www.ib-bri-ubah.rf.gd Open in urlscan Pro
185.27.134.132  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.ib-bri-ubah.rf.gd/trilangka Page URL
2. http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	trilangka www.ib-bri-ubah.rf.gd/	215 B 463 B	124ms 52ms	Document text/html	185.27.134.132 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://www.ib-bri-ubah.rf.gd/trilangka Protocol HTTP/1.1 Server 185.27.134.132 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 11 Nov 2022 08:31:28 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request trilangka Show response www.ib-bri-ubah.rf.gd/	4 KB 4 KB	60ms 59ms	Document text/html	185.27.134.132 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka Protocol HTTP/1.1 Server 185.27.134.132 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash 52170e25e622268bff853b19c5ef3d4b3988a3271d16c9df91c76b62fdf7a2f6 Request headers Referer http://www.ib-bri-ubah.rf.gd/trilangka Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=0 Connection keep-alive Content-Length 4161 Date Fri, 11 Nov 2022 08:31:28 GMT Expires Fri, 11 Nov 2022 08:31:28 GMT Last-Modified Fri, 28 Oct 2022 03:39:04 GMT Server nginx
GET H2	200	public-6d771bb61e9a71ad172b58a99a657abe0d6acc9d2e11b6de7a07e32d009d3bdc.css d3duiou06tembb.cloudfront.net/assets/	186 KB 30 KB	210ms 67ms	Stylesheet text/css	18.64.100.231 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3duiou06tembb.cloudfront.net/assets/public-6d771bb61e9a71ad172b58a99a657abe0d6acc9d2e11b6de7a07e32d009d3bdc.css Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.100.231 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-100-231.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 6d771bb61e9a71ad172b58a99a657abe0d6acc9d2e11b6de7a07e32d009d3bdc Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 25 May 2022 02:13:36 GMT x-amz-version-id oHFMGr2EYb6a51NxXqgnQyAQrCNpRFug content-encoding gzip via 1.1 3ffa21fde24be18d36c5d5b13a622abe.cloudfront.net (CloudFront) x-amz-cf-pop TXL50-P3 age 14710673 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 26 Apr 2022 21:20:34 GMT server AmazonS3 etag W/"a11998488b1656af64bf5a991776ea2a" vary Accept-Encoding content-type text/css cache-control public, max-age=31557600 x-amz-cf-id foMYgFcLlvdUOWU_DoHiW_fvgBER2VuZdA82Qb6_Fdm71l8mcmZLfA== expires Thu, 27 Apr 2023 03:20:33 GMT
GET H2	200	images encrypted-tbn0.gstatic.com/	8 KB 8 KB	222ms 93ms	Image image/jpeg	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQTIwVq6uhCtaLxi2eKjqgn7zEGt2Tz8UEeeg&usqp=CAU Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8cea9922533a33c693d6bcfeb061b86220b6b55b617f63494e28ad8e2cd0c569 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:29 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7781 x-xss-protection 0 last-modified Mon, 28 Mar 2016 08:33:18 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sat, 11 Nov 2023 08:31:29 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	276 KB 90 KB	211ms 89ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c46d339f768c6dc429c96c95e85c7227728d806ff49742e26cf10e06185b70a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91621 x-xss-protection 0 last-modified Fri, 11 Nov 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 11 Nov 2022 08:31:29 GMT
GET H2	200	gtm.js Show response ssc.doxo.com/	172 KB 65 KB	746ms 589ms	Script application/javascript	2001:4860:4802:34::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssc.doxo.com/gtm.js?id=GTM-PPXDVKB Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 076c4d3a9309c70f89d20bf047fb26705bf24ef8db1ee7623314e12bc72002e5 Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:29 GMT content-encoding gzip via 1.1 google last-modified Fri, 11 Nov 2022 06:00:00 GMT vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control private, max-age=900 expires Fri, 11 Nov 2022 08:46:17 GMT
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	218ms 84ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 11 Nov 2022 08:31:28 GMT last-modified Wed, 09 Nov 2022 21:23:50 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F91276F5974F43A5BEA3A32E4645FCE9 Ref B: FRA31EDGE0208 Ref C: 2022-11-11T08:31:29Z etag "077538f81f4d81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 11421
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	166ms 56ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 11 Nov 2022 08:31:29 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27337 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug gKQ3StshQqiTQqYq4jYrHFKz2oRwT2DrrPg3CqeV7gE0y8dbU7eo4rVAn8lRib5bqHYanApAPvWwO0mdCDgz9Q== x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	heap-3839637385.js Show response cdn.heapanalytics.com/js/	121 KB 47 KB	308ms 157ms	Script application/javascript	13.32.27.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-3839637385.js Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-116.fra56.r.cloudfront.net Software nginx / Resource Hash 4e3fd6317d8693a6249592abc476e59470468103fac59411aa90bad069d12de0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:30:03 GMT content-encoding gzip via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop FRA56-C2 age 86 etag W/"1e3a6-LhIf8ALFP3eaLgiE15QiNA" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id Z3Kb6BWzt9MIsCQtyCgUfmHhyI4dJPa-Csy5AzWbTWvFV9xrGUJzpQ==
GET H2	200	150715232192596 Show response connect.facebook.net/signals/config/	293 KB 85 KB	172ms 171ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/150715232192596?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5102336d64507478904de8804b885b4be8f63b89154f053f25eddad6da40ad37 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 11 Nov 2022 08:31:29 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug nmiIXGoecMTJ2FFAEIFqSy59H5HTdapr146i9EXtHAzlpdn64575I0LjjP1hUFC+Ssw7Kuc3TuxU60V3PchJDQ== x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	5772357.js Show response bat.bing.com/p/action/	0 120 B	187ms 187ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5772357.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Fri, 11 Nov 2022 08:31:29 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 04CBB59DAAD040D797C6CE6D71CC847D Ref B: FRA31EDGE0208 Ref C: 2022-11-11T08:31:29Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 176 B	83ms 83ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5772357&tm=gtm002&Ver=2&mid=1cf1a086-c823-43c1-a825-d2fb991328ed&sid=3d648010619b11ed8d1059d74c1c31f9&vid=3d649910619b11ed9a490d676958e2a3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&r=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&lt=303&evt=pageLoad&sv=1&rn=684779 Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 11 Nov 2022 08:31:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6606C75EC7EA46608FB91142D8D85966 Ref B: FRA31EDGE0208 Ref C: 2022-11-11T08:31:29Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	telemetry heapanalytics.com/api/	37 B 259 B	431ms 138ms	Image image/gif	3.231.52.38 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1668155489765&hv=4.19.0 Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-52-38.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 11 Nov 2022 08:31:30 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H2	200	/ www.facebook.com/tr/	0 185 B	178ms 59ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=150715232192596&ev=PageView&dl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&rl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&if=false&ts=1668155489864&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668155489863.1381097156&it=1668155489601&coo=false&rqm=GET Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 11 Nov 2022 08:31:30 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	js Show response gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/	212 KB 85 KB	333ms 185ms	Script application/javascript	2a00:1450:4001:831::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=89bb906e5e2420df5297787cc2a57e823ea7247e85c8506e7133935c8afc5971_20221111 Requested by Host: ssc.doxo.com URL: https://ssc.doxo.com/gtm.js?id=GTM-PPXDVKB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 3bcc503dbd4512e6d94f7f71585ef5908d56946a584c9dfdc49954c79d1335dc Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:30 GMT content-encoding gzip via 1.1 google vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control private, max-age=900 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 11 Nov 2022 08:45:53 GMT
GET H2	200	telemetry heapanalytics.com/api/	37 B 258 B	138ms 138ms	Image image/gif	3.231.52.38 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1668155489777&hv=4.19.0 Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-52-38.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 11 Nov 2022 08:31:30 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H3	200	collect Show response gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/	65 B 112 B	298ms 181ms	XHR text/plain	2a00:1450:4001:831::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/collect?v=2&tid=G-ZZSLRJ4F63&gtm=2reb90&_p=1804932248&cid=239495628.1668155490&ul=en-us&sr=1600x1200&_fplc=0&_s=1&sid=1668155490&sct=1&seg=0&dl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&dr=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&richsstsse Requested by Host: gtm-npwhfxw-ytmxz.uc.r.appspot.com URL: https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=89bb906e5e2420df5297787cc2a57e823ea7247e85c8506e7133935c8afc5971_20221111 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:30 GMT content-encoding gzip x-content-type-options nosniff via 1.1 google vary Accept-Encoding content-type text/plain access-control-allow-origin http://www.ib-bri-ubah.rf.gd cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	s.js Show response cdn.siftscience.com/	61 KB 20 KB	204ms 57ms	Script application/javascript	34.96.67.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.siftscience.com/s.js Requested by Host: www.ib-bri-ubah.rf.gd URL: http://www.ib-bri-ubah.rf.gd/trilangka?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.67.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 21:07:45 GMT content-encoding gzip age 41025 x-guploader-uploadid ADPycdsz53k-_omgB_GuFqq1eSiAyHcMIYcELE2UCYM9mx5aTRo4F7eTtNEQA6q0pNAWKFkB4JzpYlFqcFpKnVBVNmINZw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20452 last-modified Thu, 09 Apr 2020 21:59:13 GMT server UploadServer etag "07cb8203158abb26b3c18318350e7b36" vary Accept-Encoding x-goog-generation 1586469553682331 x-goog-hash crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng== content-type application/javascript cache-control public, max-age=86400 x-goog-stored-content-length 20452 accept-ranges bytes expires Fri, 11 Nov 2022 21:07:45 GMT
GET H2	200	617673.gif hexagon-analytics.com/images/	43 B 297 B	317ms 161ms	Image image/gif	34.102.232.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hexagon-analytics.com/images/617673.gif?bk=ccc37b4619&tm=27&r=111106854&v=105&cs=UTF-8&h=www.ib-bri-ubah.rf.gd&l=en-US&S=b5565d0890ae7bec733d8c5cea2da8ff&uu=55ee922383bb4e536b209b68f541849&t=&u=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&rf=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.232.102.34.bc.googleusercontent.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 11 Nov 2022 08:31:30 GMT via 1.1 google x-content-type-options nosniff server nginx content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	collect Show response gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/	65 B 110 B	176ms 175ms	XHR text/plain	2a00:1450:4001:831::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/collect?v=2&tid=G-ZZSLRJ4F63&gtm=2reb90&_p=1804932248&cid=239495628.1668155490&ul=en-us&sr=1600x1200&_fplc=0&_s=2&sid=1668155490&sct=1&seg=0&dl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&dr=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&dt=&en=scroll&epn.percent_scrolled=90&_et=8&richsstsse Requested by Host: gtm-npwhfxw-ytmxz.uc.r.appspot.com URL: https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=89bb906e5e2420df5297787cc2a57e823ea7247e85c8506e7133935c8afc5971_20221111 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 08:31:31 GMT content-encoding gzip x-content-type-options nosniff via 1.1 google vary Accept-Encoding content-type text/plain access-control-allow-origin http://www.ib-bri-ubah.rf.gd cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	/ www.facebook.com/tr/	0 18 B	118ms 58ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=150715232192596&ev=Microdata&dl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%3Fi%3D1&rl=http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka&if=false&ts=1668155491366&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668155489863.1381097156&it=1668155489601&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer http://www.ib-bri-ubah.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 11 Nov 2022 08:31:31 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| _sift number| waktu object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| heap function| UET function| UET_init function| UET_push object| ueto_b147590382 object| uetq function| onYouTubeIframeAPIReady object| gaGlobal function| __siftFlashCB undefined| Sift object| PluginDetect

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ib-bri-ubah.rf.gd/	1970-01-20 16:58:35	Name: _test Value: 6564ce0205f46fe335354b0e05fa0a6e
			.rf.gd/	1970-01-20 09:32:11	Name: _gcl_au Value: 1.1.949602926.1668155489
			.bing.com/	1970-01-20 16:44:11	Name: MUID Value: 0A234D0475F6676A23915F5D747D66E7
			.rf.gd/	1970-01-20 07:24:01	Name: _uetsid Value: 3d648010619b11ed8d1059d74c1c31f9
			.rf.gd/	1970-01-20 16:44:11	Name: _uetvid Value: 3d649910619b11ed9a490d676958e2a3
			.rf.gd/	1970-01-20 16:50:33	Name: _hp2_props.3839637385 Value: %7B%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36%22%7D
			.rf.gd/	1970-01-20 16:50:33	Name: _hp2_id.3839637385 Value: %7B%22userId%22%3A%222308233540567563%22%2C%22pageviewId%22%3A%227145118353461947%22%2C%22sessionId%22%3A%225653117738596867%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.rf.gd/	1970-01-20 07:22:37	Name: _hp2_ses_props.3839637385 Value: %7B%22z%22%3A0%2C%22r%22%3A%22http%3A%2F%2Fwww.ib-bri-ubah.rf.gd%2Ftrilangka%22%2C%22ts%22%3A1668155489775%2C%22d%22%3A%22www.ib-bri-ubah.rf.gd%22%2C%22h%22%3A%22%2Ftrilangka%22%2C%22q%22%3A%22%3Fi%3D1%22%7D
			.rf.gd/	1970-01-20 09:32:11	Name: _fbp Value: fb.1.1668155489863.1381097156
			.rf.gd/	1970-01-20 16:58:35	Name: _ga_ZZSLRJ4F63 Value: GS1.1.1668155490.1.0.1668155490.0.0.0
			.rf.gd/	1970-01-20 16:58:35	Name: _ga Value: GA1.1.239495628.1668155490

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.heapanalytics.com
cdn.siftscience.com
connect.facebook.net
d3duiou06tembb.cloudfront.net
encrypted-tbn0.gstatic.com
gtm-npwhfxw-ytmxz.uc.r.appspot.com
heapanalytics.com
hexagon-analytics.com
ssc.doxo.com
www.facebook.com
www.googletagmanager.com
www.ib-bri-ubah.rf.gd
13.32.27.116
18.64.100.231
185.27.134.132
2001:4860:4802:34::15
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2014
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.231.52.38
34.102.232.42
34.96.67.224
076c4d3a9309c70f89d20bf047fb26705bf24ef8db1ee7623314e12bc72002e5
3bcc503dbd4512e6d94f7f71585ef5908d56946a584c9dfdc49954c79d1335dc
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4e3fd6317d8693a6249592abc476e59470468103fac59411aa90bad069d12de0
5102336d64507478904de8804b885b4be8f63b89154f053f25eddad6da40ad37
52170e25e622268bff853b19c5ef3d4b3988a3271d16c9df91c76b62fdf7a2f6
6d771bb61e9a71ad172b58a99a657abe0d6acc9d2e11b6de7a07e32d009d3bdc
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
8cea9922533a33c693d6bcfeb061b86220b6b55b617f63494e28ad8e2cd0c569
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c46d339f768c6dc429c96c95e85c7227728d806ff49742e26cf10e06185b70a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143