urlscan.io logo urlscan.io
SecurityTrails logo

biologismpkucinta.blogspot.com Open in urlscan Pro
2a00:1450:400d:807::2001  Public Scan

Go To Rescan Add Verdict Report
URL: http://biologismpkucinta.blogspot.com/
Submission: On January 05 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 25 HTTP transactions. The main IP is 2a00:1450:400d:807::2001, located in Ireland and belongs to GOOGLE, US. The main domain is biologismpkucinta.blogspot.com.
This is the only time biologismpkucinta.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
biologismpkucinta.blogspot.com
7    2a00:1450:4001:827::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)
googledrive.com
2    2a00:1450:400c:c00::52 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
bloggerpeer.googlecode.com
wadah-tutorial.googlecode.com
4    96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)
cur.cursors-4u.net
2    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
sites.google.com
1    2a00:1450:4013:c1a::89 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
dc0a0857-a-62cb3a1a-s-sites.googlegroups.com
2    65.9.95.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-41.prg50.r.cloudfront.net
i1082.photobucket.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
6 google.com
apis.google.com — Cisco Umbrella Rank: 163
sites.google.com — Cisco Umbrella Rank: 10895
141 KB
5 blogger.com
www.blogger.com — Cisco Umbrella Rank: 6833
192 KB
4 cursors-4u.net
cur.cursors-4u.net — Cisco Umbrella Rank: 409318
6 KB
3 blogspot.com
biologismpkucinta.blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 13930
60 KB
2 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 14712
1 KB
2 photobucket.com
i1082.photobucket.com
55 KB
2 googlecode.com
bloggerpeer.googlecode.com
wadah-tutorial.googlecode.com
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 Failed
3 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
658 B
1 googlegroups.com
dc0a0857-a-62cb3a1a-s-sites.googlegroups.com
1 KB
1 googledrive.com
googledrive.com — Cisco Umbrella Rank: 129530
0 yourjavascript.com Failed
yourjavascript.com Failed
25 12
Domain Requested by
5 www.blogger.com biologismpkucinta.blogspot.com
apis.google.com
4 cur.cursors-4u.net 2 redirects biologismpkucinta.blogspot.com
4 apis.google.com biologismpkucinta.blogspot.com
apis.google.com
www.blogger.com
2 resources.blogblog.com www.blogger.com
2 i1082.photobucket.com 1 redirects biologismpkucinta.blogspot.com
2 sites.google.com 2 redirects
2 biologismpkucinta.blogspot.com biologismpkucinta.blogspot.com
1 www.facebook.com biologismpkucinta.blogspot.com
1 pagead2.googlesyndication.com biologismpkucinta.blogspot.com
1 2.bp.blogspot.com biologismpkucinta.blogspot.com
1 dc0a0857-a-62cb3a1a-s-sites.googlegroups.com biologismpkucinta.blogspot.com
1 wadah-tutorial.googlecode.com biologismpkucinta.blogspot.com
1 bloggerpeer.googlecode.com biologismpkucinta.blogspot.com
1 googledrive.com biologismpkucinta.blogspot.com
0 yourjavascript.com Failed biologismpkucinta.blogspot.com
25 15

This site contains links to these domains. Also see Links.

Domain
www.cursors-4u.com
Subject Issuer Validity Valid
*.blogger.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-14 -
2023-01-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://biologismpkucinta.blogspot.com/
Frame ID: 12FDE73C7CFD5C89FCF61A3803B02495
Requests: 18 HTTP requests in this frame

Frame: http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Frame ID: 0EBC28BED1C179979250A1A0A59DD7CA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Frame ID: DCE0C7B0DEED24FEAA7D95F125609108
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7977140201683546854&blogName=Biologi+SMP+N+1+Bangsri&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://biologismpkucinta.blogspot.com/search&blogLocale=in&v=2&homepageUrl=http://biologismpkucinta.blogspot.com/&vt=1507552510374414629&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 9EE2FEAC648F194EBD9C5E8A00F0CB74
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Biologi SMP N 1 Bangsri

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

25
Requests

52 %
HTTPS

83 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

458 kB
Transfer

761 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://cur.cursors-4u.net/cursor.png HTTP 301
  • https://cur.cursors-4u.net/cursor.png
Request Chain 8
  • https://sites.google.com/site/bloggerbondowosoblogspotcom/js/camera.js HTTP 302
  • https://sites.google.com/site/bloggerbondowosoblogspotcom/js/camera.js?attredirects=0 HTTP 302
  • https://dc0a0857-a-62cb3a1a-s-sites.googlegroups.com/site/bloggerbondowosoblogspotcom/js/camera.js?attachauth=ANoY7coaDY9WK8L5xTO7uoQcuJqIV5tJkUljVk0n1kHL8DIktL20yzbS_mg7uWft1zhamEx3S2OyZqThxxiD3hk8jnhNF9HHugw28wJDGQLjBisboOgfoRbmvsen2ZqXKL53ye3NGsViZ_wLnn3DHUaGpvacs5-xnU-ebVQU81eTBW9bQ4wK_KyhqsBPCdFD7LuLWgmu5xLgEOzoS7AjoJNvHXRuGl20Y2h0O0ydN6QHZjJzr04bDq0%3D&attredirects=0
Request Chain 9
  • http://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif HTTP 301
  • https://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif
Request Chain 16
  • http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP 307
  • https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Request Chain 18
  • http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur HTTP 301
  • https://cur.cursors-4u.net/cursors/cur-11/cur1054.cur

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
biologismpkucinta.blogspot.com/ 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d6ab49b32719fd15ab5c34f7001c95314a51a908551c126b9e540f0690c9ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
11503
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 04:26:50 GMT
ETag
W/"f10cc07eb954a7aa8464bca1cc272fed0c8bea6f520f987f9b2442ce04e08e8e"
Expires
Thu, 05 Jan 2023 04:26:50 GMT
Last-Modified
Tue, 07 Dec 2021 09:03:16 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 07:11:13 GMT
x-content-type-options
nosniff
age
335737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35960
x-xss-protection
0
last-modified
Sat, 31 Dec 2022 18:50:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 01 Jan 2024 07:11:13 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7977140201683546854&zx=086e4cb2-9561-4efb-834d-66c775628c77
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 05 Jan 2023 04:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2023 04:26:50 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 04:26:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20933
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ec76424fc4148a81"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 04:26:50 GMT
tripleflap.js
googledrive.com/host/0B7X69YyzZu-IZjFKQ19VVi10RlE/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googledrive.com/host/0B7X69YyzZu-IZjFKQ19VVi10RlE/tripleflap.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
tripleflap.js
bloggerpeer.googlecode.com/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://bloggerpeer.googlecode.com/files/tripleflap.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:400c:c00::52 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
hearts.js
wadah-tutorial.googlecode.com/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://wadah-tutorial.googlecode.com/files/hearts.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:400c:c00::52 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cursor.png
cur.cursors-4u.net/
Redirect Chain
  • http://cur.cursors-4u.net/cursor.png
  • https://cur.cursors-4u.net/cursor.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/cursor.png
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 04:26:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2013 17:33:08 GMT
Server
nginx/1.16.1
ETag
W/"512e4354-4d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive

Redirect headers

Location
https://cur.cursors-4u.net/cursor.png
Date
Thu, 05 Jan 2023 04:26:51 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
kursor-bintang-biru.js
yourjavascript.com/19103611392/ 		0
0
camera.js
dc0a0857-a-62cb3a1a-s-sites.googlegroups.com/site/bloggerbondowosoblogspotcom/js/
Redirect Chain
  • https://sites.google.com/site/bloggerbondowosoblogspotcom/js/camera.js
  • https://sites.google.com/site/bloggerbondowosoblogspotcom/js/camera.js?attredirects=0
  • https://dc0a0857-a-62cb3a1a-s-sites.googlegroups.com/site/bloggerbondowosoblogspotcom/js/camera.js?attachauth=ANoY7coaDY9WK8L5xTO7uoQcuJqIV5tJkUljVk0n1kHL8DIktL20yzbS_mg7uWft1zhamEx3S2OyZqThxxiD3hk...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc0a0857-a-62cb3a1a-s-sites.googlegroups.com/site/bloggerbondowosoblogspotcom/js/camera.js?attachauth=ANoY7coaDY9WK8L5xTO7uoQcuJqIV5tJkUljVk0n1kHL8DIktL20yzbS_mg7uWft1zhamEx3S2OyZqThxxiD3hk8jnhNF9HHugw28wJDGQLjBisboOgfoRbmvsen2ZqXKL53ye3NGsViZ_wLnn3DHUaGpvacs5-xnU-ebVQU81eTBW9bQ4wK_KyhqsBPCdFD7LuLWgmu5xLgEOzoS7AjoJNvHXRuGl20Y2h0O0ydN6QHZjJzr04bDq0%3D&attredirects=0
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Server
2a00:1450:4013:c1a::89 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b684f45a755c9ceb663ea9895e1c3280f636a8a03f06f7e82a0441c0a4feb1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-disposition
attachment; filename="camera.js"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
746
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 11 Mar 2013 15:44:03 GMT
server
GSE
etag
"1363016643834"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Jan 2023 04:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://dc0a0857-a-62cb3a1a-s-sites.googlegroups.com/site/bloggerbondowosoblogspotcom/js/camera.js?attachauth=ANoY7coaDY9WK8L5xTO7uoQcuJqIV5tJkUljVk0n1kHL8DIktL20yzbS_mg7uWft1zhamEx3S2OyZqThxxiD3hk8jnhNF9HHugw28wJDGQLjBisboOgfoRbmvsen2ZqXKL53ye3NGsViZ_wLnn3DHUaGpvacs5-xnU-ebVQU81eTBW9bQ4wK_KyhqsBPCdFD7LuLWgmu5xLgEOzoS7AjoJNvHXRuGl20Y2h0O0ydN6QHZjJzr04bDq0%3D&attredirects=0
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
459
x-xss-protection
1; mode=block
expires
Thu, 05 Jan 2023 04:26:51 GMT
zoroattack.gif
i1082.photobucket.com/albums/j380/faris65/
Redirect Chain
  • http://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif
  • https://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Server
65.9.95.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-41.prg50.r.cloudfront.net
Software
photobucket /
Resource Hash
3ce4247eb7bf089addbd2a81c77cfd45440670b7a725d7aac9fe5b21b58bbae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:26:50 GMT
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
server
photobucket
x-amz-cf-pop
PRG50-C1
x-amzn-trace-id
Root=1-63b6518a-31811562044a4cdd5e32eb0a
vary
Accept, Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=31536000, public
content-disposition
inline; filename="zoroattack.gif"
content-length
55840
x-amz-cf-id
aEazaumAAPUnTiDiovWh1GOI5jYEuYdjfqz5DvZkGegz8KyAYJA85Q==
x-request-id
eY4BmGGnKYfvZznaflyQV
expires
Fri, 05 Jan 2024 04:26:50 GMT

Redirect headers

Date
Thu, 05 Jan 2023 04:26:50 GMT
Via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
PRG50-C1
Vary
Origin
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://i1082.photobucket.com/albums/j380/faris65/zoroattack.gif
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
CzMrAElMuM23H49MjHm3nKuHX9xykIduORu7UXzgzrz1x4yKDZ7oPQ==
cookienotice.js
biologismpkucinta.blogspot.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://biologismpkucinta.blogspot.com/js/cookienotice.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 04:26:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Jan 2023 03:13:03 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
2026
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Thu, 12 Jan 2023 04:26:50 GMT
3675762886-widgets.js
www.blogger.com/static/v1/widgets/ 		153 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3675762886-widgets.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 02:45:16 GMT
x-content-type-options
nosniff
age
265294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156297
x-xss-protection
0
last-modified
Sun, 01 Jan 2023 22:50:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 02 Jan 2024 02:45:16 GMT
1075667_533750146701448_626547583_n.jpg
2.bp.blogspot.com/-NO_Rx6TmTIQ/Uwg7V93o4GI/AAAAAAAAAC4/c9beAi2jNgA/s0/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2.bp.blogspot.com/-NO_Rx6TmTIQ/Uwg7V93o4GI/AAAAAAAAAC4/c9beAi2jNgA/s0/1075667_533750146701448_626547583_n.jpg
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3db67c3b7ce30a202a12f854eeae3026c1e88e06ddb1a8e60b0ce55b37e50adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 04:26:51 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v2f"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="1075667_533750146701448_626547583_n.jpg"
Timing-Allow-Origin
*
Content-Length
46324
X-XSS-Protection
0
Expires
Fri, 06 Jan 2023 04:26:51 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 		173 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 21:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57913
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 21:04:42 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 14:44:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
49354
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
67
X-XSS-Protection
0
Server
cafe
ETag
13036835877489095579
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1209600
Timing-Allow-Origin
*
Expires
Wed, 18 Jan 2023 14:44:16 GMT
like.php
www.facebook.com/widgets/ Frame 0EBC 		0
0
like.php
www.facebook.com/widgets/ Frame DCE0
Redirect Chain
  • http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
  • https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://biologismpkucinta.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 05 Jan 2023 04:26:50 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
MGtT30wm8ROx3GSo5tFj2+5FzyJva2CHLcKcAnJmaVutUBjcl4/RJlkebjFqQIFyi+vHxVgmqtzljt2lS12Qfg==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Non-Authoritative-Reason
HSTS
navbar.g
www.blogger.com/ Frame 9EE2 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=7977140201683546854&blogName=Biologi+SMP+N+1+Bangsri&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://biologismpkucinta.blogspot.com/search&blogLocale=in&v=2&homepageUrl=http://biologismpkucinta.blogspot.com/&vt=1507552510374414629&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c22b9cd4d8c9ecf049ad6c32b5ca6266f79ef59174a2c893c67e24af91c3a3a7
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://biologismpkucinta.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2610
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 04:26:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cur1054.cur
cur.cursors-4u.net/cursors/cur-11/
Redirect Chain
  • http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur
  • https://cur.cursors-4u.net/cursors/cur-11/cur1054.cur
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/cursors/cur-11/cur1054.cur
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
HTTP/1.1
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b1f9a7cad553f49f9f2fdc78229ba3c09ae5ba84cea493b19af5c312a8f24df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 04:26:51 GMT
Last-Modified
Wed, 27 Feb 2013 17:42:02 GMT
Server
nginx/1.16.1
ETag
"512e456a-10be"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286

Redirect headers

Location
https://cur.cursors-4u.net/cursors/cur-11/cur1054.cur
Date
Thu, 05 Jan 2023 04:26:51 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7977140201683546854&zx=086e4cb2-9561-4efb-834d-66c775628c77
Requested by
Host: biologismpkucinta.blogspot.com
URL: http://biologismpkucinta.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://biologismpkucinta.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 05 Jan 2023 04:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2023 04:26:51 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 9EE2 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7977140201683546854&blogName=Biologi+SMP+N+1+Bangsri&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://biologismpkucinta.blogspot.com/search&blogLocale=in&v=2&homepageUrl=http://biologismpkucinta.blogspot.com/&vt=1507552510374414629&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 04:26:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e203b3eb7c1b4f6d"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 04:26:51 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 9EE2 		907 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7977140201683546854&blogName=Biologi+SMP+N+1+Bangsri&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://biologismpkucinta.blogspot.com/search&blogLocale=in&v=2&homepageUrl=http://biologismpkucinta.blogspot.com/&vt=1507552510374414629&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 07:35:31 GMT
x-content-type-options
nosniff
last-modified
Sat, 31 Dec 2022 12:50:49 GMT
server
sffe
age
334280
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 08 Jan 2023 07:35:31 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 9EE2 		117 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7977140201683546854&blogName=Biologi+SMP+N+1+Bangsri&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://biologismpkucinta.blogspot.com/search&blogLocale=in&v=2&homepageUrl=http://biologismpkucinta.blogspot.com/&vt=1507552510374414629&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 13:56:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Jan 2023 00:49:49 GMT
server
sffe
age
311447
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 08 Jan 2023 13:56:04 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 9EE2 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 13:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42491
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Dec 2023 13:14:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yourjavascript.com
URL
http://yourjavascript.com/19103611392/kursor-bintang-biru.js
Domain
www.facebook.com
URL
http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FMiloVers&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl string| fan_page_url number| opacity number| time object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow string| birdSprite object| targetElems string| twitterAccount string| tweetThisText boolean| google_empty_script_included

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: http://bloggerpeer.googlecode.com/files/tripleflap.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://wadah-tutorial.googlecode.com/files/hearts.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://googledrive.com/host/0B7X69YyzZu-IZjFKQ19VVi10RlE/tripleflap.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
apis.google.com
biologismpkucinta.blogspot.com
bloggerpeer.googlecode.com
cur.cursors-4u.net
dc0a0857-a-62cb3a1a-s-sites.googlegroups.com
googledrive.com
i1082.photobucket.com
pagead2.googlesyndication.com
resources.blogblog.com
sites.google.com
wadah-tutorial.googlecode.com
www.blogger.com
www.facebook.com
yourjavascript.com
www.facebook.com
yourjavascript.com
2a00:1450:4001:813::2001
2a00:1450:4001:827::2009
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c00::52
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2001
2a00:1450:4013:c1a::89
2a03:2880:f11c:8083:face:b00c:0:25de
65.9.95.41
96.43.128.66
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
3ce4247eb7bf089addbd2a81c77cfd45440670b7a725d7aac9fe5b21b58bbae6
3d6ab49b32719fd15ab5c34f7001c95314a51a908551c126b9e540f0690c9ab1
3db67c3b7ce30a202a12f854eeae3026c1e88e06ddb1a8e60b0ce55b37e50adb
4b684f45a755c9ceb663ea9895e1c3280f636a8a03f06f7e82a0441c0a4feb1a
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54
aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
b1f9a7cad553f49f9f2fdc78229ba3c09ae5ba84cea493b19af5c312a8f24df7
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c22b9cd4d8c9ecf049ad6c32b5ca6266f79ef59174a2c893c67e24af91c3a3a7
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a