urlscan.io logo urlscan.io
SecurityTrails logo

bagas31.pw Open in urlscan Pro
161.97.83.128  Public Scan

Go To Rescan Add Verdict Report
URL: http://bagas31.pw/
Submission: On September 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 161.97.83.128, located in Boulder, United States and belongs to CONTABO, DE. The main domain is bagas31.pw.
This is the only time bagas31.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    161.97.83.128 (Boulder, United States)

ASN51167 (CONTABO, DE)
PTR: vmi416800.contaboserver.net
bagas31.pw
4    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
4    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
13 bagas31.pw bagas31.pw
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com bagas31.pw
pagead2.googlesyndication.com
4 c0.wp.com bagas31.pw
3 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 pixel.wp.com bagas31.pw
1 stats.wp.com bagas31.pw
1 fonts.googleapis.com bagas31.pw
36 12

This site contains links to these domains. Also see Links.

Domain
superbthemes.com
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
www.idealcrack.bagas31.pw
Let's Encrypt Authority X3		 2020-08-26 -
2020-11-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://bagas31.pw/
Frame ID: CB99B369272427B03A989407DB1ECCEB
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Frame ID: 1BDA6B660EFECCB4B0C35F858AEECDC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&h=280&slotname=9207312935&adk=3274043604&adf=1209521091&w=728&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600125196020&bpp=17&bdt=360&idt=49&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3675685734273&frm=20&pv=2&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=731824&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=597&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sLvUs9zlTs&p=http%3A//bagas31.pw&dtd=68
Frame ID: 50FC8AB49291811EF02A9235CF169D69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&h=600&slotname=9207312935&adk=809952715&adf=3288002894&w=300&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600125196037&bpp=3&bdt=376&idt=62&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yFPbh3UlQk&p=http%3A//bagas31.pw&dtd=67
Frame ID: BE1E5473D4C3A16A828A5856CE8B6EF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&adk=1812271804&adf=3025194257&lmt=1600125196&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbagas31.pw%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600125196040&bpp=1&bdt=380&idt=68&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x600&nras=1&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=73
Frame ID: 42451CEDD72423FB161D6A4F5E1A7036
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B0338D62D8333229883D1B32104BEBF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

36
Requests

67 %
HTTPS

67 %
IPv6

9
Domains

12
Subdomains

9
IPs

2
Countries

494 kB
Transfer

954 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
bagas31.pw/ 		35 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
1b7021de6efb231b4981bb4cfda44ae510d4d8fe82db80faa0e079528568b582

Request headers

Host
bagas31.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:14 GMT
Server
Apache
Link
<https://bagas31.pw/wp-json/>; rel="https://api.w.org/", <https://wp.me/bfA4L>; rel=shortlink
Set-Cookie
adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/ adinj=1; expires=Tue, 15-Sep-2020 00:13:15 GMT; Max-Age=3600; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.min.css
c0.wp.com/c/5.5.1/wp-includes/css/dist/block-library/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT arn 2
date
Mon, 14 Sep 2020 23:13:15 GMT
content-encoding
br
last-modified
Thu, 27 Aug 2020 18:00:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Tue, 14 Sep 2021 23:13:15 GMT
popupaoc-public-style.css
bagas31.pw/wp-content/plugins/popup-anything-on-click/assets/css/ 		42 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public-style.css?ver=1.7.7
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
55a94e8fbdf20784a15a34a4c180fbcfea5248a43b6157f5e1d5f2f4a0137ae3

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Last-Modified
Wed, 22 Jul 2020 10:51:47 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43496
style.css
bagas31.pw/wp-content/themes/feather-magazine/ 		57 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/wp-content/themes/feather-magazine/style.css?ver=5.5.1
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
b2f195e868ce064c8ecbc6a617780d56559fd88fe628e49aa4dab9573bbb5328

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Last-Modified
Tue, 25 Aug 2020 00:29:37 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
58277
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
312c30ed0892ee1d96fc9d5db9ac7c17bb8d82fb0899054f3228124802a4b528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Sep 2020 23:13:15 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 14 Sep 2020 23:13:15 GMT
jetpack.css
c0.wp.com/p/jetpack/8.8.2/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.8.2/css/jetpack.css
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9cc6b5e3ec2f0a35a4b83aa1875b46adcd16f96f0f54251ef535834fe319668a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT arn 2
date
Mon, 14 Sep 2020 23:13:15 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 10:54:18 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Tue, 14 Sep 2021 23:13:15 GMT
jquery.js
c0.wp.com/c/5.5.1/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5.1/wp-includes/js/jquery/jquery.js
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT arn 2
date
Mon, 14 Sep 2020 23:13:15 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Tue, 14 Sep 2021 23:13:15 GMT
wp-emoji-release.min.js
bagas31.pw/wp-includes/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Last-Modified
Tue, 25 Aug 2020 00:29:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14246
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
927fa8ed6d8bd5b79f626a5eb929f86bb3de1030fe19e94dda13d1bce97698b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 14 Sep 2020 23:13:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
15714494881223911192
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
45988
X-XSS-Protection
0
Expires
Mon, 14 Sep 2020 23:13:15 GMT
customscripts.js
bagas31.pw/wp-content/themes/feather-magazine/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/wp-content/themes/feather-magazine/js/customscripts.js?ver=5.5.1
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
e88e60105843a6dbb9b707d510ae4e5793dd30aeaf6a84465b57050d08432ba6

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Last-Modified
Tue, 25 Aug 2020 00:29:37 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3675
wp-embed.min.js
c0.wp.com/c/5.5.1/wp-includes/js/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5.1/wp-includes/js/wp-embed.min.js
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT arn 2
date
Mon, 14 Sep 2020 23:13:15 GMT
content-encoding
br
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Tue, 14 Sep 2021 23:13:15 GMT
e-202038.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202038.js
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 23:13:15 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sun, 12 Sep 2021 22:11:53 GMT
download-24.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-24.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
c31d3adca1bc933d4103d21cabb5ac0226148b0e74c9f36ec12a29be7f2fe567

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:31 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21268
download-2-3.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-2-3.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
85cea9a5f1b2ed6e1b34654e5b715545ae33fae426067b77b251c3f3bbb3a5af

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:31 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8202
download-17.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-17.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
8be0c98147e04aeaaec8b0a1b124ac06d7334e381eac3ad221f41f814cdbc6e2

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:31 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4670
images-14.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/images-14.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
71725b54d26d485adb6d1735919997eed3ece4b20a9a901624af637043d09141

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13465
download-20.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-20.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
f0b2dcefc680c2d59a0285600c6fc645c3555d8167815b92ceee287054e906aa

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7605
download-22.jpg
bagas31.pw/wp-content/uploads/2019/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-22.jpg
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
667970787356836e1a71e443834e3bc4e9426a3a2b2c77539f27b9fb32390e51

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8754
download-10.png
bagas31.pw/wp-content/uploads/2019/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bagas31.pw/wp-content/uploads/2019/09/download-10.png
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
875fd6be869cba2ba0246dd250084f4c3f4441379861f8d9bb3305cf1e073601

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Last-Modified
Tue, 26 Nov 2019 19:04:31 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5022
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://bagas31.pw
Referer
http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 09:07:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:50 GMT
Server
sffe
Age
50732
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11016
X-XSS-Protection
0
Expires
Tue, 14 Sep 2021 09:07:43 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://bagas31.pw
Referer
http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 09:08:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:58 GMT
Server
sffe
Age
50709
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11020
X-XSS-Protection
0
Expires
Tue, 14 Sep 2021 09:08:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://bagas31.pw
Referer
http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 09:16:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:48 GMT
Server
sffe
Age
50232
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11056
X-XSS-Protection
0
Expires
Tue, 14 Sep 2021 09:16:03 GMT
feather-magazine.woff2
bagas31.pw/wp-content/themes/feather-magazine/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://bagas31.pw/wp-content/themes/feather-magazine/fonts/feather-magazine.woff2
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/wp-content/themes/feather-magazine/style.css?ver=5.5.1
Protocol
HTTP/1.1
Server
161.97.83.128 Boulder, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi416800.contaboserver.net
Software
Apache /
Resource Hash
2da5a94a8b1254f1600d968926d67d66ff7a04558e5de58fc24118b44e8c3c2b

Request headers

Origin
http://bagas31.pw
Referer
http://bagas31.pw/wp-content/themes/feather-magazine/style.css?ver=5.5.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:15 GMT
Last-Modified
Tue, 25 Aug 2020 00:29:37 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8416
g.gif
pixel.wp.com/ 		50 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.8.2&blog=166253295&post=0&tz=0&srv=bagas31.pw&host=bagas31.pw&ref=&fcp=1121&rand=0.7113850380900386
Requested by
Host: bagas31.pw
URL: http://bagas31.pw/
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 23:13:16 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/ 		228 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87777
x-xss-protection
0
server
cafe
etag
541389345409318010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Sep 2020 23:13:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/ Frame 1BDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200909/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bagas31.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bagas31.pw/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sun, 13 Sep 2020 23:42:04 GMT
expires
Sun, 27 Sep 2020 23:42:04 GMT
content-type
text/html; charset=UTF-8
etag
9704104221650600920
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4744
x-xss-protection
0
age
84672
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bagas31.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bagas31.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 50FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&h=280&slotname=9207312935&adk=3274043604&adf=1209521091&w=728&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600125196020&bpp=17&bdt=360&idt=49&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3675685734273&frm=20&pv=2&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=731824&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=597&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sLvUs9zlTs&p=http%3A//bagas31.pw&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7137620192637564&output=html&h=280&slotname=9207312935&adk=3274043604&adf=1209521091&w=728&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600125196020&bpp=17&bdt=360&idt=49&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3675685734273&frm=20&pv=2&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=731824&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=597&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sLvUs9zlTs&p=http%3A//bagas31.pw&dtd=68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bagas31.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bagas31.pw/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 14 Sep 2020 23:13:16 GMT
server
cafe
content-length
20903
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 23:28:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Sep 2020 23:13:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fef134a7880b8d72bac16738b34fe1ed9a72da52f702537b22486826cd3b5888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1600083386116863"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27476
x-xss-protection
0
expires
Mon, 14 Sep 2020 23:13:16 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BE1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&h=600&slotname=9207312935&adk=809952715&adf=3288002894&w=300&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600125196037&bpp=3&bdt=376&idt=62&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yFPbh3UlQk&p=http%3A//bagas31.pw&dtd=67
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7137620192637564&output=html&h=600&slotname=9207312935&adk=809952715&adf=3288002894&w=300&fwrn=4&fwrnh=100&lmt=1600125196&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbagas31.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600125196037&bpp=3&bdt=376&idt=62&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yFPbh3UlQk&p=http%3A//bagas31.pw&dtd=67
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bagas31.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bagas31.pw/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 14 Sep 2020 23:13:16 GMT
server
cafe
content-length
21189
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 23:28:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Sep 2020 23:13:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4245 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7137620192637564&output=html&adk=1812271804&adf=3025194257&lmt=1600125196&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbagas31.pw%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600125196040&bpp=1&bdt=380&idt=68&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x600&nras=1&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7137620192637564&output=html&adk=1812271804&adf=3025194257&lmt=1600125196&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbagas31.pw%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600125196040&bpp=1&bdt=380&idt=68&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x600&nras=1&correlator=3675685734273&frm=20&pv=1&ga_vid=709258534.1600125196&ga_sid=1600125196&ga_hid=1468911279&ga_fc=0&iag=0&icsg=2828976&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530621%2C21066898%2C21067348&oid=3&pvsid=4300763402775128&pem=37&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=73
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bagas31.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bagas31.pw/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 14 Sep 2020 23:13:16 GMT
server
cafe
content-length
834
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 23:28:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Sep 2020 23:13:16 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200909&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e3cce7a5506bfd911acea7d213412612feaac7b2b178742c4c21de25d1ce521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6383
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 23:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 14 Sep 2020 23:13:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B033 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bagas31.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bagas31.pw/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 14 Sep 2020 22:35:16 GMT
expires
Tue, 14 Sep 2021 22:35:16 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2280
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200909&jk=4300763402775128&bg=!Pj2lPSVYHL0QFccGRwICAAAAT1IAAAANCgEru6sw5-M112qDmFftgz8_tvK7-DfNsbzZzYkza-oMke6QgZHIAnhpYulUIF_1agqMOrLiLUCgZ4Y09NY_wVM6c3016foG9gBo2_DM5I6_jXVUTSmJ5-C_hb0JU4bq0a6_2C-qK9M4-YQqJqR8Lmy3Rct6spNpYRHGVWLxk3fOIZ54X9Qah3kWhp56ym6ZWd36m8jp6KbFzinMeJD07u_iKUpRGr4vh7tMyLrd4MaQ-KOcBtSf2z1legmSipqMMjXh74KVO2SxifpjF6jdMDz3nNnhX4-NnpfuHRrfRau-oKfFE97JqrUEUXCZCpQX_OiK9usM9wduQNzgkcjn4ZW31lnciuzFT1624onAyBi5j460ZzYj0So7IHVqwOKV_eNMTxXmtrBwTuUUK3SZAaIDB8EwOk2YzNHdg8-yjv7_Lf2TBBBP2SPXXUE44v0M6R2_mJZ-sqtMXhVVNbbtP62pCp0WLKmWI6nGlFh1o3RRI0UEPB4h_gu7zF1IAMTNhmxCti5YAUtUSOoss1hi6Iywrz3MulOPkz5eEUF0SipzLe4hufEjEai3IL5VFjdmIxz4CBc-zlfTPDXAk7CH5RKHOOqPptAjTU2pcGCbLrLO4AW_BWSw40IgbBZeaxCLzl9FHj7zi2An9BjrnOkPkbgZ2Tq12xfTKqi-7FMzUyCMVrDK0VXVHIF5Hzl_xlAcpQwRPDNsmmE0lcJQ_Bv4K5Hcr0ZNq65Gx3luqxaHTbSBE5ZmQk0WlmgRO0lzKl_DgbgmaHkdUEiaEjOVNtQmUyGWj0Ra48mPaiAVFs50psT7YDmuGHwMk6ZrouVgiGDlpYPJazrf8d_Of-mjQh6kkKeoPoZua97RdGQq2nm3oEqvLvXIcxRTt19vCi392o5-xDGU9QjK6AbKPpCxljpjlzcN6CflPg63fwPba5Q4UJbeJr147lf7JdOlYKiH3S3_S9vd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bagas31.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 23:13:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| wp object| _stq object| jQuery112408227933539909356 function| st_go function| linktracker_init object| wpcom object| twemoji object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnplyblz2E-vTBZSxAc_yYwI-nX_MlTlnfDEmBflZr5n8aR3xRokxQJHz-C
.doubleclick.net/ Name: DSID
Value: NO_DATA
bagas31.pw/ Name: adinj
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bagas31.pw
c0.wp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
www.googletagservices.com
161.97.83.128
192.0.76.3
192.0.77.37
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:818::2002
2a00:1450:4001:819::2001
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
1b7021de6efb231b4981bb4cfda44ae510d4d8fe82db80faa0e079528568b582
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2da5a94a8b1254f1600d968926d67d66ff7a04558e5de58fc24118b44e8c3c2b
312c30ed0892ee1d96fc9d5db9ac7c17bb8d82fb0899054f3228124802a4b528
55a94e8fbdf20784a15a34a4c180fbcfea5248a43b6157f5e1d5f2f4a0137ae3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
667970787356836e1a71e443834e3bc4e9426a3a2b2c77539f27b9fb32390e51
6e3cce7a5506bfd911acea7d213412612feaac7b2b178742c4c21de25d1ce521
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71725b54d26d485adb6d1735919997eed3ece4b20a9a901624af637043d09141
85cea9a5f1b2ed6e1b34654e5b715545ae33fae426067b77b251c3f3bbb3a5af
875fd6be869cba2ba0246dd250084f4c3f4441379861f8d9bb3305cf1e073601
8be0c98147e04aeaaec8b0a1b124ac06d7334e381eac3ad221f41f814cdbc6e2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
927fa8ed6d8bd5b79f626a5eb929f86bb3de1030fe19e94dda13d1bce97698b5
9cc6b5e3ec2f0a35a4b83aa1875b46adcd16f96f0f54251ef535834fe319668a
b2f195e868ce064c8ecbc6a617780d56559fd88fe628e49aa4dab9573bbb5328
c31d3adca1bc933d4103d21cabb5ac0226148b0e74c9f36ec12a29be7f2fe567
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88e60105843a6dbb9b707d510ae4e5793dd30aeaf6a84465b57050d08432ba6
f0b2dcefc680c2d59a0285600c6fc645c3555d8167815b92ceee287054e906aa
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fef134a7880b8d72bac16738b34fe1ed9a72da52f702537b22486826cd3b5888