Submitted URL: http://envision-bc.com/
Effective URL: https://thankyoubasedball.com/
Submission: On May 14 via api from BE — Scanned from DE

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 8.215.4.52, located in Jakarta, Indonesia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is thankyoubasedball.com.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time thankyoubasedball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 8.215.4.52 45102 (ALIBABA-C...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
10 151.101.128.237 54113 (FASTLY)
7 151.101.192.238 54113 (FASTLY)
3 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
32 8
Apex Domain
Subdomains
Transfer
15 squarespace.com
assets.squarespace.com — Cisco Umbrella Rank: 6488
static1.squarespace.com — Cisco Umbrella Rank: 6228
1 MB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 448
p.typekit.net — Cisco Umbrella Rank: 565
82 KB
4 thankyoubasedball.com
thankyoubasedball.com
25 KB
3 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2449
19 KB
2 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 5314
63 KB
2 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
899 B
1 envision-bc.com
envision-bc.com
446 B
32 8
Domain Requested by
10 assets.squarespace.com thankyoubasedball.com
5 static1.squarespace.com thankyoubasedball.com
static1.squarespace.com
5 use.typekit.net thankyoubasedball.com
4 thankyoubasedball.com 1 redirects
3 res.cloudinary.com thankyoubasedball.com
2 images.squarespace-cdn.com thankyoubasedball.com
2 fonts.gstatic.com fonts.googleapis.com
1 p.typekit.net
1 fonts.googleapis.com thankyoubasedball.com
1 envision-bc.com 1 redirects
32 10
Subject Issuer Validity Valid
thankyoubasedball.com
R3
2024-04-15 -
2024-07-14
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.squarespace.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-09 -
2025-02-28
a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-18 -
2025-01-13
a year crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.squarespace-cdn.com
R3
2024-03-31 -
2024-06-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://thankyoubasedball.com/
Frame ID: 556CF797996EDE47A87F7FAEB3B0455E
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

Joker123 motobola login joker388 daftar panduan joker terbaru

Page URL History Show full URLs

  1. http://envision-bc.com/ HTTP 307
    https://envision-bc.com/ HTTP 301
    https://thankyoubasedball.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

32
Requests

97 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

1418 kB
Transfer

6166 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://envision-bc.com/ HTTP 307
    https://envision-bc.com/ HTTP 301
    https://thankyoubasedball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://thankyoubasedball.com/api/census/RecordHit HTTP 302
  • https://thankyoubasedball.com/

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thankyoubasedball.com/
Redirect Chain
  • http://envision-bc.com/
  • https://envision-bc.com/
  • https://thankyoubasedball.com/
90 KB
17 KB
Document
General
Full URL
https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.215.4.52 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce783e8efe8541ee939aa1ca47f55a4a6429cddcf1130861091a8b308dfc9f47

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 14 May 2024 09:59:18 GMT
etag
W/"663c204e-1664f"
last-modified
Thu, 09 May 2024 01:01:02 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

cache-control
max-age=3600
cf-ray
883a08dec8350493-FRA
content-length
167
content-type
text/html
date
Tue, 14 May 2024 09:59:17 GMT
expires
Tue, 14 May 2024 10:59:17 GMT
location
https://thankyoubasedball.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWagJylyypxaK3JV44Z4l6Ush%2FMkwbYbi%2FwiZyCWQRyrBcEuGPZTHGW5KsfDE8twDuA8HbsUUdj609lm3i9yrWSzjLt2Z6uTmK7CRiD7xSsCIHbkCQs5%2B8%2BeIM0wppq0PWfhzfmYKGzHiFtLsqM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
F-JaVSrVhdocrL55dLLuHzlXJ8dXCxxXaV6lH9UAIn6fecGJXnX1IyvhF2jtFRZLFRjkZAIhjAjawRs8Fhwh5QJow2IDjDMDe6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMd2F0nIe.js
use.typekit.net/ik/
17 KB
7 KB
Script
General
Full URL
https://use.typekit.net/ik/F-JaVSrVhdocrL55dLLuHzlXJ8dXCxxXaV6lH9UAIn6fecGJXnX1IyvhF2jtFRZLFRjkZAIhjAjawRs8Fhwh5QJow2IDjDMDe6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMd2F0nIe.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f1e7a3c91c1352329d07dfa3857cdc564361d2e578b248ee0299553f34d4a60d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 14 May 2024 09:59:19 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6678
css2
fonts.googleapis.com/
4 KB
899 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 09:53:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 09:59:19 GMT
modern.js
assets.squarespace.com/@sqs/polyfiller/1.6/
115 KB
42 KB
Script
General
Full URL
https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
78971, 114062
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3368214
x-cache
HIT, HIT
content-length
42447
x-served-by
cache-iad-kcgs7200042-IAD, cache-fra-etou8220095-FRA
last-modified
Mon, 31 Oct 2022 21:19:57 GMT
server
UploadServer
x-timer
S1715680759.311088,VS0,VE0
etag
"fe0d53a94823df972dbf107bf190771a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:49:35 GMT
extract-css-runtime-636a7f62d2801ca9807b-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
43 KB
19 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-636a7f62d2801ca9807b-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f38a557a3c0ee4d6084db63c822ad9bf6c5471a7c0724eac66a0e41d87cf2566

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
8
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish
age
571959
x-cache
HIT
fastly-restarts
1
content-length
19329
x-served-by
cache-fra-etou8220095-FRA
last-modified
Fri, 26 Apr 2024 19:15:10 GMT
server
UploadServer
x-timer
S1715680759.344896,VS0,VE1
etag
"eb26c644f5ed32941ad9c68e84526c37"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 May 2025 19:06:40 GMT
extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
1 MB
126 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26406777f9af4ddc05d094cad0ff9015cdbbfb393b13678e676d3a4a6292c5d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
109060
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish
age
1591242
x-cache
HIT
fastly-restarts
1
content-length
128743
x-served-by
cache-fra-etou8220095-FRA
last-modified
Thu, 07 Mar 2024 16:08:11 GMT
server
UploadServer
x-timer
S1715680759.310433,VS0,VE0
etag
"fbe43b1f7f944c9fde759ab090f61c42"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 21:39:36 GMT
cldr-resource-pack-e94539391642d3b99900-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
88 KB
15 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-e94539391642d3b99900-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f36a7154507349d2e76810431cd793df20299bfc41d68d3800f67474c2b9bff1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
50828, 94605
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
3298761
x-cache
HIT, HIT
content-length
15116
x-served-by
cache-iad-kjyo7100096-IAD, cache-fra-etou8220095-FRA
last-modified
Mon, 01 Apr 2024 17:10:59 GMT
server
UploadServer
x-timer
S1715680759.311086,VS0,VE0
etag
"463b7225c489e3334db2b2ad3709c29d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Apr 2025 00:43:49 GMT
common-vendors-stable-70736932c490ae0713e6-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
240 KB
80 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-70736932c490ae0713e6-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8b59983709a1c98a6354ee69626d3ec51cc9838fd0f4ff00ba579976a0e9a1e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
82
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish
age
1005936
x-cache
HIT
fastly-restarts
1
content-length
81928
x-served-by
cache-fra-etou8220095-FRA
last-modified
Mon, 22 Apr 2024 16:22:58 GMT
server
UploadServer
x-timer
S1715680759.310931,VS0,VE1
etag
"c86c744fbda9abd9505a1bfc08449f31"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 May 2025 18:33:43 GMT
common-vendors-24ffb21b424f235e16e6-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
637 KB
190 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-24ffb21b424f235e16e6-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b51dc9c61861344dbc38acd3448185a8a49e9b5c40597c981aee7a6bf4b43920

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1937
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish
age
1781434
x-cache
HIT
fastly-restarts
1
content-length
193839
x-served-by
cache-fra-etou8220095-FRA
last-modified
Tue, 23 Apr 2024 17:56:05 GMT
server
UploadServer
x-timer
S1715680759.310824,VS0,VE2
etag
"98edb4afaf524e5fbd64cb45746b1881"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Apr 2025 10:22:29 GMT
common-5c2b5c9b1687bfe753f6-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
2 MB
490 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-5c2b5c9b1687bfe753f6-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f3d4dc506f7f503140a9748f0b50533956ae7a8ce00b627ba807a92aafbfaf6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1864
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
via
1.1 varnish
age
1603747
x-cache
HIT
fastly-restarts
1
content-length
501134
x-served-by
cache-fra-etou8220095-FRA
last-modified
Thu, 25 Apr 2024 17:52:14 GMT
server
UploadServer
x-timer
S1715680759.310799,VS0,VE1
etag
"e7c44d91d653dd7751bca0778cb87667"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Apr 2025 21:30:29 GMT
user-account-core-8b0fefb72e22442b906c-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
221 KB
63 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/user-account-core-8b0fefb72e22442b906c-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8089a97df64830ace2c798c97c58c1adfdb6d499f2041a7062493feb026e1141

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
28, 0
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
1623191
x-cache
HIT, HIT
content-length
63833
x-served-by
cache-iad-kjyo7100099-IAD, cache-fra-etou8220095-FRA
last-modified
Thu, 25 Apr 2024 13:18:21 GMT
server
UploadServer
x-timer
S1715680759.310518,VS0,VE1
etag
"e28b9ace7d138fb070472704ec210960"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Apr 2025 15:06:08 GMT
user-account-core-e84acd73aa5ee3fcd4ad-min.en-US.css
assets.squarespace.com/universal/styles-compressed/
2 KB
1 KB
Stylesheet
General
Full URL
https://assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.en-US.css
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c2e422e878be9b36ef882954b8755356d1989b72062807d9e363977e372ddf0c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5, 8379
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
5848332
x-cache
HIT, HIT
content-length
782
x-served-by
cache-iad-kiad7000073-IAD, cache-fra-etou8220020-FRA
last-modified
Thu, 07 Mar 2024 17:15:42 GMT
server
UploadServer
x-timer
S1715680759.042320,VS0,VE0
etag
"a6e7a0f3dd18584b64b5a85365865103"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 17:27:07 GMT
performance-1954d7801b9fe28cb073-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/
40 KB
12 KB
Script
General
Full URL
https://assets.squarespace.com/universal/scripts-compressed/performance-1954d7801b9fe28cb073-min.en-US.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f2923f9afb660d7bb4f2d1d280f4d3f9af268bb1bb4837f0e4fc61c02058eadf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
6, 0
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
1874875
x-cache
HIT, HIT
content-length
11871
x-served-by
cache-iad-kiad7000046-IAD, cache-fra-etou8220095-FRA
last-modified
Mon, 22 Apr 2024 16:22:14 GMT
server
UploadServer
x-timer
S1715680759.310490,VS0,VE1
etag
"f7e21781a88096eac91bc57afcb71ba5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Apr 2025 17:11:24 GMT
site.css
static1.squarespace.com/static/versioned-site-css/662ea6af724e7c6929013c03/1/5c5a519771c10ba3470d8101/662ea6af724e7c6929013c0b/1519/
1 MB
116 KB
Stylesheet
General
Full URL
https://static1.squarespace.com/static/versioned-site-css/662ea6af724e7c6929013c03/1/5c5a519771c10ba3470d8101/662ea6af724e7c6929013c0b/1519/site.css
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
51ca43215269d3833b7f8866edc0bce44aa51ff25f647c979e1e596d2c69bcb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2, 0
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
739902
x-cache
HIT, HIT
x-contextid
63LeZnLA/xeOcxfpn
content-length
118374
x-served-by
cache-dfw-kdal2120113-DFW, cache-fra-etou8220101-FRA
pragma
cache
server
Squarespace
x-timer
S1715680759.027208,VS0,VE1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1712772943022-RISL5OTW906SEOCXSNEC/
198 KB
15 KB
Stylesheet
General
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1712772943022-RISL5OTW906SEOCXSNEC/static.css
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
6df71ff67b2b7f85cb62150804a19ed100e744e8cef610e202f6a08bd49a35cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4239, 8
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
488614
x-cache
HIT, HIT
x-contextid
uUu8rlP4/j3opUIUr
content-length
15477
x-served-by
cache-dfw-kdal2120114-DFW, cache-fra-etou8220101-FRA
pragma
cache
server
Squarespace
x-timer
S1715680759.027199,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
wa_motobolapoker_ss1pcj.webp
res.cloudinary.com/dqip6u9nr/image/upload/v1629587633/
3 KB
4 KB
Image
General
Full URL
https://res.cloudinary.com/dqip6u9nr/image/upload/v1629587633/wa_motobolapoker_ss1pcj.webp
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f500:499::523 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fca36acca616f53333a31a29b6335cfd69522f2fd9fc7c607e76302ae439a0a5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 21 Aug 2021 23:13:54 GMT
server
Cloudinary
etag
"e7b4eec1bab53cf3bafefda39c25778b"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
content-disposition
inline; filename="wa_motobolapoker_ss1pcj.webp"
server-timing
cld-akam;dur=30;start=2024-05-14T09:59:19.100Z;desc=miss,rtt;dur=44,content-info;desc="width=319,height=92,owidth=319,oheight=92,obytes=3142",cloudinary;dur=59;start=2024-05-14T01:50:56.174Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3142
livechat_ok_suj1se.webp
res.cloudinary.com/dqip6u9nr/image/upload/v1629587650/
4 KB
5 KB
Image
General
Full URL
https://res.cloudinary.com/dqip6u9nr/image/upload/v1629587650/livechat_ok_suj1se.webp
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f500:499::523 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
db8a716c37f48ff990a3b04899625fb453a4ecb33bd5c2826ea473eb3aff7042
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 21 Aug 2021 23:14:11 GMT
server
Cloudinary
etag
"5aea3bd3759ca64ad7ff02d0acb1a733"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
content-disposition
inline; filename="livechat_ok_suj1se.webp"
server-timing
cld-akam;dur=30;start=2024-05-14T09:59:19.098Z;desc=miss,rtt;dur=44,content-info;desc="width=474,height=106,owidth=474,oheight=106,obytes=4190",cloudinary;dur=59;start=2024-05-14T06:49:07.245Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4190
livechat_joker123_motobola_k8lqyo.jpg
res.cloudinary.com/dqip6u9nr/image/upload/v1654992423/
10 KB
11 KB
Image
General
Full URL
https://res.cloudinary.com/dqip6u9nr/image/upload/v1654992423/livechat_joker123_motobola_k8lqyo.jpg
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f500:499::523 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4e025f1adf9f1d3f009c4bb46308f1421bf2cc731542aad14616f6f6f7180694
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 12 Jun 2022 00:07:04 GMT
server
Cloudinary
etag
"11ed2479a8639daa460a6d93424ed133"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
cld-akam;dur=331;cpu=215;start=2024-05-14T09:59:19.230Z;desc=miss,rtt;dur=44,content-info;desc="width=268,height=193,owidth=268,oheight=193,obytes=10633",cloudinary;dur=15;start=2024-05-14T09:59:19.498Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10633
site-bundle.c60096393cff060396b454574afa2699.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/
176 KB
43 KB
Script
General
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
fbe06d8b09c06e1556171bd359b09c01a8a8e167d148ed942ad0ede0c69da950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
29, 1
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
403549
x-cache
HIT, HIT
x-contextid
rPxmGL4J/Eg2hRFNK
content-length
43913
x-served-by
cache-dfw-kdal2120101-DFW, cache-fra-etou8220101-FRA
pragma
cache
server
Squarespace
x-timer
S1715680759.270112,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 20:31:45 GMT
x-content-type-options
nosniff
age
48454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 20:31:45 GMT
l
use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/l?subset_id=2&fvd=n5&v=3
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
server
nginx
etag
"7fe86a8b0e0aad464390eb5e39aa627a47e9886d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18988
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 10:16:38 GMT
x-content-type-options
nosniff
age
258161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 10:16:38 GMT
joker123+motobola.jpeg
images.squarespace-cdn.com/content/v1/662ea6af724e7c6929013c03/2df02766-8c0a-444c-809e-fe3fe0488cd2/
18 KB
18 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/662ea6af724e7c6929013c03/2df02766-8c0a-444c-809e-fe3fe0488cd2/joker123+motobola.jpeg?format=1000w
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2af00116ba12a8b17c73f5d9e182a7fc3d999823d5fb6fad4c75fdc32f1301d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
18, 0
date
Tue, 14 May 2024 09:59:19 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
1129330
x-cache
HIT, HIT
content-length
18255
x-served-by
cache-iad-kiad7000120-IAD, cache-fra-etou8220129-FRA
x-sqsp-accepted-scopes
EDITOR
x-timer
S1715680759.399072,VS0,VE1
etag
COSps47W5YUDEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
false
tracepoint
Fastly
daftar+joker123.gif
images.squarespace-cdn.com/content/v1/662ea6af724e7c6929013c03/e5c222da-f6dd-432e-872b-5a72a0891128/
44 KB
45 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/662ea6af724e7c6929013c03/e5c222da-f6dd-432e-872b-5a72a0891128/daftar+joker123.gif?format=500w
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b528563aafd6d5a5f619450a88e28a9a803013815141f4c743044c21e689fba

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
6, 0
date
Tue, 14 May 2024 09:59:19 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
599774
x-cache
HIT, HIT
content-length
45251
x-served-by
cache-iad-kjyo7100029-IAD, cache-fra-etou8220129-FRA
x-sqsp-accepted-scopes
EDITOR
x-timer
S1715680759.399085,VS0,VE1
etag
COew3e7X5YUDEAE=
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
false
tracepoint
Fastly
l
use.typekit.net/af/18be85/00000000000000003b9acaf9/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/18be85/00000000000000003b9acaf9/27/l?subset_id=2&fvd=i5&v=3
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
server
nginx
etag
"d0a93708ec00980f9301c2d7a46d3c7529a435ea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19668
user-account-link.442bb447da0554efe052.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/
907 B
633 B
Script
General
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/user-account-link.442bb447da0554efe052.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
98ff66bd3191695df31dd3f0f372a6d075eae5163551a6411c29c439b4b4925b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4834, 926
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
840457
x-cache
HIT, HIT
x-contextid
x7ymHM0N/P6gKaJs0
content-length
497
x-served-by
cache-dfw-kdfw8210169-DFW, cache-fra-etou8220101-FRA
pragma
cache
server
Squarespace
x-timer
S1715680760.776400,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
l
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
server
nginx
etag
"97b7c9f4f56c2074bd1fb9bdecb230e994c98ff6"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18700
l
use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: thankyoubasedball.com
URL: https://thankyoubasedball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Origin
https://thankyoubasedball.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:19 GMT
server
nginx
etag
"de8a8ae419ea5ddbea36a8436e0fcd851e5ef998"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19180
/
thankyoubasedball.com/
Redirect Chain
  • https://thankyoubasedball.com/api/census/RecordHit
  • https://thankyoubasedball.com/
90 KB
0
XHR
General
Full URL
https://thankyoubasedball.com/
Protocol
H2
Server
8.215.4.52 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce783e8efe8541ee939aa1ca47f55a4a6429cddcf1130861091a8b308dfc9f47

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thankyoubasedball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 09:59:18 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 01:01:02 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"663c204e-1664f"
vary
Accept-Encoding
content-type
text/html

Redirect headers

location
https://thankyoubasedball.com/
date
Tue, 14 May 2024 09:59:19 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
154
content-type
text/html
floating-cart.4814fbbf54a92e38c18f.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/
451 B
608 B
Script
General
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
46, 12502
date
Tue, 14 May 2024 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
492113
x-cache
HIT, HIT
x-contextid
UknGNOw0/VycD0AHc
content-length
302
x-served-by
cache-dfw-kdfw8210096-DFW, cache-fra-etou8220101-FRA
pragma
cache
server
Squarespace
x-timer
S1715680760.850679,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
p.gif
p.typekit.net/
35 B
205 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=2&k=646866_662ea6af724e7c6929013c03&ht=tk&h=thankyoubasedball.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1715680759884
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thankyoubasedball.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:20 GMT
last-modified
Sun, 14 Jan 2024 12:45:14 GMT
server
nginx
etag
"65a3d75a-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
favicon.jpeg
thankyoubasedball.com/assets/
7 KB
8 KB
Other
General
Full URL
https://thankyoubasedball.com/assets/favicon.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.215.4.52 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c7ee38b91ff0548513916979b13791df1c02478c9b6ff6e59f35afe568f78f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform-version
"10.0.0"
Referer
https://thankyoubasedball.com/
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 09:59:20 GMT
last-modified
Mon, 29 Apr 2024 00:26:42 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"662ee942-1d77"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7543
expires
Thu, 13 Jun 2024 09:59:20 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Typekit object| SQUARESPACE_ROLLUPS object| Static object| webpackChunk_sqs_polyfiller object| webpackChunkextract_css object| SQUARESPACE_I18N object| YUI_CONFIG function| YUI function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn function| __addDisposableResource function| __disposeResources object| regeneratorRuntime function| _ object| core object| __sqsWebGL object| websiteComponents function| Common boolean| COMMON_ALREADY_RAN function| noop object| Singleton object| Class object| Squarespace object| SquarespaceFonts function| clearImmediate function| setImmediate object| UserAccountApi object| webpackChunknew_bedford_framework object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween string| id

2 Cookies

Domain/Path Name / Value
thankyoubasedball.com/ Name: ss_cvr
Value: 7a820c3d-8064-4b10-984d-a10690e24898|1715680759802|1715680759802|1715680759802|1
thankyoubasedball.com/ Name: ss_cvt
Value: 1715680759802

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
envision-bc.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
p.typekit.net
res.cloudinary.com
static1.squarespace.com
thankyoubasedball.com
use.typekit.net
151.101.128.237
151.101.192.238
2606:4700:3033::6815:4957
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a02:26f0:3500:16::215:1486
2a02:26f0:780::210:a469
2a02:26f0:f500:499::523
8.215.4.52
0b528563aafd6d5a5f619450a88e28a9a803013815141f4c743044c21e689fba
26406777f9af4ddc05d094cad0ff9015cdbbfb393b13678e676d3a4a6292c5d8
3c7ee38b91ff0548513916979b13791df1c02478c9b6ff6e59f35afe568f78f0
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
4e025f1adf9f1d3f009c4bb46308f1421bf2cc731542aad14616f6f6f7180694
4f3d4dc506f7f503140a9748f0b50533956ae7a8ce00b627ba807a92aafbfaf6
51ca43215269d3833b7f8866edc0bce44aa51ff25f647c979e1e596d2c69bcb7
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
6df71ff67b2b7f85cb62150804a19ed100e744e8cef610e202f6a08bd49a35cd
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
8089a97df64830ace2c798c97c58c1adfdb6d499f2041a7062493feb026e1141
841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507
8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8
8b59983709a1c98a6354ee69626d3ec51cc9838fd0f4ff00ba579976a0e9a1e1
98ff66bd3191695df31dd3f0f372a6d075eae5163551a6411c29c439b4b4925b
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b51dc9c61861344dbc38acd3448185a8a49e9b5c40597c981aee7a6bf4b43920
c2e422e878be9b36ef882954b8755356d1989b72062807d9e363977e372ddf0c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce783e8efe8541ee939aa1ca47f55a4a6429cddcf1130861091a8b308dfc9f47
db8a716c37f48ff990a3b04899625fb453a4ecb33bd5c2826ea473eb3aff7042
ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239
f1e7a3c91c1352329d07dfa3857cdc564361d2e578b248ee0299553f34d4a60d
f2923f9afb660d7bb4f2d1d280f4d3f9af268bb1bb4837f0e4fc61c02058eadf
f2af00116ba12a8b17c73f5d9e182a7fc3d999823d5fb6fad4c75fdc32f1301d
f36a7154507349d2e76810431cd793df20299bfc41d68d3800f67474c2b9bff1
f38a557a3c0ee4d6084db63c822ad9bf6c5471a7c0724eac66a0e41d87cf2566
fbe06d8b09c06e1556171bd359b09c01a8a8e167d148ed942ad0ede0c69da950
fca36acca616f53333a31a29b6335cfd69522f2fd9fc7c607e76302ae439a0a5