urlscan.io logo urlscan.io
SecurityTrails logo

www.baeflix.co Open in urlscan Pro
2a00:1450:4001:801::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://younimetube.com/
Effective URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Submission: On May 26 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2a00:1450:4001:801::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.baeflix.co.
TLS certificate: Issued by WR3 on May 21st 2024. Valid for: 3 months.
This is the only time www.baeflix.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.239.36.21 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:4... 396982 (GOOGLE-CL...)
17 7
1    216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net
younimetube.com
5    2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.younimetube.com
www.baeflix.co
license.jagodesain.com
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.wendycode.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2600:1901:0:4d00:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
wendy-code-user-default-rtdb.firebaseio.com
Domain Requested by
6 fonts.gstatic.com www.baeflix.co
3 www.baeflix.co www.younimetube.com
www.baeflix.co
2 www.blogger.com www.baeflix.co
2 cdn.wendycode.com www.baeflix.co
1 license.jagodesain.com www.baeflix.co
1 wendy-code-user-default-rtdb.firebaseio.com cdn.wendycode.com
1 cdnjs.cloudflare.com www.baeflix.co
1 www.younimetube.com
1 younimetube.com 1 redirects
17 9

This site contains links to these domains. Also see Links.

Domain
anime.animesia.net
www.blogger.com
Subject Issuer Validity Valid
www.younimetube.com
WR3		 2024-05-22 -
2024-08-20		 3 months crt.sh
www.baeflix.co
WR3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
wendycode.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.blogger.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.us-central1.firebasedatabase.app
WR4		 2024-05-06 -
2024-08-04		 3 months crt.sh
license.jagodesain.com
GTS CA 1D4		 2024-04-20 -
2024-07-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Frame ID: F17B95E56841C3BB87B3D926DDE5666B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Halaman Login Kamu - Aniverse

Page URL History Show full URLs

  1. http://younimetube.com/ HTTP 307
    https://younimetube.com/ HTTP 301
    https://www.younimetube.com/ Page URL
  2. https://www.baeflix.co/p/halaman-login-kamu.html?m=1/ Page URL

Page Statistics

17
Requests

100 %
HTTPS

86 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

320 kB
Transfer

902 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://younimetube.com/ HTTP 307
    https://younimetube.com/ HTTP 301
    https://www.younimetube.com/ Page URL
  2. https://www.baeflix.co/p/halaman-login-kamu.html?m=1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://younimetube.com/ HTTP 307
  • https://younimetube.com/ HTTP 301
  • https://www.younimetube.com/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.younimetube.com/
Redirect Chain
  • http://younimetube.com/
  • https://younimetube.com/
  • https://www.younimetube.com/
81 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.younimetube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
17489
content-type
text/html; charset=UTF-8
date
Sun, 26 May 2024 06:36:42 GMT
etag
W/"66983832bb813da8fe85314300f5c9fb2253ad25eb9ca0767fca46e088cd2956"
expires
Sun, 26 May 2024 06:36:42 GMT
last-modified
Thu, 23 May 2024 00:48:10 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
225
content-type
text/html; charset=UTF-8
date
Sun, 26 May 2024 06:36:42 GMT
location
https://www.younimetube.com/
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
Primary Request halaman-login-kamu.html
www.baeflix.co/p/ 		183 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Requested by
Host: www.younimetube.com
URL: https://www.younimetube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52fcec1d357b92304668a47e2cde88ed478b7c7a911e84ce78813434d5df267a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.younimetube.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
45560
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
date
Sun, 26 May 2024 06:36:42 GMT
etag
W/"967cab606557b90d46a7f5d5c847e40910e8c2632e78091eac92d9358a3877bc"
expires
Sun, 26 May 2024 06:36:42 GMT
last-modified
Sat, 25 May 2024 11:19:32 GMT
report-to
{"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:19:19 GMT
x-content-type-options
nosniff
age
425844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13104
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 08:19:19 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 01:17:47 GMT
x-content-type-options
nosniff
age
451136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22592
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 01:17:47 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:55:07 GMT
x-content-type-options
nosniff
age
272496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22760
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:56:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:55:07 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:39:28 GMT
x-content-type-options
nosniff
age
273435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:39:28 GMT
sdk.js
cdn.wendycode.com/loginfitur/firebase/ 		195 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wendycode.com/loginfitur/firebase/sdk.js
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412d3dc1fb6c5103b175ba46ba58ccdec7a9613752983f4c5bd2c674e3a0711f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
594760e35563cd75794b5db5ba8c6a4500679f90
date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
gzip
via
1.1 varnish
expires
Sun, 26 May 2024 06:46:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
63590
x-served-by
cache-fra-eddf8230100-FRA
last-modified
Mon, 06 May 2024 14:06:30 GMT
server
cloudflare
x-github-request-id
8188:3EB3C1:A80F15:ADCE8C:6652D87A
x-timer
S1716705403.059449,VS0,VE106
etag
W/"6638e3e6-30acb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXHXXtJqXZvNe9xJ2bISj%2F7Ku%2FhIB98jQtK1S4PvdXR5307V6xnKfx0yOw7KsJA7x2kimYi19iP0TPRO5IRvceM1bHg3Atks9Rw9ScLhzggvprSpgmpyN5IkSk31%2F%2Fx5cKm0Kgg3zWgs%2FAHW9jPFcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889bc0a0fe5d2bc7-FRA
x-cache-hits
0
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
797423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAg9U%2FrYSdCpBYQ8WRh%2BEsCS%2BfyqW5dKCzAR4nVvR6ZNIrWw%2BK57TAZkJc5IUNRhdUYeFmxBER9sng3mzYDB2W1Z8ecLfV00TNpUEYPBqucr82v1gwjLebTBXLe0Oc3tKpu0YEqfq%2F2GSdPl3YTPdm37"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
889bc0a0d80818c1-FRA
expires
Fri, 16 May 2025 06:36:43 GMT
login.js
cdn.wendycode.com/loginfitur/firebase/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wendycode.com/loginfitur/firebase/login.js
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c8c478991cf52cd563dceae8b67306769f4100ca440f0388fc116deee8922a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
dd6c9ce59eb16ec04c2b62cb3d1f520ae66e0c15
date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
gzip
via
1.1 varnish
expires
Sun, 26 May 2024 06:46:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
19298
x-served-by
cache-fra-eddf8230146-FRA
last-modified
Mon, 06 May 2024 14:06:30 GMT
server
cloudflare
x-github-request-id
47F6:312870:10E6C38:11779EC:6652D87A
x-timer
S1716705403.061859,VS0,VE98
etag
W/"6638e3e6-cdfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG1v9KfAG8bxtiPi5JORYS1FTqVSD9s8izOD4elTe%2BoNH5KebaRXOEahSW9hNJnZt4R6%2F4mY%2BpaF3obNzNtwcxZqaPYkTiTDLdPYE2cLs6VCLnA8wMNA4ykvLy6DWCo77MagORV8dGxMW2t8TuGDxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
889bc0a10e602bc7-FRA
x-cache-hits
0
cookienotice.js
www.baeflix.co/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baeflix.co/js/cookienotice.js
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 06:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 26 May 2024 04:49:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 02 Jun 2024 06:36:42 GMT
3642221003-widgets.js
www.blogger.com/static/v1/widgets/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3642221003-widgets.js
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e181a079d431ad90bef6faf248e5bdddbf301ad6fc84353413e74ee7263e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 13:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50978
x-xss-protection
0
last-modified
Wed, 22 May 2024 19:55:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 23 May 2025 13:50:01 GMT
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98e844b82c168f8b7d874d6cb9f1da8578d661f2216f43fb8a702f673b90d9a6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90a57fc691756f0531daf0347705e95f75c45a2b5331470fccadce80bddb6fdc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 03:09:36 GMT
x-content-type-options
nosniff
age
271627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 03:09:36 GMT
o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v27/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Origin
https://www.baeflix.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 03:21:48 GMT
x-content-type-options
nosniff
age
98095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11652
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 03:21:48 GMT
firebaseLogin.json
wendy-code-user-default-rtdb.firebaseio.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wendy-code-user-default-rtdb.firebaseio.com/firebaseLogin.json
Requested by
Host: cdn.wendycode.com
URL: https://cdn.wendycode.com/loginfitur/firebase/login.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4d00:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
012dcbb22097f5f668861374b0e2d043c2ca792773509f5b61ef2be4fea66229
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 26 May 2024 06:36:43 GMT
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.baeflix.co
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1653
/
license.jagodesain.com/feeds/posts/summary/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://license.jagodesain.com/feeds/posts/summary/?alt=json-in-script&orderby=updated&max-results=9999&callback=checkDomainData
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
cebd4aa862397074352e8180dc771c5b5d97ee0ef57bfdfe958d63c0efbaa2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2024 05:19:10 GMT
server
blogger-renderd
etag
W/"3ade8ccaf40939a809854fd0a5828a7d09343e3c61aa9a44a4fa699f9432de17"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1799
x-xss-protection
0
expires
Sun, 26 May 2024 06:36:44 GMT
74654365494134418
www.blogger.com/feeds/3029407041777316126/posts/default/ 		89 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/feeds/3029407041777316126/posts/default/74654365494134418?alt=json-in-script&callback=checkDomainTitle
Requested by
Host: www.baeflix.co
URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1f611f661085a707aa19e3e42d364734e1f9df158ddbac0f6bc364af3990ea1
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9174
x-xss-protection
1; mode=block
last-modified
Thu, 16 May 2024 06:05:44 GMT
server
GSE
etag
W/"b29f38994c5b5d24a249775f3dc85f74c766c42ff6c2141adae2083dce91cf20"
sunset
Mon, 30 Sep 2024 23:59:59 GMT
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
link
<https://developers.google.com/blogger/docs/2.0/developers_guide>;rel="sunset";type="text/html"
expires
Sun, 26 May 2024 06:36:43 GMT
favicon.ico
www.baeflix.co/ 		4 KB
530 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.baeflix.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 06:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 25 May 2024 11:19:32 GMT
server
GSE
etag
W/"967cab606557b90d46a7f5d5c847e40910e8c2632e78091eac92d9358a3877bc"
content-type
image/x-icon
cache-control
private, max-age=86400
content-length
412
x-xss-protection
1; mode=block
expires
Sun, 26 May 2024 06:36:43 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| logOut object| cekUserLogin undefined| getUsers undefined| userName undefined| userEmail undefined| userId undefined| userPhone undefined| userProfile object| firebase object| CryptoJS function| _0x377f object| kyO object| kyT function| _0x23c79e string| jkyO string| jkyT function| loginOpen function| utf8Decode object| myMeta string| mContent string| splitmContent function| _0x4090ae function| _0xb4b9 string| contentFnsh string| usrPswKey object| email object| password object| notif object| sesiLog function| validateEmail function| inisial function| show function| loginRedirect function| loginWithGoogle function| handleUserData function| login function| forgotPassword function| sendEmailVeri function| closeAll function| Defer function| defer function| deferscript function| deferstyle function| deferiframe function| deferimg object| _0x4abc function| license_0x47ae09 function| showPopUpEror function| StatusActiveDomain function| getFeeds function| license_0x5084 function| checkDomainData function| checkDomainTitle object| inputs object| input object| license_0x1b0d17 function| license_0x79eb string| dataProduct string| databaseDomain string| triggerError string| triggerType object| saveTheme function| bookmarkLoad undefined| imgElement undefined| parentElement function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.baeflix.co/p/halaman-login-kamu.html?m=1/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wendycode.com
cdnjs.cloudflare.com
fonts.gstatic.com
license.jagodesain.com
wendy-code-user-default-rtdb.firebaseio.com
www.baeflix.co
www.blogger.com
www.younimetube.com
younimetube.com
216.239.36.21
2600:1901:0:4d00::
2606:4700::6811:190e
2a00:1450:4001:801::2013
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2009
2a06:98c1:3120::3
012dcbb22097f5f668861374b0e2d043c2ca792773509f5b61ef2be4fea66229
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
27c8c478991cf52cd563dceae8b67306769f4100ca440f0388fc116deee8922a
412d3dc1fb6c5103b175ba46ba58ccdec7a9613752983f4c5bd2c674e3a0711f
420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f
52e181a079d431ad90bef6faf248e5bdddbf301ad6fc84353413e74ee7263e4f
52fcec1d357b92304668a47e2cde88ed478b7c7a911e84ce78813434d5df267a
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
90a57fc691756f0531daf0347705e95f75c45a2b5331470fccadce80bddb6fdc
98e844b82c168f8b7d874d6cb9f1da8578d661f2216f43fb8a702f673b90d9a6
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a1f611f661085a707aa19e3e42d364734e1f9df158ddbac0f6bc364af3990ea1
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cebd4aa862397074352e8180dc771c5b5d97ee0ef57bfdfe958d63c0efbaa2be
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e