urlscan.io logo urlscan.io
SecurityTrails logo

buku-mimpi3.govdelivery.com Open in urlscan Pro
2620:12a:8000::4  Public Scan

Go To Rescan Add Verdict Report
URL: https://buku-mimpi3.govdelivery.com/
Submission: On March 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2620:12a:8000::4, located in United States and belongs to FASTLY, US. The main domain is buku-mimpi3.govdelivery.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 14th 2022. Valid for: a year.
This is the only time buku-mimpi3.govdelivery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:12a:8000::4 54113 (FASTLY)
5 5 3.216.183.198 14618 (AMAZON-AES)
5 68.65.123.56 22612 (NAMECHEAP...)
7 2a00:1450:400... 15169 (GOOGLE)
3 162.19.58.159 16276 (OVH)
16 5
1    2620:12a:8000::4 (United States)

ASN54113 (FASTLY, US)
buku-mimpi3.govdelivery.com
5    3.216.183.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-183-198.compute-1.amazonaws.com
rebrand.ly
5    68.65.123.56 (Huntingdon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server272-4.web-hosting.com
cdqingmu.com
7    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu
i.ibb.co
Apex Domain
Subdomains		 Transfer
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
97 KB
5 cdqingmu.com
cdqingmu.com
531 KB
5 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 68858
874 B
3 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12837
33 KB
1 govdelivery.com
buku-mimpi3.govdelivery.com
27 KB
16 5
Domain Requested by
7 cdn.ampproject.org buku-mimpi3.govdelivery.com
cdn.ampproject.org
5 cdqingmu.com buku-mimpi3.govdelivery.com
5 rebrand.ly 5 redirects
3 i.ibb.co buku-mimpi3.govdelivery.com
1 buku-mimpi3.govdelivery.com
16 5
Subject Issuer Validity Valid
pantheonsite.io
Sectigo RSA Organization Validation Secure Server CA		 2022-07-14 -
2023-06-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
ibb.co
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://buku-mimpi3.govdelivery.com/
Frame ID: 15CCA5878B187258A38EE819D7E47A26
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buku Tafsir Mimpi 2D 3D Seribu Erek Erek Seratus Abjad Full Bergambar

Page Statistics

16
Requests

63 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

688 kB
Transfer

1048 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rebrand.ly/bannergasslot HTTP 301
  • https://cdqingmu.com/gasimg/GAS_SLOT.webp
Request Chain 8
  • https://rebrand.ly/gaslogo HTTP 301
  • https://cdqingmu.com/gasimg/logo_gastogel_fix.png
Request Chain 12
  • https://rebrand.ly/mimpi00 HTTP 301
  • https://cdqingmu.com/buku-mimpi/00_qwluba.jpeg
Request Chain 13
  • https://rebrand.ly/mimpi01 HTTP 301
  • https://cdqingmu.com/buku-mimpi/01_edxutp.jpeg
Request Chain 14
  • https://rebrand.ly/mimpi02 HTTP 301
  • https://cdqingmu.com/buku-mimpi/02_ifsbyt.jpeg

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buku-mimpi3.govdelivery.com/ 		161 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1154fd6eba1bc679f60d4922820d558a9b2c9b41b99e5fe8730c5221f777f376
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
27246
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 15:51:20 GMT
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding, Cookie, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
2, 0
x-pantheon-styx-hostname
styx-fe4-b-6d846bd466-dlxxd
x-served-by
cache-chi-klot8100062-CHI, cache-maa10239-MAA
x-styx-req-id
a20ed2e0-bcff-11ed-97e8-4eeaf12cadcc
x-timer
S1678204280.749235,VS0,VE475
GAS_SLOT.webp
cdqingmu.com/gasimg/
Redirect Chain
  • https://rebrand.ly/bannergasslot
  • https://cdqingmu.com/gasimg/GAS_SLOT.webp
210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdqingmu.com/gasimg/GAS_SLOT.webp
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Server
68.65.123.56 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server272-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
79eab34d549f879673c033523288fa966485273fdf8af671cbb973fa337b13f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:21 GMT
last-modified
Thu, 02 Feb 2023 07:30:14 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
214732
expires
Tue, 14 Mar 2023 15:51:21 GMT

Redirect headers

location
https://cdqingmu.com/gasimg/GAS_SLOT.webp
date
Tue, 07 Mar 2023 15:51:20 GMT
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000
engine
Rebrandly.redirect, version 2.1
content-length
0
expires
-1
v0.mjs
cdn.ampproject.org/ 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3455dcfb03d84c6ffd8be77bfdf1cec7317faa11a15d775d179fb81d945422ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 15:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63252
x-xss-protection
0
server
sffe
etag
"d615d8c890c272a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 15:51:20 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/v0/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265dbcfd7a53f73fe031b54f5a9565d7462582b46a58536fbc2fc09e60f9964
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 15:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10096
x-xss-protection
0
server
sffe
etag
"645e51d47a4dfe5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 15:51:20 GMT
amp-install-serviceworker-0.1.mjs
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a038b242b7d495077ab44e2e03e6c48b2388c6ae8b90958ba41409002feab65
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 15:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2381
x-xss-protection
0
server
sffe
etag
"30108b58a8187bda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 15:51:20 GMT
amp-youtube-0.1.mjs
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29281944422b1d84167de6ad0a46b44b01fede15b74036c04e493baf834da72d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 15:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10360
x-xss-protection
0
server
sffe
etag
"d9263b17d26f0ea1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 15:51:20 GMT
amp-accordion-0.1.mjs
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebca8d53c338c2c5763357aba257a88c2d4e43568d70973abe0fcaa9a0d140e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 15:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4884
x-xss-protection
0
server
sffe
etag
"93ea8e385db15afa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 15:51:20 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logo_gastogel_fix.png
cdqingmu.com/gasimg/
Redirect Chain
  • https://rebrand.ly/gaslogo
  • https://cdqingmu.com/gasimg/logo_gastogel_fix.png
186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdqingmu.com/gasimg/logo_gastogel_fix.png
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Server
68.65.123.56 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server272-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7e04b5c3929bdeaa6e68f0b498546d8302017b8473d527c177e79b1179f81d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:21 GMT
last-modified
Thu, 02 Feb 2023 07:28:57 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
190733
expires
Tue, 14 Mar 2023 15:51:21 GMT

Redirect headers

location
https://cdqingmu.com/gasimg/logo_gastogel_fix.png
date
Tue, 07 Mar 2023 15:51:20 GMT
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000
engine
Rebrandly.redirect, version 2.1
content-length
0
expires
-1
wa.png
i.ibb.co/GM3QTrG/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/GM3QTrG/wa.png
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:20 GMT
last-modified
Thu, 01 Sep 2022 05:48:53 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
16025
expires
Thu, 31 Dec 2037 23:55:55 GMT
daftar.png
i.ibb.co/LZgt0S3/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/LZgt0S3/daftar.png
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
2034d4e112e537f7bb0118de49931a885210e2779ccc4c29d2728584d4b6be5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:20 GMT
last-modified
Thu, 01 Sep 2022 05:48:53 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
14847
expires
Thu, 31 Dec 2037 23:55:55 GMT
livechat-contact.png
i.ibb.co/XbJ09C8/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/XbJ09C8/livechat-contact.png
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
a65f2f0d46af0c1e9cdc46fa93d54c64975229141ad8a3815c495fa14ecfa06a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:20 GMT
last-modified
Tue, 31 May 2022 08:57:40 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2082
expires
Thu, 31 Dec 2037 23:55:55 GMT
00_qwluba.jpeg
cdqingmu.com/buku-mimpi/
Redirect Chain
  • https://rebrand.ly/mimpi00
  • https://cdqingmu.com/buku-mimpi/00_qwluba.jpeg
51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdqingmu.com/buku-mimpi/00_qwluba.jpeg
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Server
68.65.123.56 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server272-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
18b5b9c4b4b9acbc8217f99f5edbd2f7f03d482017c2d4f2f5d12cf9aa7f5ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:21 GMT
last-modified
Thu, 02 Feb 2023 05:08:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
51719
expires
Tue, 14 Mar 2023 15:51:21 GMT

Redirect headers

location
https://cdqingmu.com/buku-mimpi/00_qwluba.jpeg
date
Tue, 07 Mar 2023 15:51:20 GMT
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000
engine
Rebrandly.redirect, version 2.1
content-length
0
expires
-1
01_edxutp.jpeg
cdqingmu.com/buku-mimpi/
Redirect Chain
  • https://rebrand.ly/mimpi01
  • https://cdqingmu.com/buku-mimpi/01_edxutp.jpeg
38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdqingmu.com/buku-mimpi/01_edxutp.jpeg
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Server
68.65.123.56 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server272-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e0ba4911244261429055242beb2dcd7b28717ec1e36050713e6c16cf115d2732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:21 GMT
last-modified
Thu, 02 Feb 2023 05:08:57 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
39298
expires
Tue, 14 Mar 2023 15:51:21 GMT

Redirect headers

location
https://cdqingmu.com/buku-mimpi/01_edxutp.jpeg
date
Tue, 07 Mar 2023 15:51:20 GMT
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000
engine
Rebrandly.redirect, version 2.1
content-length
0
expires
-1
02_ifsbyt.jpeg
cdqingmu.com/buku-mimpi/
Redirect Chain
  • https://rebrand.ly/mimpi02
  • https://cdqingmu.com/buku-mimpi/02_ifsbyt.jpeg
45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdqingmu.com/buku-mimpi/02_ifsbyt.jpeg
Requested by
Host: buku-mimpi3.govdelivery.com
URL: https://buku-mimpi3.govdelivery.com/
Protocol
H2
Server
68.65.123.56 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server272-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
ab6d22176cf02addce9ae71b7daa2d28de6c79190a74c7fe6e0ce5299d249c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buku-mimpi3.govdelivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 15:51:21 GMT
last-modified
Thu, 02 Feb 2023 05:08:57 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
46295
expires
Tue, 14 Mar 2023 15:51:21 GMT

Redirect headers

location
https://cdqingmu.com/buku-mimpi/02_ifsbyt.jpeg
date
Tue, 07 Mar 2023 15:51:20 GMT
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000
engine
Rebrandly.redirect, version 2.1
content-length
0
expires
-1
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72e4aec8536dc0de9fd42e177a5454630ca542bae3f2433303082a12f06a3479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 22:01:26 GMT
age
582594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2831
x-xss-protection
0
server
sffe
etag
"74b88f8132333be6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Feb 2024 22:01:26 GMT
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012302171719000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e9f6302e6a6a82a4a82d61e41109e137c5eed6ef951a6e46477c959935daea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buku-mimpi3.govdelivery.com/
Origin
https://buku-mimpi3.govdelivery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 22:01:26 GMT
age
582594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3905
x-xss-protection
0
server
sffe
etag
"d0dc167c8e45fc81"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Feb 2024 22:01:26 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_MODE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buku-mimpi3.govdelivery.com
cdn.ampproject.org
cdqingmu.com
i.ibb.co
rebrand.ly
162.19.58.159
2620:12a:8000::4
2a00:1450:4001:82a::2001
3.216.183.198
68.65.123.56
1154fd6eba1bc679f60d4922820d558a9b2c9b41b99e5fe8730c5221f777f376
18b5b9c4b4b9acbc8217f99f5edbd2f7f03d482017c2d4f2f5d12cf9aa7f5ffc
1e9f6302e6a6a82a4a82d61e41109e137c5eed6ef951a6e46477c959935daea3
2034d4e112e537f7bb0118de49931a885210e2779ccc4c29d2728584d4b6be5c
29281944422b1d84167de6ad0a46b44b01fede15b74036c04e493baf834da72d
3455dcfb03d84c6ffd8be77bfdf1cec7317faa11a15d775d179fb81d945422ec
5a038b242b7d495077ab44e2e03e6c48b2388c6ae8b90958ba41409002feab65
72e4aec8536dc0de9fd42e177a5454630ca542bae3f2433303082a12f06a3479
79eab34d549f879673c033523288fa966485273fdf8af671cbb973fa337b13f9
7e04b5c3929bdeaa6e68f0b498546d8302017b8473d527c177e79b1179f81d32
8265dbcfd7a53f73fe031b54f5a9565d7462582b46a58536fbc2fc09e60f9964
a65f2f0d46af0c1e9cdc46fa93d54c64975229141ad8a3815c495fa14ecfa06a
ab6d22176cf02addce9ae71b7daa2d28de6c79190a74c7fe6e0ce5299d249c1b
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
cebca8d53c338c2c5763357aba257a88c2d4e43568d70973abe0fcaa9a0d140e
e0ba4911244261429055242beb2dcd7b28717ec1e36050713e6c16cf115d2732
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262