish-Gateway-1-768x512.jpg
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1292e1f8188c952c1790ee385907a2396baa97dab7af8b1b493b47685806c287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
last-modified
Tue, 25 Aug 2020 09:31:36 GMT
server
nginx
etag
"5f44da78-19717"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
104215
expires
Fri, 16 Aug 2024 22:23:46 GMT
hoverIntent.min.js
amishgateway.com/wp-includes/js/ 		1 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 22:09:44 GMT
server
nginx
etag
W/"628ffaa8-5db"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:46 GMT
superfish.min.js
amishgateway.com/wp-content/themes/genesis/lib/js/menu/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
last-modified
Mon, 17 Aug 2020 16:54:12 GMT
server
nginx
etag
W/"5f3ab634-1193"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:46 GMT
superfish.args.min.js
amishgateway.com/wp-content/themes/genesis/lib/js/menu/ 		132 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.3.3
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
last-modified
Mon, 17 Aug 2020 16:54:12 GMT
server
nginx
etag
W/"5f3ab634-84"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:46 GMT
skip-links.min.js
amishgateway.com/wp-content/themes/genesis/lib/js/ 		386 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
last-modified
Mon, 17 Aug 2020 16:54:12 GMT
server
nginx
etag
W/"5f3ab634-182"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:46 GMT
1e4cb7f4-9e96-4ad3-b8a9-a2c29b90f3f5
https://amishgateway.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://amishgateway.com/1e4cb7f4-9e96-4ad3-b8a9-a2c29b90f3f5
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e225b815866cbaf4c9f7ff5c6a631670f0a72dd36647c77eca3fa5b8dbf3958

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpeg
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C700%7COswald%3A400&ver=3.3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amishgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 10:46:27 GMT
x-content-type-options
nosniff
age
473839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 10:46:27 GMT
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C700%7COswald%3A400&ver=3.3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amishgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:02:58 GMT
x-content-type-options
nosniff
age
584448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35888
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 04:02:58 GMT
wp-emoji-release.min.js
amishgateway.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amishgateway.com/wp-includes/js/wp-emoji-release.min.js?ver=f76b73ab24c99a6e6415f11ea7ecf99e
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.119.103 Los Angeles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.119.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
last-modified
Sat, 01 Apr 2023 11:38:45 GMT
server
nginx
etag
W/"642817c5-4904"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 16 Aug 2024 22:23:46 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1684346102888365&plah=amishgateway.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de152ebde440ab1f3513a19440b79941b3e1f5df9181a7260bf56629c72d5329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128213
x-xss-protection
0
server
cafe
etag
11759931035678062589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:23:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 7F9D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amishgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 19:29:16 GMT
etag
13776922816869014096
expires
Thu, 31 Aug 2023 19:29:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		399 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=amishgateway.com&callback=_gfp_s_&client=ca-pub-1684346102888365
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1684346102888365&plah=amishgateway.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44a11022aab0f3b12e3cfc2f2d78d7254f7ab9c8854b263b485a93f3ba6362f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5F51 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1684346102888365&output=html&adk=1812271804&adf=3025194257&lmt=1692303826&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Famishgateway.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692311026659&bpp=4&bdt=1190&idt=227&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2832204966528&frm=20&pv=2&ga_vid=1954844002.1692311027&ga_sid=1692311027&ga_hid=1675576416&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44796632%2C44799578&oid=2&pvsid=3252849911343732&tmod=2115751378&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1684346102888365&plah=amishgateway.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amishgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 22:23:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: amishgateway.com
URL: https://amishgateway.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 22:23:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1684346102888365&plah=amishgateway.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8a2dfa7b027c71e8984afe2de6f966ccb5d21f72e9e41265ec65cee514ec14f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11662
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1684346102888365&plah=amishgateway.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 22:23:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95F6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amishgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 22:12:33 GMT
expires
Fri, 16 Aug 2024 22:12:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8EE1 		831 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f4c4e1302534f52686c21d94cd6240565a28bd2d2f7cbee50cd0fc525174df16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D4GXuimcr1NnLjjhZQMafw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amishgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-D4GXuimcr1NnLjjhZQMafw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 22:23:48 GMT
expires
Thu, 17 Aug 2023 22:23:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame 95F6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 22:16:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8EE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3252849911343732&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 95F6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Hip9ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:23:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3252849911343732&bg=!hoWlhdHNAAZGPLJIZjw7ADkAdvg8WplUhbmhml8GkG3ohwhigbYb9fJi5Engmlib8D81-BgO-oqLCrlfm1OPIqKmW__gsBUXq_MCAAAAUVIAAAAFaAEHCgCvzXGMI8fOpI0GRxROn2t6ynvBpfkK3xtjvDD1H_zoivvmkwRmgupsbbgpGMsqISREb4ij--QgLv7dbl5m5L-Mp8jQUgflF4MnJOImpzu71b-N3g4wpRodWFbSfXNrHqJ9HJ1FywDEszb3wNtCTDRG1-hQZyr8T3_7VVynyLUT4GPjO08Y6q0mD8rD0kEiM4MJU3IzkXeyiXV1-S8mICBAd82PMAuuTZpdAKcPJfZz6ZkCwdQJIH_Ptw6gWQH17Xig5at8OfEBD6qHnZ6yP_78vWfRXelH0_ocU5mbRkVTDfeTSEqZHaGNr2_ebz1bWEtu0asMzVAFyVM4RwK4DfLK41lnC5L-4Abq8rU7dC-NrzUR0E0jt0WyVJSVRIvE4LaYWyU0dbQPMeVbeW5nr0OrZjrf0X8o7GgS2CUk1JYTt7fQUtwdu33Zl2NftAz5Z74Gv_K30Xwu8rolExT2Wz4uFdsyQkjO4BYzc-sjBcnOH9TEWgLUzA9z38B2MF1prL0sQFG6ni249kYRY-1uf_zmuPsvQAil7S9OZ4h3qXa7-e_cfoHBOLTR_tR9FMb2yuLFH-1BWrEjTsNiQTqj0SVjdsEo6zeKOVfM-74Tp39jH7OoegvHf5ALfNh-sBe9glo3lfGfcPx1eLVEWRiKz-LrWN7osAKc855fpvu0oL9bts7prfqyYO5Sbapr7Y4cVCRDm4aZ_u5IsyJvsKR1zkJN_2DDokweu6RyvdYvQ502r6a2WJ9UCxjkPIV6GTwg8HAa44WrQZLOwpyFgyihECsDtOyKOTZW4fEPuX-TB5g1MWX2mMd4AFdTNOXcqmCdQSTpP2nWqXH44Tmt0qKrAvv9IsxOoHL3NtpCX_oDv1j33xGnsRs2klDNyc__02iJimcZZ15xXBp437jFl7XjVDuIylvo1tZG1dkwLd7GoebfmAm2twUtXEduC3XxCnxZt4EB_MWbgNVsnaJ2aalVzIA28GPXsYGQm1iBk-HHwYWMSDUqOJTiBVjOHxMnvz8A_MB3ODHq70yDo5xu05qMRIaA5DNP97T4volPR_EfhaYT5H2UbQqlFCQqlBUUDN3jjsJGeD1e5kMBsmehxwAGUD2w5nozTUKCVIxg4nuDFQt5lzJCfSmTqWhGPdGTLGQEp-uVOHpFFDmm6u0oMPyPii0IDgcGBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amishgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery function| ga_skiplinks object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.amishgateway.com/ Name: __gads
Value: ID=fd38c273bf5155bb-224a38ec53de0050:T=1692311027:RT=1692311027:S=ALNI_MZdjOLajo9Wz8kPChUmnIXzARsPgg
.amishgateway.com/ Name: __gpi
Value: UID=00000c621ee73d90:T=1692311027:RT=1692311027:S=ALNI_MbkTMVvnRjfyoYuk-dcGfHqUkhqzA

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1684346102888365&output=html&adk=1812271804&adf=3025194257&lmt=1692303826&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Famishgateway.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692311026659&bpp=4&bdt=1190&idt=227&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2832204966528&frm=20&pv=2&ga_vid=1954844002.1692311027&ga_sid=1692311027&ga_hid=1675576416&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44796632%2C44799578&oid=2&pvsid=3252849911343732&tmod=2115751378&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amishgateway.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.amishgateway.com.cp7.ezhostingserver.com
www.google.com
216.198.207.2
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:831::2002
35.215.119.103
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
1292e1f8188c952c1790ee385907a2396baa97dab7af8b1b493b47685806c287
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
21fff3473be463ddcf93f0506faf2f3facbd71d73a05f8e53ac2d46a76d082ba
3e225b815866cbaf4c9f7ff5c6a631670f0a72dd36647c77eca3fa5b8dbf3958
44a11022aab0f3b12e3cfc2f2d78d7254f7ab9c8854b263b485a93f3ba6362f1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f852528a2390fb9b04fba4c026d62925b708751dfeb8eb271ef87aa8c9200fa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
7cbdda8ca552f86da36d6fd342a41d8ff9840eaaa1549c47fcb47b5c070acaf2
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a70cc48e6b925e2f15bd0297a2d04e00b53ece354a079d975c4034552af2199e
a9f9f54228036f984821d80677bb442348494f8633fffe25717f711735881277
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3c4a24f6f4f516a8a333a838bcbef3e7a02e2bca9a2220af8bb4c5b78e1383c
de152ebde440ab1f3513a19440b79941b3e1f5df9181a7260bf56629c72d5329
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f4c4e1302534f52686c21d94cd6240565a28bd2d2f7cbee50cd0fc525174df16
f78e75fe9e18e26780f4ecd6cdb4be0d3e03aaaa6f40344f51054fe8c9b9fb40
f8a2dfa7b027c71e8984afe2de6f966ccb5d21f72e9e41265ec65cee514ec14f