urlscan.io logo urlscan.io
SecurityTrails logo

lomasalmi.joikubooking.com Open in urlscan Pro
3.227.43.216  Public Scan

Go To Rescan Add Verdict Report
URL: https://lomasalmi.joikubooking.com/
Submission: On September 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 3.227.43.216, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is lomasalmi.joikubooking.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 30th 2019. Valid for: 3 months.
This is the only time lomasalmi.joikubooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 13 3.227.43.216 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
6 5.101.110.225 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
20 5
13    3.227.43.216 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-227-43-216.compute-1.amazonaws.com
lomasalmi.joikubooking.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    5.101.110.225 (Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
joiku-assets.ams3.digitaloceanspaces.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
Domain Requested by
13 lomasalmi.joikubooking.com 6 redirects lomasalmi.joikubooking.com
6 joiku-assets.ams3.digitaloceanspaces.com lomasalmi.joikubooking.com
4 fonts.gstatic.com lomasalmi.joikubooking.com
2 platform.twitter.com lomasalmi.joikubooking.com
platform.twitter.com
1 fonts.googleapis.com lomasalmi.joikubooking.com
20 5

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
basecampoulanka.joikubooking.com
Let's Encrypt Authority X3		 2019-09-30 -
2019-12-29		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.ams3.digitaloceanspaces.com
DigiCert SHA2 Secure Server CA		 2018-10-11 -
2019-11-08		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lomasalmi.joikubooking.com/
Frame ID: 7893E818AE0D2EA9AF37393C93A455BE
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Flomasalmi.joikubooking.com
Frame ID: 08FF0D60A163F1ED14A845881DF13731
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1908 kB
Transfer

3019 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://lomasalmi.joikubooking.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBKdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--b4282f556e228993968a8afd4d30b29a4a00fc0d/lomasalmi_logo.png HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/8CxbjmqW8iVdjCD7ZUXjjVmC?response-content-disposition=inline%3B%20filename%3D%22lomasalmi_logo.png%22%3B%20filename%2A%3DUTF-8%27%27lomasalmi_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c30d567f5a112b05cf59fb62024063130993cd4fcb4ac5723f4e09a9ae46e05
Request Chain 3
  • https://lomasalmi.joikubooking.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBIdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--8a0e5233b5a408510a5aeabf2b09b37fc8f3edfa/WP_20170308_10_17_50_Pro.jpg HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/Hg7MTna3dyXcER6PHQCVw4Rz?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f76d1d2e5116b6dbb4e2148da7c48e1d4005473784d543b930e1db64c5760a88
Request Chain 4
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--bb699229fc431bc52c9c1ffeb846072ef59e09e6/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTkRBd2VESTJOd1k2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--7ad817b17b5364a4f7f3e621fc06f57718e3d3c6/IMG_0677.jpg HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/BDLKacBHS4p1EZKzp9CsEmAL/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0677.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0677.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=6d2929ce27cb0fd97795e7c03c01b849f4bdc5275c82e2aea04f3a8226d1abc9
Request Chain 5
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--07adde7fa8665ed1e338ebcf0c0d3a0efda96224/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTkRBd2VESTJOd1k2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--7ad817b17b5364a4f7f3e621fc06f57718e3d3c6/WP_20170308_10_17_50_Pro.jpg HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/914aGa3dsYibL5oNJtYJJJ9r/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c0b5d0e112d7a9cb211edd2c5a9bc7c9225aac1e94140d7f7952a8d782f6663
Request Chain 6
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJUT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--fe2be4339be9e48f8bf4d4f507b3962ababaedbc/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTkRBd2VESTJOd1k2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--7ad817b17b5364a4f7f3e621fc06f57718e3d3c6/WP_20170308_10_17_50_Pro.jpg HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/mFSU1GwqU79pdiB4oqQjM2WV/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=84c8ad3d7b5ebb16ae0ca7d86f2977b69b3c322943afb6d98244f9b85d7e62d7
Request Chain 7
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBIZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--a7da1e1cf2d86b3b74a9b34490df3cfe87832847/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTkRBd2VESTJOd1k2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--7ad817b17b5364a4f7f3e621fc06f57718e3d3c6/IMG_0879.jpg HTTP 302
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/3JgHzuTQaMGVwkSsYYRVnoBe/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0879.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0879.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7036099c52f80eee4a0ada5678c991fce7f4d65f8085fa72f4368e0920d08819

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
lomasalmi.joikubooking.com/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
5c9527380a24b6623199b2d0f2d745c2422bcc37c114bbdff89580487b1e0880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
lomasalmi.joikubooking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
Cowboy
Date
Mon, 30 Sep 2019 14:54:09 GMT
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"5c9527380a24b6623199b2d0f2d745c2"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_joiku_session=E8JTj9PuzqIOCq7tQUXFU82mWRsfordWna3IV6G9ezKpnlOqFbUld4%2FVeiLEiyYT8GYSVwTYL4HKq0M7aE25HISBKenkG5K3HbsF2UzZ1oCJ1A1m4BijCoWwupULSFbK6lrVb2S%2BREqc05OgRpmfiQ1eTaWGtX%2BnbMiTVg%3D%3D--3ub4FZcgRZo09sfo--LjhG2qUHMr0X6y7qPLxzTQ%3D%3D; path=/; HttpOnly
X-Request-Id
2f7a8ace-095f-4247-aa10-6fc55919f0f7
X-Runtime
0.101239
Transfer-Encoding
chunked
Via
1.1 vegur
css
fonts.googleapis.com/ 		7 KB
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
18e39960e04117ccd710f0da24456c0ec247987c7e9977835700181af643751d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Sep 2019 14:54:09 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 30 Sep 2019 14:54:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 30 Sep 2019 14:54:09 GMT
application-fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de.css
lomasalmi.joikubooking.com/assets/ 		737 KB
181 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/assets/application-fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de.css
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 12:13:42 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Content-Length
185155
8CxbjmqW8iVdjCD7ZUXjjVmC
joiku-assets.ams3.digitaloceanspaces.com/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBKdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--b4282f556e228993968a8afd4d30b29a4a00fc0d/lomasalmi_lo...
  • https://joiku-assets.ams3.digitaloceanspaces.com/8CxbjmqW8iVdjCD7ZUXjjVmC?response-content-disposition=inline%3B%20filename%3D%22lomasalmi_logo.png%22%3B%20filename%2A%3DUTF-8%27%27lomasalmi_logo.p...
17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/8CxbjmqW8iVdjCD7ZUXjjVmC?response-content-disposition=inline%3B%20filename%3D%22lomasalmi_logo.png%22%3B%20filename%2A%3DUTF-8%27%27lomasalmi_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c30d567f5a112b05cf59fb62024063130993cd4fcb4ac5723f4e09a9ae46e05
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
6c0e035f9bf40ce00dc905bbddd0980d73c7151531982f0cbd7a129ce78f9b0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Last-Modified
Thu, 26 Sep 2019 21:10:12 GMT
x-amz-request-id
tx00000000000004951c867-005d921712-141135b-ams3a
ETag
"1770e219d4506423b592cbd37788ff6f"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/png
Content-Disposition
inline; filename="lomasalmi_logo.png"; filename*=UTF-8''lomasalmi_logo.png
Accept-Ranges
bytes
Content-Length
17536

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
a3d1485b-3687-4525-845c-fe07495551a7
X-Runtime
0.011148
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/8CxbjmqW8iVdjCD7ZUXjjVmC?response-content-disposition=inline%3B%20filename%3D%22lomasalmi_logo.png%22%3B%20filename%2A%3DUTF-8%27%27lomasalmi_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c30d567f5a112b05cf59fb62024063130993cd4fcb4ac5723f4e09a9ae46e05
Cache-Control
max-age=300, private
Hg7MTna3dyXcER6PHQCVw4Rz
joiku-assets.ams3.digitaloceanspaces.com/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBIdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--8a0e5233b5a408510a5aeabf2b09b37fc8f3edfa/WP_20170308_...
  • https://joiku-assets.ams3.digitaloceanspaces.com/Hg7MTna3dyXcER6PHQCVw4Rz?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_201...
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/Hg7MTna3dyXcER6PHQCVw4Rz?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f76d1d2e5116b6dbb4e2148da7c48e1d4005473784d543b930e1db64c5760a88
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
ab96f472e66b90a53c4c299884684b0e524e5d3c0750cb8a06153aba4cc03706
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:11 GMT
Last-Modified
Thu, 26 Sep 2019 20:45:12 GMT
x-amz-request-id
tx00000000000004951ca51-005d921713-141135b-ams3a
ETag
"b8dfc44f74703368572f98a1f6df60b3"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/jpeg
Content-Disposition
inline; filename="WP_20170308_10_17_50_Pro.jpg"; filename*=UTF-8''WP_20170308_10_17_50_Pro.jpg
Accept-Ranges
bytes
Content-Length
1109454

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
12f52319-eaba-4431-83b1-2b66e198db92
X-Runtime
0.008731
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/Hg7MTna3dyXcER6PHQCVw4Rz?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f76d1d2e5116b6dbb4e2148da7c48e1d4005473784d543b930e1db64c5760a88
Cache-Control
max-age=300, private
7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519
joiku-assets.ams3.digitaloceanspaces.com/variants/BDLKacBHS4p1EZKzp9CsEmAL/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJdz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--bb699229fc431bc52c9c1ffeb846072ef59e09e6/ey...
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/BDLKacBHS4p1EZKzp9CsEmAL/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename...
67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/variants/BDLKacBHS4p1EZKzp9CsEmAL/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0677.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0677.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=6d2929ce27cb0fd97795e7c03c01b849f4bdc5275c82e2aea04f3a8226d1abc9
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
a5a0afd0a9cbd711a093aa86b9c0bf916764866bb88d7a5584322f70c788ebd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Last-Modified
Thu, 26 Sep 2019 20:59:46 GMT
x-amz-request-id
tx000000000000048b37793-005d921712-141441a-ams3a
ETag
"1d21b0db13e66f55df72bb355f5a6a65"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/jpeg
Content-Disposition
inline; filename="IMG_0677.jpg"; filename*=UTF-8''IMG_0677.jpg
Accept-Ranges
bytes
Content-Length
68704

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
bf711436-5ce7-4a9a-9f42-6b2c5d8f28b0
X-Runtime
0.417880
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/variants/BDLKacBHS4p1EZKzp9CsEmAL/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0677.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0677.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=6d2929ce27cb0fd97795e7c03c01b849f4bdc5275c82e2aea04f3a8226d1abc9
Cache-Control
max-age=300, private
7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519
joiku-assets.ams3.digitaloceanspaces.com/variants/914aGa3dsYibL5oNJtYJJJ9r/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--07adde7fa8665ed1e338ebcf0c0d3a0efda96224/ey...
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/914aGa3dsYibL5oNJtYJJJ9r/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename...
51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/variants/914aGa3dsYibL5oNJtYJJJ9r/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c0b5d0e112d7a9cb211edd2c5a9bc7c9225aac1e94140d7f7952a8d782f6663
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
ae535a5ae7e081bbd337e0d61b169ec76227450ad7ff3ba28be7a4525af93ea5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Last-Modified
Thu, 26 Sep 2019 20:55:58 GMT
x-amz-request-id
tx000000000000048b377a9-005d921712-141441a-ams3a
ETag
"d4fba59ef2562d8000fde7489794fa2c"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/jpeg
Content-Disposition
inline; filename="WP_20170308_10_17_50_Pro.jpg"; filename*=UTF-8''WP_20170308_10_17_50_Pro.jpg
Accept-Ranges
bytes
Content-Length
52075

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
9afc5eca-c2b0-4868-9081-2548100f2159
X-Runtime
0.436518
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/variants/914aGa3dsYibL5oNJtYJJJ9r/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c0b5d0e112d7a9cb211edd2c5a9bc7c9225aac1e94140d7f7952a8d782f6663
Cache-Control
max-age=300, private
7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519
joiku-assets.ams3.digitaloceanspaces.com/variants/mFSU1GwqU79pdiB4oqQjM2WV/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBJUT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--fe2be4339be9e48f8bf4d4f507b3962ababaedbc/ey...
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/mFSU1GwqU79pdiB4oqQjM2WV/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename...
47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/variants/mFSU1GwqU79pdiB4oqQjM2WV/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=84c8ad3d7b5ebb16ae0ca7d86f2977b69b3c322943afb6d98244f9b85d7e62d7
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
0ddd4ec1040ad9e2488bb35ec3a8e9ee3215e33cc57aaf7f9808a1e25436734f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Last-Modified
Thu, 26 Sep 2019 20:54:16 GMT
x-amz-request-id
tx00000000000004951c93c-005d921712-141135b-ams3a
ETag
"e4bf7fa88aef9f2b464e28fb1da93c20"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/jpeg
Content-Disposition
inline; filename="WP_20170308_10_17_50_Pro.jpg"; filename*=UTF-8''WP_20170308_10_17_50_Pro.jpg
Accept-Ranges
bytes
Content-Length
48436

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
f3207a32-f069-45c9-b85d-cb4b34e33a7f
X-Runtime
0.417315
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/variants/mFSU1GwqU79pdiB4oqQjM2WV/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22WP_20170308_10_17_50_Pro.jpg%22%3B%20filename%2A%3DUTF-8%27%27WP_20170308_10_17_50_Pro.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=84c8ad3d7b5ebb16ae0ca7d86f2977b69b3c322943afb6d98244f9b85d7e62d7
Cache-Control
max-age=300, private
7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519
joiku-assets.ams3.digitaloceanspaces.com/variants/3JgHzuTQaMGVwkSsYYRVnoBe/
Redirect Chain
  • https://lomasalmi.joikubooking.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBIZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--a7da1e1cf2d86b3b74a9b34490df3cfe87832847/ey...
  • https://joiku-assets.ams3.digitaloceanspaces.com/variants/3JgHzuTQaMGVwkSsYYRVnoBe/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename...
52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joiku-assets.ams3.digitaloceanspaces.com/variants/3JgHzuTQaMGVwkSsYYRVnoBe/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0879.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0879.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7036099c52f80eee4a0ada5678c991fce7f4d65f8085fa72f4368e0920d08819
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.110.225 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
c3c785979d7d488a8324a75f9e6905f9c711a35cf9d4805203398ef2044147ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Last-Modified
Thu, 26 Sep 2019 20:42:01 GMT
x-amz-request-id
tx00000000000004951c9e9-005d921712-141135b-ams3a
ETag
"ba25b3d7a4ec1841c957117192fdb7f1"
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Type
image/jpeg
Content-Disposition
inline; filename="IMG_0879.jpg"; filename*=UTF-8''IMG_0879.jpg
Accept-Ranges
bytes
Content-Length
52900

Redirect headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
59573251-7c3e-4d74-8790-9031a2c862be
X-Runtime
0.478905
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://joiku-assets.ams3.digitaloceanspaces.com/variants/3JgHzuTQaMGVwkSsYYRVnoBe/7422de26f48a5dc48fc135fd523f17d1e5c4793021012b7ce6890c2255e08519?response-content-disposition=inline%3B%20filename%3D%22IMG_0879.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_0879.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=XZ6UASDJOFKXTEIF4NXL%2F20190930%2Fams3%2Fs3%2Faws4_request&X-Amz-Date=20190930T145410Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7036099c52f80eee4a0ada5678c991fce7f4d65f8085fa72f4368e0920d08819
Cache-Control
max-age=300, private
cards_all-bfb5d1fd71aa380aca44326af67110c2b298a9a4f2de1d104d6a19b7c3e166d1.svg
lomasalmi.joikubooking.com/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lomasalmi.joikubooking.com/assets/cards_all-bfb5d1fd71aa380aca44326af67110c2b298a9a4f2de1d104d6a19b7c3e166d1.svg
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
bfb5d1fd71aa380aca44326af67110c2b298a9a4f2de1d104d6a19b7c3e166d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:09 GMT
Via
1.1 vegur
Last-Modified
Wed, 06 Mar 2019 16:00:21 GMT
Server
Cowboy
Connection
keep-alive
Content-Length
6660
Content-Type
image/svg+xml
application-3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5.js
lomasalmi.joikubooking.com/assets/ 		695 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/assets/application-3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5.js
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Sep 2019 07:10:08 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Content-Length
213000
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v8/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v8/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 10:36:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:41 GMT
server
sffe
age
3039468
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7960
x-xss-protection
0
expires
Tue, 25 Aug 2020 10:36:22 GMT
themify-0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7.woff
lomasalmi.joikubooking.com/assets/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/assets/themify-0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7.woff?-fvbane
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Sec-Fetch-Mode
cors
Referer
https://lomasalmi.joikubooking.com/assets/application-fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de.css
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 06 Mar 2019 17:08:09 GMT
Server
Cowboy
Connection
keep-alive
Content-Length
56108
Content-Type
application/font-woff
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v8/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v8/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 12:30:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:54 GMT
server
sffe
age
2427833
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7836
x-xss-protection
0
expires
Tue, 01 Sep 2020 12:30:17 GMT
ElegantIcons-be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae.woff
lomasalmi.joikubooking.com/assets/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/assets/ElegantIcons-be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae.woff
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Sec-Fetch-Mode
cors
Referer
https://lomasalmi.joikubooking.com/assets/application-fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de.css
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:09 GMT
Via
1.1 vegur
Last-Modified
Wed, 06 Mar 2019 17:08:09 GMT
Server
Cowboy
Connection
keep-alive
Content-Length
63664
Content-Type
application/font-woff
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v8/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v8/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 10:36:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:57 GMT
server
sffe
age
3039468
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7988
x-xss-protection
0
expires
Tue, 25 Aug 2020 10:36:22 GMT
widgets.js
platform.twitter.com/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E1) /
Resource Hash
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 17:14:55 GMT
Server
ECS (fcn/40E1)
Etag
"2de633c541519a6e0e3cc9b2a90013da+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28608
skin.css
lomasalmi.joikubooking.com/layerslider/skins/v5/ 		0
201 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lomasalmi.joikubooking.com/layerslider/skins/v5/skin.css
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/assets/application-3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.43.216 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-227-43-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lomasalmi.joikubooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:54:10 GMT
Via
1.1 vegur
Last-Modified
Mon, 30 Sep 2019 12:13:42 GMT
Server
Cowboy
Connection
keep-alive
Content-Length
0
Content-Type
text/css
widget_iframe.d6364fae9340b0be5f13818370141fd0.html
platform.twitter.com/widgets/ Frame 08FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Flomasalmi.joikubooking.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4192) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://lomasalmi.joikubooking.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://lomasalmi.joikubooking.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Sep 2019 14:54:10 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 17 Sep 2019 17:14:06 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4192)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v8/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v8/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: lomasalmi.joikubooking.com
URL: https://lomasalmi.joikubooking.com/assets/application-3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
Origin
https://lomasalmi.joikubooking.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Sep 2019 11:03:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:29 GMT
server
sffe
age
1309846
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7968
x-xss-protection
0
expires
Mon, 14 Sep 2020 11:03:24 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| qtySum function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| __guard__ function| __guardMethod__ function| InfoBox function| MarkerClusterer function| Cluster function| ClusterIcon undefined| _createClass undefined| Emitter undefined| Dropzone undefined| without undefined| camelize undefined| detectVerticalSquash undefined| drawImageIOSFix undefined| ExifRestore undefined| contentLoaded function| $ function| jQuery function| Popper object| bootstrap function| WOW function| ResizeSensor string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile boolean| jquery_mmenu_all_js function| moment function| daterangepicker function| Switchery object| _gsScope object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| TimelineLite function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| CSSPlugin object| layerSliderTransitions function| lsShowNotice function| uaMatch object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| getCookie function| getWindowOptions object| twttr object| __twttrll object| __twttr number| x object| param string| layerMarginBottom number| layerMarginTop string| layerMarginRight number| layerMarginLeft string| nextLayerBottom number| nextLayerTop number| nextLayerRight string| nextLayerLeft string| curLayerBottom number| curLayerTop string| curLayerRight number| nextLayerWidth number| nextLayerHeight number| nextSubScaleY number| nextSubScaleX number| nextSubSkewY number| nextSubSkewX number| nextSubScale number| nextSubRotateY number| nextSubRotateX

1 Cookies

Domain/Path Name / Value
lomasalmi.joikubooking.com/ Name: _joiku_session
Value: U3ef43zNwkqyF9pyX02qt5asc%2BuZFR8iBI0rui1kuAJkGv6rSUICt2SC1g8YBVtGsUVPMcTsEqH6pGMwKq7IbaZEYqP4%2BFBMuS3wJJWjZUjcHjMLFKB%2B5S%2FsrtPJIjLbCRYe5k%2BP9KsqmgPV6kOZqg1d%2F2ReQUjPAltn3A%3D%3D--LVaiN5LgGtTplIhd--0lkJDWm71E0t4CaP3MYGaw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
joiku-assets.ams3.digitaloceanspaces.com
lomasalmi.joikubooking.com
platform.twitter.com
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
3.227.43.216
5.101.110.225
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0ddd4ec1040ad9e2488bb35ec3a8e9ee3215e33cc57aaf7f9808a1e25436734f
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
18e39960e04117ccd710f0da24456c0ec247987c7e9977835700181af643751d
3ad3ad909a6e44e544856c357880f468b0858c40fc4cc52c1fe0e2d55f7e35e5
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171
5c9527380a24b6623199b2d0f2d745c2422bcc37c114bbdff89580487b1e0880
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
6c0e035f9bf40ce00dc905bbddd0980d73c7151531982f0cbd7a129ce78f9b0a
a5a0afd0a9cbd711a093aa86b9c0bf916764866bb88d7a5584322f70c788ebd8
ab96f472e66b90a53c4c299884684b0e524e5d3c0750cb8a06153aba4cc03706
ae535a5ae7e081bbd337e0d61b169ec76227450ad7ff3ba28be7a4525af93ea5
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
bfb5d1fd71aa380aca44326af67110c2b298a9a4f2de1d104d6a19b7c3e166d1
c3c785979d7d488a8324a75f9e6905f9c711a35cf9d4805203398ef2044147ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa764639f7d492704506d376d8da6ba3d4309d8acec35926b321188d56efa0de
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388