urlscan.io logo urlscan.io
SecurityTrails logo

merenimpost.com Open in urlscan Pro
203.161.184.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.merenimpost.com/
Effective URL: https://merenimpost.com/
Submission: On December 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 203.161.184.27, located in Indonesia and belongs to JOGJACAMP-AS-ID PT JC Indonesia, ID. The main domain is merenimpost.com.
TLS certificate: Issued by R3 on December 7th 2021. Valid for: 3 months.
This is the only time merenimpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    203.161.184.27 (Indonesia)

ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID)
PTR: pringgokusuman.idweb.host
www.merenimpost.com
merenimpost.com
8    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
8 c0.wp.com merenimpost.com
7 merenimpost.com merenimpost.com
6 pagead2.googlesyndication.com merenimpost.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 i0.wp.com merenimpost.com
4 i1.wp.com merenimpost.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 i2.wp.com merenimpost.com
1 www.google.com tpc.googlesyndication.com
1 pixel.wp.com merenimpost.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.wp.com merenimpost.com
1 www.googletagmanager.com merenimpost.com
1 www.merenimpost.com 1 redirects
45 17

This site contains no links.

Subject Issuer Validity Valid
merenimpost.com
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://merenimpost.com/
Frame ID: E014D50BF9848C33FDF7050F1145435F
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: BFDF3726366B07827EADEF76E21F1FD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9691492819470406&output=html&adk=1812271804&adf=3025194257&lmt=1638853340&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmerenimpost.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638854002979&bpp=2&bdt=1259&idt=85&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7567953157332&frm=20&pv=2&ga_vid=492871653.1638854003&ga_sid=1638854003&ga_hid=335055515&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31063825%2C31063865&oid=2&pvsid=195445444422102&pem=850&tmod=311042126&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96
Frame ID: EA48B3A4CF5E3E6003A3DB218A7715BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26237EE4D26DA9CC73B39B69A769BFDA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3E8B5B3A31FA6A24D8415F79FD90C79
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Merenim Post

Page URL History Show full URLs

  1. https://www.merenimpost.com/ HTTP 301
    https://merenimpost.com/ Page URL

Page Statistics

45
Requests

100 %
HTTPS

62 %
IPv6

9
Domains

17
Subdomains

14
IPs

3
Countries

792 kB
Transfer

1593 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.merenimpost.com/ HTTP 301
    https://merenimpost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
merenimpost.com/
Redirect Chain
  • https://www.merenimpost.com/
  • https://merenimpost.com/
80 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PHP/7.2.34 PleskLin
Resource Hash
2b6ea6eedb65fe279eeb2d4ba45901634f9f503641cdca33ad3f68b040beb7c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34 PleskLin
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Cookie
cache-control
max-age=3, must-revalidate
last-modified
Tue, 07 Dec 2021 05:02:20 GMT
content-length
17354
content-encoding
br
date
Tue, 07 Dec 2021 05:13:21 GMT
server
LiteSpeed

Redirect headers

x-powered-by
PHP/7.2.34 PleskLin
vary
Accept-Encoding, Cookie
content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://merenimpost.com/
content-length
0
date
Tue, 07 Dec 2021 05:13:21 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.min.css
c0.wp.com/c/5.7.4/wp-includes/css/dist/block-library/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
style.css
merenimpost.com/wp-content/themes/Newspaper/ 		146 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-content/themes/Newspaper/style.css?ver=11
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
etag
"24641-60cbd8eb-e6c4f1ac51675fdd;br"
last-modified
Thu, 17 Jun 2021 23:21:15 GMT
server
LiteSpeed
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23858
expires
Tue, 14 Dec 2021 05:13:22 GMT
jetpack.css
c0.wp.com/p/jetpack/10.3/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/css/jetpack.css
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
jquery.min.js
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/jquery.min.js
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-174181816-1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
997a1d144c27c7160e7dcbc4147faa75944532b82dc5e96e0681d565d834b030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36171
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Dec 2021 05:13:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9691492819470406
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ebdecee815585104ed6c735c8090f90ce9418c5c627c1d5d04451ee01a940e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://merenimpost.com/
Origin
https://merenimpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51953
x-xss-protection
0
server
cafe
etag
9227157624721018892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 05:13:22 GMT
KODIM.jpg
i0.wp.com/merenimpost.com/wp-content/uploads/2020/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/merenimpost.com/wp-content/uploads/2020/10/KODIM.jpg?fit=696%2C465&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
86d2c6c56bfbf1c3df20755055d7553e8a559215ad2c2d6d7a8f84b46aa5df3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 07 Dec 2021 05:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:27 GMT
server
nginx
etag
"5e67ef5e337d5a35"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2020/10/KODIM.jpg>; rel="canonical"
content-length
38584
expires
Thu, 07 Dec 2023 17:13:27 GMT
bintalsik-1.jpg
i2.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/merenimpost.com/wp-content/uploads/2021/12/bintalsik-1.jpg?fit=696%2C381&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4afd323643ca5e8298b636766bc11281f0fe0857901ab96c6e518e22f0e3fa88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 07 Dec 2021 05:13:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:26 GMT
server
nginx
etag
"7d065c786627f29e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/bintalsik-1.jpg>; rel="canonical"
content-length
35704
expires
Thu, 07 Dec 2023 17:13:26 GMT
pedagang.jpg
i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/pedagang.jpg?fit=696%2C392&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cb8d45ee8148d4afc279c87e1e00829367788929cb7b65c982565801dde36d0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"02fe9d57d32b5d8a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/pedagang.jpg>; rel="canonical"
content-length
34190
expires
Thu, 07 Dec 2023 17:13:25 GMT
kejari-2.jpg
i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/kejari-2.jpg?fit=696%2C325&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
5c14ba166122f719fed7a3f6a2f6aeaaa37cb881207c9b332bd85df55999f1bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 07 Dec 2021 05:13:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:24 GMT
server
nginx
etag
"b4fc347ee0ca343b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/kejari-2.jpg>; rel="canonical"
content-length
30620
expires
Thu, 07 Dec 2023 17:13:24 GMT
twk.jpg
i2.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/merenimpost.com/wp-content/uploads/2021/12/twk.jpg?fit=696%2C480&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b1c6c8251971d3d42c51d4cd426cd2a666235c9e1d64be500131450886be4e11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"2a676a275b2d3015"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/twk.jpg>; rel="canonical"
content-length
24026
expires
Thu, 07 Dec 2023 17:13:25 GMT
dis.jpg
i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/dis.jpg?fit=696%2C464&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
016196b3befba83973a2ae67ef5c9b7a429c2f13079df448999a337ad6aad632
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"d3a2b169df648684"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/dis.jpg>; rel="canonical"
content-length
37214
expires
Thu, 07 Dec 2023 17:13:25 GMT
tppkk.jpg
i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/tppkk.jpg?fit=696%2C466&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
99bd688af8ddf8b7a57c8f459ea7460a38598e3aa428de34c88b22c9ec8f61b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"00159efc48059fb2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/tppkk.jpg>; rel="canonical"
content-length
51834
expires
Thu, 07 Dec 2023 17:13:25 GMT
jembatan.jpg
i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/jembatan.jpg?fit=696%2C514&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
49b047130518ca171e7d411b968431d8bf53df5e38e09c0ea73095e6f643cd3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 07 Dec 2021 05:13:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:23 GMT
server
nginx
etag
"184d9cf2be3cac1b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/jembatan.jpg>; rel="canonical"
content-length
30696
expires
Thu, 07 Dec 2023 17:13:23 GMT
korban.jpg
i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/korban.jpg?fit=696%2C446&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
d4afad78840631c0e0153142df199535736e0f581e0ab25be8387a7b570a297e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"8342795c85e478a6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/korban.jpg>; rel="canonical"
content-length
8874
expires
Thu, 07 Dec 2023 17:13:25 GMT
amblas.jpg
i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/merenimpost.com/wp-content/uploads/2021/12/amblas.jpg?fit=696%2C392&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b54665bc7ea198b2d9e8476146584f30d5c705449bbf003d1574c925d25757e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"e7bd528d2b10565c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/amblas.jpg>; rel="canonical"
content-length
77768
expires
Thu, 07 Dec 2023 17:13:25 GMT
wp-emoji-release.min.js
merenimpost.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
br
etag
"3795-607668d7-adfb20d01a9d29b4;br"
last-modified
Wed, 14 Apr 2021 04:00:23 GMT
server
LiteSpeed
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4316
expires
Tue, 14 Dec 2021 05:13:23 GMT
erupsi.jpg
i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/merenimpost.com/wp-content/uploads/2021/12/erupsi.jpg?fit=696%2C453&ssl=1
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4c2c7e6d18f1d76998c08e637db690aa739227210beb981e2f139609c603cd9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 07 Dec 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 05:13:25 GMT
server
nginx
etag
"a24c58fcdb2312fb"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://merenimpost.com/wp-content/uploads/2021/12/erupsi.jpg>; rel="canonical"
content-length
43598
expires
Thu, 07 Dec 2023 17:13:25 GMT
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
tagdiv-theme.min.js
merenimpost.com/wp-content/themes/Newspaper/includes/js/ 		2 KB
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-content/themes/Newspaper/includes/js/tagdiv-theme.min.js?ver=11
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
38232cb82063d4e9e7da447325f6c72cf285d07ee9a06c3505b77a0e27ac7d5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
etag
"74d-60cbd8e6-3729ecebcc4601af;br"
last-modified
Thu, 17 Jun 2021 23:21:10 GMT
server
LiteSpeed
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
544
expires
Tue, 14 Dec 2021 05:13:22 GMT
intersection-observer.js
merenimpost.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
etag
"2394-6181c6f1-e17088a970bd0ecb;br"
last-modified
Tue, 02 Nov 2021 23:17:05 GMT
server
LiteSpeed
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2946
expires
Tue, 14 Dec 2021 05:13:22 GMT
lazy-images.js
merenimpost.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
br
etag
"98f-6181c6f1-8916c411582c9e6;br"
last-modified
Tue, 02 Nov 2021 23:17:05 GMT
server
LiteSpeed
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
955
expires
Tue, 14 Dec 2021 05:13:23 GMT
wp-embed.min.js
c0.wp.com/c/5.7.4/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.4/wp-includes/js/wp-embed.min.js
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:13:22 GMT
e-202149.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202149.js
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 07 Dec 2021 05:13:22 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 28 Nov 2022 01:11:56 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
merenimpost.com/wp-content/themes/Newspaper/images/icons/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://merenimpost.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/wp-content/themes/Newspaper/style.css?ver=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.161.184.27 , Indonesia, ASN46050 (JOGJACAMP-AS-ID PT JC Indonesia, ID),
Reverse DNS
pringgokusuman.idweb.host
Software
LiteSpeed / PleskLin
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer
https://merenimpost.com/wp-content/themes/Newspaper/style.css?ver=11
Origin
https://merenimpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:23 GMT
last-modified
Thu, 17 Jun 2021 23:21:10 GMT
server
LiteSpeed
x-powered-by
PleskLin
etag
"6120-60cbd8e6-ba84a660917995de;;;"
content-type
application/font-woff
accept-ranges
bytes
content-length
24864
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 		273 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9691492819470406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed8cff9c9313f48ce3fc9b59b745429d35d7755fe4ebc0440330ea34da8d8655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100884
x-xss-protection
0
server
cafe
etag
5771417635821626959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 05:13:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame BFDF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9691492819470406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 06 Dec 2021 21:23:19 GMT
expires
Mon, 20 Dec 2021 21:23:19 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
28204
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174181816-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5900
date
Tue, 07 Dec 2021 03:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 05:35:03 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=335055515&t=pageview&_s=1&dl=https%3A%2F%2Fmerenimpost.com%2F&ul=en-us&de=UTF-8&dt=Merenim%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1846240364&gjid=1236177000&cid=492871653.1638854003&tid=UA-174181816-1&_gid=1129329061.1638854003&_r=1&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1895641179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://merenimpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 05:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://merenimpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=merenimpost.com&callback=_gfp_s_&client=ca-pub-9691492819470406
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
24f50e21fbef85a10bd61dd1ac81fad4148d760f17a4bf9bc090da71ea9fd8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=merenimpost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=merenimpost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Dec 2021 05:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA48 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9691492819470406&output=html&adk=1812271804&adf=3025194257&lmt=1638853340&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmerenimpost.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638854002979&bpp=2&bdt=1259&idt=85&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7567953157332&frm=20&pv=2&ga_vid=492871653.1638854003&ga_sid=1638854003&ga_hid=335055515&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31063825%2C31063865&oid=2&pvsid=195445444422102&pem=850&tmod=311042126&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Dec 2021 05:13:23 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 07 Dec 2021 05:13:23 GMT
cache-control
private
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=178765660&post=0&tz=0&srv=merenimpost.com&host=merenimpost.com&ref=&fcp=4089&rand=0.5887019517527508
Requested by
Host: merenimpost.com
URL: https://merenimpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Dec 2021 05:13:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d2bde7fef1fefaf3ef059d768da364669c34d2d82c247d3f5126f1c16ccdc0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Dec 2021 05:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8572
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9691492819470406&plah=merenimpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Tue, 07 Dec 2021 05:13:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2623 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 06 Dec 2021 21:26:05 GMT
expires
Tue, 06 Dec 2022 21:26:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E3E8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3d1498725d0131e09c9da68954f812a5b76743ceef2a0ea137805c7a8dd7cbd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9bo848BtSlLZk7FejSXreQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 07 Dec 2021 05:13:27 GMT
date
Tue, 07 Dec 2021 05:13:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9bo848BtSlLZk7FejSXreQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame 2623 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 18:12:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
126068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 18:12:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E3E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=195445444422102&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=195445444422102&bg=!urmluf3NAAaQHwIOkB87ACkAdvg8WlR3czStxDuwn78ahbzqB2d0XGHWXkhFxs8r9sz40ms-69q2bgIAAABJUgAAAApoAQcKAJ8C9E6ZY7PovUzM46GIlCRg1OdOqLTfEmCm4zTpg0yy6GR6hA6vyybAHhWKHOyjdMqT8RhLuBjQPHfpVS709D3DILuucAJ3esW8q4lEkUDuIuCgeS6tfBohzZa6qrnYlitjNI96mcZbWkT7EZEENwjTsOzUVLJHtST5f1uounX1ApEEe1BWGGwB9w7rHYPpEhh4ITu-nKUW4Aplt9y8HNyZArPfZRJp1SNGpY67sK-e2uqowvY_rgrj3AjUPDFapg6HaEH-w3M0axRiF1bsH1TnExa8cY2G8YU1MO524XQKZIAzarCHurMzQ25TuBFeoJpoWHiXuodjynwyp3q6RtFQO9r_VlSN6-ztEiqAZpLI3RtsR7Vawt-L_NitBlv9Qs-lHyCI3eQ_ndeeySkiL135HuBMvq4zKmHMJ2rsbqKBrfsR19JmWXZBZZ-7wL83XXR26KzsfzF6XsPzX3M2eKc8Wa-SgYVl_3T25Ln7mt28Y6_BmeuQnWeYSMpDc6zLK5JnRSwycpSeT8-DMpqPGFh1ru6CjtUXCNe8KXMGEE1fkCBK24aTokkIG_VO9c3PviKfbkCrGf6OBvrmdirJZhf4zXnp63TVztM6l0wgf9J-L6l-fQzwiPkfYnYAUZvbhnsYqxhUDY5-tXRR_RuLPCAqbhNx9SWq8JzRA5mp6SVKE-HqwLXCiC0Nvl66eSRB8BN08Gw9gPRbPghGXtwU3LDf9iC0duxsSQqvpS7UAKZ2KYgsf3YkF-TAMgbUeuG5SiNExdnVbwHgolitD7k32sfc1UWtMTySVqQw1tWWyT2D69X9ifwpshCwo6KO96dms2CP4aYDBQnAwnoOapAEE9EKafYg0bql3V6_PZfAx08UURQ5-X8iHaaHFySB9A0D1zbdvkQF4ElNxHwdxw-UDFrKHtvZPWxtIraWx2cgRjxl3B6GMVYQISlVVCwAEnGep_1C4yZFn1e3Nk2DnRywAvPbhJ23J2Wb_ADs5cNSDKIhWSDuL2zPg0R-aC8LOEclxoIzlYhOQ93Hu1NrJcrAgIf-AFRR7iO6qdn2m6G5jahPltTpjAgjnaZl9w_XCAirIUp1UWecqln32KhQAWUohD6ewxvz1ASffpxiqJiz6LNfvDk-vN79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://merenimpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 05:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| tagdivSearch object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| jetpackLazyImagesL10n object| wp object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.merenimpost.com/ Name: _ga
Value: GA1.2.492871653.1638854003
.merenimpost.com/ Name: _gid
Value: GA1.2.1129329061.1638854003
.merenimpost.com/ Name: _gat_gtag_UA_174181816_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.merenimpost.com/ Name: __gads
Value: ID=20fef0a6ca7c746c-22f090433fcc00e0:T=1638854003:RT=1638854003:S=ALNI_MYvEkmmiixsdyR7wanTQFG3on9PQw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c0.wp.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
merenimpost.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.merenimpost.com
142.250.184.226
192.0.76.3
192.0.77.2
192.0.77.37
203.161.184.27
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016196b3befba83973a2ae67ef5c9b7a429c2f13079df448999a337ad6aad632
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
1d2bde7fef1fefaf3ef059d768da364669c34d2d82c247d3f5126f1c16ccdc0a
24f50e21fbef85a10bd61dd1ac81fad4148d760f17a4bf9bc090da71ea9fd8be
2b6ea6eedb65fe279eeb2d4ba45901634f9f503641cdca33ad3f68b040beb7c4
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897
38232cb82063d4e9e7da447325f6c72cf285d07ee9a06c3505b77a0e27ac7d5d
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
49b047130518ca171e7d411b968431d8bf53df5e38e09c0ea73095e6f643cd3a
4afd323643ca5e8298b636766bc11281f0fe0857901ab96c6e518e22f0e3fa88
4c2c7e6d18f1d76998c08e637db690aa739227210beb981e2f139609c603cd9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c14ba166122f719fed7a3f6a2f6aeaaa37cb881207c9b332bd85df55999f1bb
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
86d2c6c56bfbf1c3df20755055d7553e8a559215ad2c2d6d7a8f84b46aa5df3f
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
997a1d144c27c7160e7dcbc4147faa75944532b82dc5e96e0681d565d834b030
99bd688af8ddf8b7a57c8f459ea7460a38598e3aa428de34c88b22c9ec8f61b4
9ebdecee815585104ed6c735c8090f90ce9418c5c627c1d5d04451ee01a940e9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
b1c6c8251971d3d42c51d4cd426cd2a666235c9e1d64be500131450886be4e11
b54665bc7ea198b2d9e8476146584f30d5c705449bbf003d1574c925d25757e9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
cb8d45ee8148d4afc279c87e1e00829367788929cb7b65c982565801dde36d0a
d3d1498725d0131e09c9da68954f812a5b76743ceef2a0ea137805c7a8dd7cbd
d4afad78840631c0e0153142df199535736e0f581e0ab25be8387a7b570a297e
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ed8cff9c9313f48ce3fc9b59b745429d35d7755fe4ebc0440330ea34da8d8655
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1