urlscan.io logo urlscan.io
SecurityTrails logo

extrawd.site Open in urlscan Pro
139.177.191.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://extrawd.maxspin.site/
Effective URL: https://extrawd.site/
Submission: On July 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 26 HTTP transactions. The main IP is 139.177.191.136, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is extrawd.site.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time extrawd.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    139.177.191.136 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: ariados.sg.domainesia.com
extrawd.maxspin.site
extrawd.site
5    153.92.10.12 (Indonesia)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv45.niagahoster.com
rafifteknik.com
2    2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:81c::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:809::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
5 rafifteknik.com
rafifteknik.com
156 KB
5 extrawd.site
extrawd.site
793 KB
3 wp.com
i0.wp.com — Cisco Umbrella Rank: 2855
149 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
565 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
426 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
86 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 maxspin.site
extrawd.maxspin.site
682 B
26 11
Domain Requested by
5 rafifteknik.com extrawd.site
rafifteknik.com
5 extrawd.site extrawd.site
3 i0.wp.com extrawd.site
2 www.google.com extrawd.site
2 www.facebook.com extrawd.site
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net extrawd.site
connect.facebook.net
2 www.googletagmanager.com extrawd.site
www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 extrawd.maxspin.site 1 redirects
26 12

This site contains links to these domains. Also see Links.

Domain
rafifteknik.com
i0.wp.com
www.google.com
Subject Issuer Validity Valid
*.bonuswd.site
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
rafifteknik.com
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://extrawd.site/
Frame ID: 9A1078FBF61DC6B309337B51851E1D8D
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 020CC7C7A4FEE1F64827EB181EAA07F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jasa Servis ACJasa Servis AC√ Service Ac Bergaransi RAFIF TEKNIK >> Siap Melayani Anda Hari Ini !!WhatsApp

Page URL History Show full URLs

  1. http://extrawd.maxspin.site/ HTTP 301
    https://extrawd.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

1332 kB
Transfer

2208 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://extrawd.maxspin.site/ HTTP 301
    https://extrawd.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
extrawd.site/
Redirect Chain
  • http://extrawd.maxspin.site/
  • https://extrawd.site/
166 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.191.136 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
ariados.sg.domainesia.com
Software
DomaiNesia /
Resource Hash
d3bb25449ae81fb546a72e95cd79300d5700bc081782ffc7419863996f0fb837
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
br
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Sat, 23 Jul 2022 21:16:12 GMT
dn-request-id
d85c0e3d403b880028bba40e7edd2c40
dynamic-cache-status
MISS
link
<https://extrawd.site/wp-json/>; rel="https://api.w.org/", <https://extrawd.site/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json", <https://extrawd.site/>; rel=shortlink
referrer-policy
strict-origin-when-cross-origin
server
DomaiNesia
strict-transport-security
max-age=31536000; includeSubDomains; preload always
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-page-speed
DomaiNesia
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache
Connection
keep-alive
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Type
text/html; charset=UTF-8
DN-Request-Id
bdb02075efafc6cfb474967d12e0fb48
Date
Sat, 23 Jul 2022 21:16:11 GMT
Dynamic-Cache-Status
MISS
Location
https://extrawd.site/
Referrer-Policy
strict-origin-when-cross-origin
Server
DomaiNesia
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload always
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Page-Speed
DomaiNesia
X-Redirect-By
WordPress
X-XSS-Protection
1; mode=block
style.css
extrawd.site/wp-content/themes/twentytwentytwo/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extrawd.site/wp-content/themes/twentytwentytwo/style.css?ver=1.2
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.191.136 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
ariados.sg.domainesia.com
Software
DomaiNesia /
Resource Hash
c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:13 GMT
content-encoding
gzip
dn-request-id
09935e8a3533ad3071c5b53d823ba66b
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Jul 2022 03:19:23 GMT
server
DomaiNesia
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload always
content-type
text/css
static-cache-status
MISS
cache-control
max-age=2592000
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options
nosniff
expires
Mon, 22 Aug 2022 21:16:13 GMT
b931f4f080a5820320777448b75a8368.css
rafifteknik.com/wp-content/cache/min/1/ 		189 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rafifteknik.com/wp-content/cache/min/1/b931f4f080a5820320777448b75a8368.css
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.92.10.12 , Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv45.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
2f716b2ab7cd2d434893ee89dc4c2ad3e9ddd8526037b851d1e0ceaa5e84f200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 09 May 2022 22:26:52 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
31402
x-xss-protection
1; mode=block;
expires
Sun, 23 Jul 2023 21:16:16 GMT
jquery.min.js
rafifteknik.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rafifteknik.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.92.10.12 , Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv45.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 21 Jul 2021 02:15:12 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
30094
x-xss-protection
1; mode=block;
expires
Sun, 23 Jul 2023 21:16:16 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92615547-1
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82b36a30873b4d1132a033806561763bed64af304d09ff8080aac861aee27ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41800
x-xss-protection
0
last-modified
Sat, 23 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Jul 2022 21:16:13 GMT
autoptimize_3cc30c3894b94a3c71b8b18b41d0067c.js
rafifteknik.com/wp-content/cache/autoptimize/js/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rafifteknik.com/wp-content/cache/autoptimize/js/autoptimize_3cc30c3894b94a3c71b8b18b41d0067c.js
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.92.10.12 , Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv45.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
7d404c4613a3e262cb9fee02392ff247743f0881b4789b60f635a0b4814b35a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 21 Jul 2022 06:45:13 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30672000,public, immutable,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
19101
x-xss-protection
1; mode=block;
expires
Thu, 13 Jul 2023 21:16:16 GMT
wp-emoji-release.min.js
extrawd.site/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extrawd.site/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.191.136 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
ariados.sg.domainesia.com
Software
DomaiNesia /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding
gzip
dn-request-id
474964eeeb2912c47bbc69bf7be12f16
x-original-content-length
18617
vary
Accept-Encoding
content-length
4917
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Jul 2022 03:19:23 GMT
server
DomaiNesia
x-frame-options
SAMEORIGIN
date
Sat, 23 Jul 2022 03:20:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload always
content-type
application/javascript; charset=utf-8
static-cache-status
MISS
cache-control
max-age=2592000
etag
W/"PSA-Mr62ijdOOu"
x-content-type-options
nosniff
expires
Mon, 22 Aug 2022 03:20:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26093
x-xss-protection
0
pragma
public
x-fb-debug
8t1bCD8HbM/I6LWImw/ieBTCxbgRUGvaHYzrwAei9FqDbZ2WeJfboDdy46LI0Pt3Z1qrcmELM1eESbCou3RUNw==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Sat, 23 Jul 2022 21:16:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3812153865201251b93662069904f493c89d12333052c174c97c82e98c3e8ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca746f0a441816d9a240115eba648cb75596a34d05519aeb48ab6835fc776dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb977b416dcbc16893ad4b4451c452f0d67f5712433e13e4773f69035d2c9d73

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
342f06125dec79c1f37382ac5e44eb7cdf480301d36686b6031616e9d94d61f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffa8172f18b512072ed365ae25c29c2a162e79ef0c41fc0fe0ef7b21bff3700e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e18d37988f20c8a2fc2f57c2b7d1cd7c92e29636658d947b388feb228ea9e2e3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c928e0e4b21ff719b71a70fed07cb63acf66440bee1e478042cdf9bc4386c4b8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cc08cbd881ea3d7e191829d6b2a699da6ce77096dbfd77cf85e399905802060

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92615547-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
836
date
Sat, 23 Jul 2022 21:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 23 Jul 2022 23:02:21 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-863374194&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92615547-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33a8a0a9ef72e789c0a5254738c79f58536b1a60dcb2c0fa010103e9b6bc794e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45386
x-xss-protection
0
last-modified
Sat, 23 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Jul 2022 21:16:17 GMT
SourceSerif4Variable-Roman.ttf.woff2
extrawd.site/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/ 		418 KB
419 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://extrawd.site/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.191.136 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
ariados.sg.domainesia.com
Software
DomaiNesia /
Resource Hash
bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://extrawd.site/
Origin
https://extrawd.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
dn-request-id
68041177a13b7202cb242892652eca83
content-length
428448
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Jul 2022 03:19:23 GMT
server
DomaiNesia
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload always
content-type
font/woff2
static-cache-status
MISS
cache-control
max-age=2592000, s-maxage=10
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges
bytes
x-content-type-options
nosniff
expires
Mon, 22 Aug 2022 21:16:17 GMT
SourceSerif4Variable-Italic.ttf.woff2
extrawd.site/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/ 		339 KB
340 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://extrawd.site/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Italic.ttf.woff2
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.191.136 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
ariados.sg.domainesia.com
Software
DomaiNesia /
Resource Hash
679552970b131f8ab2f7f5d6202ad8cce0b63b89e110fdb6fa65fb1283fa399b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://extrawd.site/
Origin
https://extrawd.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
dn-request-id
e9d7ca71356701ff06eef98f1c752665
content-length
346840
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Jul 2022 03:19:23 GMT
server
DomaiNesia
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload always
content-type
font/woff2
static-cache-status
MISS
cache-control
max-age=2592000, s-maxage=10
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges
bytes
x-content-type-options
nosniff
expires
Mon, 22 Aug 2022 21:16:17 GMT
fontawesome-webfont.woff2
rafifteknik.com/wp-content/themes/landingpress-wp/assets/lib/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rafifteknik.com/wp-content/themes/landingpress-wp/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: rafifteknik.com
URL: https://rafifteknik.com/wp-content/cache/min/1/b931f4f080a5820320777448b75a8368.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
153.92.10.12 , Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv45.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://rafifteknik.com/wp-content/cache/min/1/b931f4f080a5820320777448b75a8368.css
Origin
https://extrawd.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 04:10:44 GMT
server
LiteSpeed
x-powered-by
Niagahoster
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
vary
User-Agent,Accept-Encoding
cache-control
public, max-age=10368000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
77160
x-xss-protection
1; mode=block;
expires
Sun, 20 Nov 2022 21:16:17 GMT
rafif-teknik-service-ac-990x525.jpg
i0.wp.com/rafifteknik.com/wp-content/uploads/2017/08/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/rafifteknik.com/wp-content/uploads/2017/08/rafif-teknik-service-ac-990x525.jpg
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
81b556b8d08552ba18f836f6dda5184512f024cb57bd51df36d98ac450146f7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
MISS ewr 8
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Sat, 23 Jul 2022 13:01:04 GMT
server
nginx
etag
"2913eea67c789373"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://rafifteknik.com/wp-content/uploads/2017/08/rafif-teknik-service-ac-990x525.jpg>; rel="canonical"
content-length
61926
expires
Tue, 23 Jul 2024 01:01:04 GMT
ez-toc-icomoon.woff2
rafifteknik.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 		580 B
629 B 		Font
General
Check archive.org
Download Go to
Full URL
https://rafifteknik.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
Requested by
Host: rafifteknik.com
URL: https://rafifteknik.com/wp-content/cache/min/1/b931f4f080a5820320777448b75a8368.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
153.92.10.12 , Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv45.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://rafifteknik.com/wp-content/cache/min/1/b931f4f080a5820320777448b75a8368.css
Origin
https://extrawd.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jul 2022 06:31:55 GMT
server
LiteSpeed
x-powered-by
Niagahoster
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
accept-ranges
bytes
vary
User-Agent,Accept-Encoding
content-length
580
x-xss-protection
1; mode=block;
expires
Sun, 20 Nov 2022 21:16:17 GMT
jasa-kitchen-set-dari-aluminium-300x240.png
i0.wp.com/rafifteknik.com/wp-content/uploads/2019/12/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/rafifteknik.com/wp-content/uploads/2019/12/jasa-kitchen-set-dari-aluminium-300x240.png
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
350b5dd948fd3421de146d305125f9883a5966a96ab5809ff158b07b9a3d9d7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
MISS ewr 6
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Sat, 23 Jul 2022 13:01:03 GMT
server
nginx
etag
"1f011a77b4b9d31f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://rafifteknik.com/wp-content/uploads/2019/12/jasa-kitchen-set-dari-aluminium-300x240.png>; rel="canonical"
content-length
81752
expires
Tue, 23 Jul 2024 01:01:03 GMT
tukang-service-ac-300x183.jpg
i0.wp.com/rafifteknik.com/wp-content/uploads/2019/06/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/rafifteknik.com/wp-content/uploads/2019/06/tukang-service-ac-300x183.jpg
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4de9af2f50ded6bdd17a4ee1c25e7754c120e71e907bd09b15825dfde5b9930b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
MISS ewr 1
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Sat, 23 Jul 2022 13:01:02 GMT
server
nginx
etag
"d7e8fa75d3931977"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://rafifteknik.com/wp-content/uploads/2019/06/tukang-service-ac-300x183.jpg>; rel="canonical"
content-length
8450
expires
Tue, 23 Jul 2024 01:01:02 GMT
1301097456626745
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1301097456626745?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8bb6114d9388f82fca6c4867c0007dfea99c224b7aa1d5fab0745fe6f9973cf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
P1kiPWzw4dvQEBrcGXBzqaNQhM4ou3TQKYICzMgR9WilQ+UQXIhEW4vnKzcgyCVr+2B69mbE82/vBjGh0b8gng==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 23 Jul 2022 21:16:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658610977582
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1711011387&t=pageview&_s=1&dl=https%3A%2F%2Fextrawd.site%2F&ul=en-us&de=UTF-8&dt=Jasa%20Servis%20AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=441434321&gjid=433765837&cid=1750130175.1658610977&tid=UA-92615547-1&_gid=329524406.1658610977&_r=1&gtm=2ou7k0&z=359468293
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://extrawd.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extrawd.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863374194&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15165
x-xss-protection
0
server
cafe
etag
6365998374961989006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Jul 2022 21:16:17 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-92615547-1&cid=1750130175.1658610977&jid=441434321&gjid=433765837&_gid=329524406.1658610977&_u=YEBAAUAAAAAAAC~&z=1827305950
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://extrawd.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Jul 2022 21:16:17 GMT
content-type
text/plain
access-control-allow-origin
https://extrawd.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1301097456626745&ev=PageView&dl=https%3A%2F%2Fextrawd.site%2F&rl=&if=false&ts=1658610977616&cd[source]=landingpress&cd[version]=2.9.11&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658610977614.2107419668&it=1658610977410&coo=false&rqm=GET
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 21:16:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 23 Jul 2022 21:16:17 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-92615547-1&cid=1750130175.1658610977&jid=441434321&_u=YEBAAUAAAAAAAC~&z=1977943041
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863374194/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863374194/?random=1658610977626&cv=9&fst=1658610977626&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fextrawd.site%2F&tiba=Jasa%20Servis%20AC&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd98f0a96404fb344af22847ec40ff2c6da2be79ef37903c55fa84cc0524c00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jul 2022 21:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1005
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/863374194/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/863374194/?random=1658610977626&cv=9&fst=1658610000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fextrawd.site%2F&tiba=Jasa%20Servis%20AC&async=1&fmt=3&is_vtc=1&random=1213475853&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://extrawd.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jul 2022 21:16:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 020C 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: extrawd.site
URL: https://extrawd.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://extrawd.site
Referer
https://extrawd.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://extrawd.site
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 21:16:18 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery function| clickIE4 function| clickNS4 function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager object| ezTOC object| lazyLoadOptions object| pagespeed object| google_tag_data string| GoogleAnalyticsObject function| ga function| wpbshareopen object| wpbshare object| joinchat_obj function| Cookies object| LpModernizr object| seven_inch object| isMobile function| LazyLoad object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy

7 Cookies

Domain/Path Name / Value
.extrawd.site/ Name: _ga
Value: GA1.2.1750130175.1658610977
.extrawd.site/ Name: _gid
Value: GA1.2.329524406.1658610977
.extrawd.site/ Name: _gat_gtag_UA_92615547_1
Value: 1
.extrawd.site/ Name: _gcl_au
Value: 1.1.963780452.1658610977
.extrawd.site/ Name: _fbp
Value: fb.1.1658610977614.2107419668
.facebook.com/ Name: fr
Value: 063YRhlKp65YH2qj9..Bi3GUh...1.0.Bi3GUh.
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
extrawd.maxspin.site
extrawd.site
googleads.g.doubleclick.net
i0.wp.com
rafifteknik.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
139.177.191.136
142.251.40.194
153.92.10.12
192.0.77.2
2607:f8b0:4004:c07::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2004
2607:f8b0:4006:80c::2008
2607:f8b0:4006:81c::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f716b2ab7cd2d434893ee89dc4c2ad3e9ddd8526037b851d1e0ceaa5e84f200
33a8a0a9ef72e789c0a5254738c79f58536b1a60dcb2c0fa010103e9b6bc794e
342f06125dec79c1f37382ac5e44eb7cdf480301d36686b6031616e9d94d61f1
350b5dd948fd3421de146d305125f9883a5966a96ab5809ff158b07b9a3d9d7a
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
4de9af2f50ded6bdd17a4ee1c25e7754c120e71e907bd09b15825dfde5b9930b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
679552970b131f8ab2f7f5d6202ad8cce0b63b89e110fdb6fa65fb1283fa399b
7d404c4613a3e262cb9fee02392ff247743f0881b4789b60f635a0b4814b35a0
81b556b8d08552ba18f836f6dda5184512f024cb57bd51df36d98ac450146f7e
82b36a30873b4d1132a033806561763bed64af304d09ff8080aac861aee27ef0
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
9cc08cbd881ea3d7e191829d6b2a699da6ce77096dbfd77cf85e399905802060
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a
c928e0e4b21ff719b71a70fed07cb63acf66440bee1e478042cdf9bc4386c4b8
d3812153865201251b93662069904f493c89d12333052c174c97c82e98c3e8ad
d3bb25449ae81fb546a72e95cd79300d5700bc081782ffc7419863996f0fb837
dca746f0a441816d9a240115eba648cb75596a34d05519aeb48ab6835fc776dc
dd98f0a96404fb344af22847ec40ff2c6da2be79ef37903c55fa84cc0524c00e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e18d37988f20c8a2fc2f57c2b7d1cd7c92e29636658d947b388feb228ea9e2e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bb6114d9388f82fca6c4867c0007dfea99c224b7aa1d5fab0745fe6f9973cf
eb977b416dcbc16893ad4b4451c452f0d67f5712433e13e4773f69035d2c9d73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffa8172f18b512072ed365ae25c29c2a162e79ef0c41fc0fe0ef7b21bff3700e