nusan138.pw Open in urlscan Pro
109.110.188.79  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nusan138.pw/	64 KB 12 KB	1295ms 418ms	Document text/html	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 50d1e418af45c06f7e9fd5f99607b63135df5c5ad5d5c8839c4e58bb177d0d95 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-length 12061 content-type text/html; charset=UTF-8 date Thu, 15 Aug 2024 05:42:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	130 KB 50 KB	141ms 49ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id= Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d5c20b035e1d541514828d85e0d04b95bd6f2759abc10aeeb95d51a1fea06b0a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50584 x-xss-protection 0 last-modified Thu, 15 Aug 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Aug 2024 05:42:10 GMT
GET H2	200	20240721_064821_(1)[1].gif geblekbet.xyz/upload/	682 KB 682 KB	2327ms 283ms	Image image/gif	103.59.160.21 IDNIC-PGSS-AS-ID ...
General Check archive.org Show headers Download Go to Show image Full URL https://geblekbet.xyz/upload/20240721_064821_(1)[1].gif Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.59.160.21 , Indonesia, ASN150493 (IDNIC-PGSS-AS-ID PT Gunung Sedayu Sentosa, ID), Reverse DNS berkah.servercepat.net Software LiteSpeed / Resource Hash 327fe1b3aebb9e8385f70c4454e3b48ba51c08a8d34a0f5c3960bcb70799de52 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:12 GMT last-modified Fri, 09 Aug 2024 15:39:15 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 698209 expires Thu, 22 Aug 2024 05:42:12 GMT
GET		fa-solid-900.woff2 peta777kik.com/themes/default/font/font-awesome/webfonts/	0 0
GET		fa-brands-400.woff2 peta777kik.com/themes/default/font/font-awesome/webfonts/	0 0
GET H3	200	global.css peta777kik.com/themes/default/css/	196 KB 32 KB	1079ms 999ms	Stylesheet text/css	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peta777kik.com/themes/default/css/global.css Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de0573afedf9277d5ab52062151762072a39d5c7968fff90a03ec35c86583b11 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 24 Sep 2023 04:01:46 GMT server cloudflare etag W/"30e62-650fb4aa-bb801;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gG7YvfIi2TgSqUq6TnAdFh2%2FYmwbl9mDiLvvFOtZAt1rkgGQSMw%2FbuhSb53vxvTl6mbq8Eoxat0ktFn3jtH3wb6EtJxpi2h%2FqX9Lg0qxIe57j%2FVVWeaoPH66QfhmKdYzpQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 8b36dc1c1ebd8fe2-FRA expires Thu, 22 Aug 2024 05:42:11 GMT
GET H3	200	all.min.css peta777kik.com/themes/default/font/font-awesome/css/	58 KB 13 KB	859ms 779ms	Stylesheet text/css	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peta777kik.com/themes/default/font/font-awesome/css/all.min.css Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 22 Jun 2022 06:22:21 GMT server cloudflare etag W/"e7d0-62b2b51d-bdc4c;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zD92CRfU%2BGRjEunIIIxWEQhEDOG2RzSP4%2BK2IIPD9uxuRCxdD8tDqSEnv%2B3rip21HfW0h1%2FnMIOItFVqzvy%2BP2ch7B025TTDaMZITFzqWMpfoF4Q4WxDdHd6bBpkeGmkFw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 8b36dc1c1ebc8fe2-FRA expires Thu, 22 Aug 2024 05:42:11 GMT
GET H3	200	style.css peta777kik.com/custom/css/	155 KB 21 KB	1101ms 1035ms	Stylesheet text/css	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peta777kik.com/custom/css/style.css Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf5d38ca89bc7f78515c4428cfe1fb29a4b489a3590fc11b4ca28335b475b8a1 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 24 Jul 2023 08:43:56 GMT server cloudflare etag W/"26af4-64be39cc-7d128;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8Jp0YRaZbA%2Fgy6TYmGNcntjl%2B2fbgoc%2FO2o%2BrmERIsa7%2BEyQjMYRl7qM17ZsREKh7%2FkQqBRr9mpd8KVSyJwqIqCzqnKk5FuW7jBdei1qBNeaLnZOT9aciz5V6gbjTm%2B3g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 8b36dc1c1ebb8fe2-FRA expires Thu, 22 Aug 2024 05:42:11 GMT
GET H3	200	custom.css peta777kik.com/themes/default/sass/	25 KB 6 KB	831ms 764ms	Stylesheet text/css	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peta777kik.com/themes/default/sass/custom.css?v=2.0.1791 Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77f1d45d7b8572868528c0be3f774c36891b2728ceb6fbf66b66651c14a74973 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 01 Aug 2024 07:07:56 GMT server cloudflare etag W/"6269-66ab344c-bb8e2;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9XfXUE%2BtQ2zWyo6zpFIUpsV4pXAaEQ7ovi1W70Lb3xoubGKNz1GUr2Fwhf33IBcyxYgbpDkW4zggIFtLPnRPVHoIZXXG%2FclFiTqn3K0TKgFcV%2F%2BZYTYPe8oVQoIBbhM4g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 8b36dc1c1eb98fe2-FRA expires Thu, 22 Aug 2024 05:42:11 GMT
GET H2	200	all.min.css nusan138.pw/home/themes/default/font/font-awesome/css/	73 KB 13 KB	224ms 220ms	Stylesheet text/css	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/font/font-awesome/css/all.min.css Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash a104b3e02910e773a16c296c77c63bc3a3a8590d776a5f023cc4e8e4f8bb1a91 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 16 Dec 2023 09:25:24 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 12798 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	Picsart_24-08-13_08-05-03-072[1].png nusan138.pw//upload/	72 KB 72 KB	223ms 220ms	Image image/png	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/Picsart_24-08-13_08-05-03-072[1].png Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 115e4581efc54cea1de5056beb2978c1bc6f8acac203f047413162e464827d2f Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 01:05:44 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 73229 expires Thu, 22 Aug 2024 05:42:10 GMT
GET		indonesia.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		english.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		thai.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		vietnam.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		cambodia.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		chinese.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET		philippines.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET H2	200	slide_promotor01_20240813105031.jpg nusan138.pw//upload/	145 KB 145 KB	651ms 649ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813105031.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash eda103c72181a3c67aa4dc17ca8c66fc0d7375aa675e80008d54543b96d3afac Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:50:31 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 148436 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	slide_promotor01_20240813104851.jpg nusan138.pw//upload/	63 KB 64 KB	651ms 649ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813104851.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 88e50f8deabd76da79f5461a70f168f8d77f31869252ae44861e2c37edc5f463 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:48:51 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 64962 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	slide_promotor01_20240813104348.jpg nusan138.pw//upload/	120 KB 120 KB	651ms 649ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813104348.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 2ae68b89c40ab22d0986eb2a8bfc0879504ae0c77951a22d9df4337325ed8fc2 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:43:48 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 123046 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	slide_promotor01_20240813103924.jpg nusan138.pw//upload/	131 KB 131 KB	651ms 650ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813103924.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 7b0eeea984ca90779121614c85830e40e72947dd386225662a0ca587d3baba71 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:39:24 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 134193 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	slide_promotor01_20240813103709.jpg nusan138.pw//upload/	107 KB 107 KB	652ms 650ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813103709.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash de1cb869b5475dfdb298cec888fa8a251bff4b533afcef5d6d6c68d44d7754fd Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:37:09 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 109492 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	slide_promotor01_20240813103438.jpg nusan138.pw//upload/	125 KB 125 KB	652ms 650ms	Image image/jpeg	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw//upload/slide_promotor01_20240813103438.jpg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash ce1cf2c0cfb5a6d54e0c5e2cef68821534e0e9684cbedb8dfdae13b73f6a5811 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 03:34:38 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 128120 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-popular.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	4 KB 2 KB	655ms 654ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-popular.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 0ac473478208e3bfdf49e272bcece41ab051d34fb5ebf9214a72d8312d1cacb9 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:58 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1622 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-slot.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	3 KB 1 KB	653ms 651ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-slot.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 7a11acf85875c0aa71dc5a315acc3f420f4bfbf34406794e96896471a4c3c462 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:16:04 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1106 expires Thu, 22 Aug 2024 05:42:10 GMT
GET		hot_category.png images.linkcdn.cloud/global/nav-addons/	0 0
GET H2	200	mobile-livegames.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	3 KB 1 KB	653ms 652ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-livegames.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 2f63fccdbb102b9c62e665d4e2f4a46cd40e9049a419963e9e07d2eb8e3ccfbd Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:42 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1069 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-casino.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	5 KB 2 KB	655ms 654ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-casino.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash c5f82cad2178ab1760c21dbd1285a61dc4b1a58c5a126bd9a22f6aaa96420c3f Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:36 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1890 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-sport.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	1 KB 659 B	652ms 651ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-sport.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash df0844c39e8c365dc8362dabc72755690dff82fb99283d8947de37a77624208f Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:16:12 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 591 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-lottery.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	2 KB 954 B	654ms 653ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-lottery.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 96282b0097494c8d8e7ec42cbca220c7674a4b79621b30bbe14f924c2d98ef67 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:48 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 898 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-poker.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	4 KB 2 KB	652ms 651ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-poker.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash f6963babeec9c8bdac5e93d3a9e5500578bc5f4462cfc467ceb719ed4f88a9e3 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:52 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1583 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	mobile-arcade.svg nusan138.pw/home/themes/default/img/mobile-home-icon/	2 KB 916 B	653ms 652ms	Image image/svg+xml	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nusan138.pw/home/themes/default/img/mobile-home-icon/mobile-arcade.svg Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 0459c472b8910e21d7045ec2c5fd8292bf7889495ab4a08f24281f8b5565ff81 Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:15:30 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 860 expires Thu, 22 Aug 2024 05:42:10 GMT
GET H2	200	vendor.js Show response nusan138.pw/home/themes/default/js/	545 KB 149 KB	638ms 636ms	Script text/javascript	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/js/vendor.js Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 5e3639394bb22f513738a6bc6dc68efc35b31e5d6089a5a9ce30d56387b195ca Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:12:28 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 152274
GET H2	200	global.js Show response nusan138.pw/home/themes/default/js/	15 KB 3 KB	653ms 651ms	Script text/javascript	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/js/global.js?v=2.0.1313 Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash deafdb985a7ce92210de2057429fc147b6aa8c15b2c2680adc32a9679974250a Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT content-encoding br last-modified Sat, 15 Jul 2023 20:12:14 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 2655
GET H2	404	index.js nusan138.pw/home/themes/default/js/	0 0	650ms 648ms	Script text/html	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/js/index.js?v=2.0.1313 Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 15 Aug 2024 05:42:10 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 content-type text/html
GET H2	404	jquery.validate.min.js nusan138.pw/home/themes/default/vendor/jquery-validate/	0 0	651ms 649ms	Script text/html	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/vendor/jquery-validate/jquery.validate.min.js Requested by Host: nusan138.pw URL: https://nusan138.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 15 Aug 2024 05:42:10 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 content-type text/html
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	132ms 46ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap Requested by Host: peta777kik.com URL: https://peta777kik.com/custom/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://peta777kik.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 15 Aug 2024 05:42:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 15 Aug 2024 05:34:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Aug 2024 05:42:11 GMT
GET H2	200	cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2 fonts.gstatic.com/s/chakrapetch/v11/	10 KB 10 KB	122ms 38ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:27:54 GMT x-content-type-options nosniff age 141257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9748 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:51:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:27:54 GMT
GET		indonesia.png images.linkcdn.cloud/global/default/icon/lang/	0 0
GET H3	200	bod.jpg peta777kik.com/custom/img/header/	226 KB 227 KB	1205ms 1205ms	Image image/jpeg	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peta777kik.com/custom/img/header/bod.jpg Requested by Host: peta777kik.com URL: https://peta777kik.com/custom/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3819dcbfd13b4b31716c627200cdd8becd465f7d82ad64f1219d174e1c1253d8 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://peta777kik.com/custom/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:12 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 231356 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 10 May 2022 10:34:59 GMT server cloudflare etag "387bc-627a3fd3-7d7a3;;;" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fv%2BguhYp8piXo84WHm9lCmH1OHcDnvRfiZ33V51yEdmmW15DhUnf%2FUr72Yvgla6NS4%2FHIe8U97jf8vyKwj1ra0D5YU6TcKbmyGl89OJJ9uecnAitOldaecxZibeIgiaD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control public, max-age=604800 accept-ranges bytes cf-ray 8b36dc23db8f8fe2-FRA expires Thu, 22 Aug 2024 05:42:12 GMT
GET H3	200	jackpot.gif peta777kik.com/custom/img/header/	34 KB 35 KB	988ms 988ms	Image image/gif	172.67.217.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peta777kik.com/custom/img/header/jackpot.gif Requested by Host: peta777kik.com URL: https://peta777kik.com/custom/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.217.164 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3bc05e7800f03cf5e57d9373bcacfa59641b444d1811590881588e04f69eee67 Security Headers Name Value Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://peta777kik.com/custom/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:12 GMT content-security-policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 35076 x-xss-protection 1;mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 27 Apr 2022 06:26:09 GMT server cloudflare etag "8904-6268e201-7d7a6;;;" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnF3evFE8uOS3QpBjvB1OLQhynTpY781ihy%2F3KIzI3ddEpjawcmrRavoESKkOF4FbJ17Updwf52C%2BOmnn6FDZA1rU8g7g2omGcFfkSYtf513bZWQzp8uUrpjmOj4wexfHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif vary Accept-Encoding cache-control public, max-age=604800 accept-ranges bytes cf-ray 8b36dc23db918fe2-FRA expires Thu, 22 Aug 2024 05:42:12 GMT
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f Request headers Referer Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET		advanced_dot_digital-7-webfont.woff2 peta777kik.com/custom/font/	0 0
GET H2	200	cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2 fonts.gstatic.com/s/chakrapetch/v11/	10 KB 10 KB	93ms 45ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:10:02 GMT x-content-type-options nosniff age 142329 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9896 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:55:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:10:02 GMT
GET H3	200	fa-brands-400.woff2 nusan138.pw/home/themes/default/font/font-awesome/webfonts/	77 KB 77 KB	213ms 212ms	Font font/woff2	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/font/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: nusan138.pw URL: https://nusan138.pw/home/themes/default/font/font-awesome/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba Request headers Referer https://nusan138.pw/home/themes/default/font/font-awesome/css/all.min.css Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT last-modified Sat, 15 Jul 2023 20:14:48 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 78460 expires Thu, 22 Aug 2024 05:42:11 GMT
GET H2	200	cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2 fonts.gstatic.com/s/chakrapetch/v11/	10 KB 10 KB	101ms 53ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:37:54 GMT x-content-type-options nosniff age 140657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10040 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:51:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:37:54 GMT
GET H3	200	fa-solid-900.woff2 nusan138.pw/home/themes/default/font/font-awesome/webfonts/	78 KB 79 KB	508ms 508ms	Font font/woff2	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw/home/themes/default/font/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: nusan138.pw URL: https://nusan138.pw/home/themes/default/font/font-awesome/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7 Request headers Referer https://nusan138.pw/home/themes/default/font/font-awesome/css/all.min.css Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:11 GMT last-modified Sat, 15 Jul 2023 20:14:52 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 80300 expires Thu, 22 Aug 2024 05:42:11 GMT
GET H2	200	cIflMapbsEk7TDLdtEz1BwkebIl1R5_F.woff2 fonts.gstatic.com/s/chakrapetch/v11/	10 KB 10 KB	128ms 81ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkebIl1R5_F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a0c3882f90b8879eeb874f3d91adab02b88b46088d264eebb16910c8daf4792 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nusan138.pw User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:23:23 GMT x-content-type-options nosniff age 141528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10012 x-xss-protection 0 last-modified Thu, 24 Aug 2023 18:09:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:23:23 GMT
GET		S-RH02.jpg images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		PSS-ON-00141.webp images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		PSS-ON-00146.webp images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		vs20starlight.webp images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		vs20olympgate.webp images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		vs5aztecgems.webp images.linkcdn.cloud/global/popular-games/	0 0
GET		vs20gatotgates.webp images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		5m6k9j7rwspjs.png images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		133.png images.linkcdn.cloud/global/game-favorit/populer/	0 0
GET		fa-brands-400.woff peta777kik.com/themes/default/font/font-awesome/webfonts/	0 0
GET		advanced_dot_digital-7-webfont.woff peta777kik.com/custom/font/	0 0
GET		fa-brands-400.ttf peta777kik.com/themes/default/font/font-awesome/webfonts/	0 0
GET H2	200	Picsart_24-08-13_08-05-03-072[1].png nusan138.pw//upload/	72 KB 0	0ms 0ms	Other image/png	109.110.188.79 ANYM-NET
General Check archive.org Show headers Download Go to Full URL https://nusan138.pw//upload/Picsart_24-08-13_08-05-03-072[1].png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.110.188.79 Karaj, Iran, Islamic Republic Of, ASN199695 (ANYM-NET, ID), Reverse DNS Software LiteSpeed / Resource Hash 115e4581efc54cea1de5056beb2978c1bc6f8acac203f047413162e464827d2f Request headers Referer https://nusan138.pw/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 15 Aug 2024 05:42:10 GMT last-modified Tue, 13 Aug 2024 01:05:44 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 73229 expires Thu, 22 Aug 2024 05:42:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

peta777kik.com

URL

https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-solid-900.woff2

Domain

peta777kik.com

URL

https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff2

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/indonesia.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/english.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/thai.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/vietnam.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/cambodia.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/chinese.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/philippines.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/nav-addons/hot_category.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/default/icon/lang/indonesia.png

Domain

peta777kik.com

URL

https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff2

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/S-RH02.jpg

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/PSS-ON-00141.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/PSS-ON-00146.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/vs20starlight.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/vs20olympgate.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/popular-games/vs5aztecgems.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/vs20gatotgates.webp

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/5m6k9j7rwspjs.png

Domain

images.linkcdn.cloud

URL

https://images.linkcdn.cloud/global/game-favorit/populer/133.png

Domain

peta777kik.com

URL

https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff

Domain

peta777kik.com

URL

https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff

Domain

peta777kik.com

URL

https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.ttf

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| $ function| jQuery object| bootstrap function| Swiper function| moment function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| Slider function| slider object| Bank function| bank object| Game function| game function| filterPromoSelection function| filterPromoAddClass function| filterPromoRemoveClass function| promoFilterActive function| filterGameSelection function| filterGameAddClass function| filterGameRemoveClass function| gameFilterActive object| Local function| local function| handler function| routeNav function| gameAlert function| showError

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nusan138.pw/	1969-12-31 23:59:59	Name: PHPSESSID Value: 22fba099a94a9df725ac6590897f4dbc
			.linkcdn.cloud/	1970-01-20 22:48:22	Name: __cf_bm Value: 1_cUkGGFvkhQH0IqTAsIxDzYpZGRI2N0zX.zvkDDawk-1723700530-1.0.1.1-PV5EulEgU4u2NJ5988ybLXjApI3ZzYglzd3lolnm5gDz8_p0rLa_xmgiG3KAIV1Cq_HEUyeCnuTx3r8lC8JfkQ

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nusan138.pw/home/themes/default/js/index.js?v=2.0.1313 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nusan138.pw/home/themes/default/vendor/jquery-validate/jquery.validate.min.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://nusan138.pw/(Line 109) Message: Access to font at 'https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-solid-900.woff2' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nusan138.pw/ Message: Access to font at 'https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff2' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nusan138.pw/ Message: Access to font at 'https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff2' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nusan138.pw/ Message: Access to font at 'https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nusan138.pw/ Message: Access to font at 'https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/custom/font/advanced_dot_digital-7-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nusan138.pw/ Message: Access to font at 'https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.ttf' from origin 'https://nusan138.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://peta777kik.com/themes/default/font/font-awesome/webfonts/fa-brands-400.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
geblekbet.xyz
images.linkcdn.cloud
nusan138.pw
peta777kik.com
www.googletagmanager.com
images.linkcdn.cloud
peta777kik.com
103.59.160.21
109.110.188.79
172.67.217.164
2a00:1450:4001:803::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:829::2003
04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
0459c472b8910e21d7045ec2c5fd8292bf7889495ab4a08f24281f8b5565ff81
0ac473478208e3bfdf49e272bcece41ab051d34fb5ebf9214a72d8312d1cacb9
115e4581efc54cea1de5056beb2978c1bc6f8acac203f047413162e464827d2f
2ae68b89c40ab22d0986eb2a8bfc0879504ae0c77951a22d9df4337325ed8fc2
2f63fccdbb102b9c62e665d4e2f4a46cd40e9049a419963e9e07d2eb8e3ccfbd
327fe1b3aebb9e8385f70c4454e3b48ba51c08a8d34a0f5c3960bcb70799de52
3819dcbfd13b4b31716c627200cdd8becd465f7d82ad64f1219d174e1c1253d8
3bc05e7800f03cf5e57d9373bcacfa59641b444d1811590881588e04f69eee67
406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9
50d1e418af45c06f7e9fd5f99607b63135df5c5ad5d5c8839c4e58bb177d0d95
536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2
5e3639394bb22f513738a6bc6dc68efc35b31e5d6089a5a9ce30d56387b195ca
6a0c3882f90b8879eeb874f3d91adab02b88b46088d264eebb16910c8daf4792
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
77f1d45d7b8572868528c0be3f774c36891b2728ceb6fbf66b66651c14a74973
7a11acf85875c0aa71dc5a315acc3f420f4bfbf34406794e96896471a4c3c462
7b0eeea984ca90779121614c85830e40e72947dd386225662a0ca587d3baba71
88e50f8deabd76da79f5461a70f168f8d77f31869252ae44861e2c37edc5f463
96282b0097494c8d8e7ec42cbca220c7674a4b79621b30bbe14f924c2d98ef67
9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
a104b3e02910e773a16c296c77c63bc3a3a8590d776a5f023cc4e8e4f8bb1a91
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c5f82cad2178ab1760c21dbd1285a61dc4b1a58c5a126bd9a22f6aaa96420c3f
ce1cf2c0cfb5a6d54e0c5e2cef68821534e0e9684cbedb8dfdae13b73f6a5811
cf5d38ca89bc7f78515c4428cfe1fb29a4b489a3590fc11b4ca28335b475b8a1
d5c20b035e1d541514828d85e0d04b95bd6f2759abc10aeeb95d51a1fea06b0a
de0573afedf9277d5ab52062151762072a39d5c7968fff90a03ec35c86583b11
de1cb869b5475dfdb298cec888fa8a251bff4b533afcef5d6d6c68d44d7754fd
deafdb985a7ce92210de2057429fc147b6aa8c15b2c2680adc32a9679974250a
df0844c39e8c365dc8362dabc72755690dff82fb99283d8947de37a77624208f
eda103c72181a3c67aa4dc17ca8c66fc0d7375aa675e80008d54543b96d3afac
f6963babeec9c8bdac5e93d3a9e5500578bc5f4462cfc467ceb719ed4f88a9e3