urlscan.io logo urlscan.io
SecurityTrails logo

ipm.oreon.ai Open in urlscan Pro
103.16.198.161  Public Scan

Go To Rescan Add Verdict Report
URL: https://ipm.oreon.ai/jatim-ai-summit/
Submission: On November 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 29 HTTP transactions. The main IP is 103.16.198.161, located in Indonesia and belongs to IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID. The main domain is ipm.oreon.ai.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 10th 2021. Valid for: 3 months.
This is the only time ipm.oreon.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 103.16.198.161 131775 (IDNIC-JAL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 8
8    103.16.198.161 (Indonesia)

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: japarshare.jogjahost.com
ipm.oreon.ai
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 ipm.oreon.ai ipm.oreon.ai
6 www.gstatic.com docs.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com docs.google.com
3 cdnjs.cloudflare.com ipm.oreon.ai
cdnjs.cloudflare.com
2 docs.google.com ipm.oreon.ai
www.gstatic.com
2 cdn.jsdelivr.net ipm.oreon.ai
1 ssl.gstatic.com www.gstatic.com
29 8

This site contains no links.

Subject Issuer Validity Valid
ipm.oreon.ai
cPanel, Inc. Certification Authority		 2021-11-10 -
2022-02-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ipm.oreon.ai/jatim-ai-summit/
Frame ID: 97D3F6003E21889513DA988038F442BD
Requests: 13 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Frame ID: 1CE154E0BC416045B296503C07B2530F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JATIM AI Summit - Prakarsa Muda 2021

Page Statistics

29
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

2198 kB
Transfer

4096 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ipm.oreon.ai/jatim-ai-summit/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
3f3b8fa9ce9462d4005f8cb697715034cde20ece7ea344fc438731f453be3c07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Mon, 15 Nov 2021 08:53:00 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
3537
date
Mon, 15 Nov 2021 10:43:35 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1683994
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19169-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ae7e129295c42cf-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3344866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOYy0VmQ%2FHj%2F5OdhM8aXoaCce1TUWpryzd2%2BRHZ8XsKyd2vvg7fXP%2B8hxb3lQjsug7XwBOOsRxaP4wCl%2B3BaIQ8YbqqNPXFZsSHJJewO3R2F14CWtlULzBnsYQI467JXQjHmO84n%2B8EQWLb3yFOljkDr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae7e1292cb9690d-FRA
expires
Sat, 05 Nov 2022 10:43:36 GMT
jatim-ai-summit-banner.png
ipm.oreon.ai/jatim-ai-summit/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/jatim-ai-summit-banner.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
6f6c0864b2634f9f25d47262902e248db330882e3effc2458924ddfef08b7c80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:02 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
188562
expires
Mon, 22 Nov 2021 10:43:36 GMT
register-poster.png
ipm.oreon.ai/jatim-ai-summit/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/register-poster.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
aa5c752d3b66e181c92c9b5c445cac1fa7255a554548e2e9c510b7491902f8e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:02 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
263797
expires
Mon, 22 Nov 2021 10:43:36 GMT
facemask.png
ipm.oreon.ai/jatim-ai-summit/sc-image/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/sc-image/facemask.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
7384fd818ae91717b44b2fd122c6e69d08b95fd4146db3baba8ada00a682d67f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:21 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
70619
expires
Mon, 22 Nov 2021 10:43:36 GMT
mriksohoax.png
ipm.oreon.ai/jatim-ai-summit/sc-image/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/sc-image/mriksohoax.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
0200fee9317e05f1d6376660443f80b5c187560836cd1290993bea02f79bcd67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
39838
expires
Mon, 22 Nov 2021 10:43:36 GMT
healthcare.png
ipm.oreon.ai/jatim-ai-summit/sc-image/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/sc-image/healthcare.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
7ae3376f18c894e773cf93804d4ba712896b774575df7da126e4d3ce558cb6ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
198344
expires
Mon, 22 Nov 2021 10:43:36 GMT
eyestrain.png
ipm.oreon.ai/jatim-ai-summit/sc-image/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/sc-image/eyestrain.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
bb0a42e61a519b01b8cbcf94a0012811c5304a35812ed6547d27999b6bf5e0c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
89925
expires
Mon, 22 Nov 2021 10:43:36 GMT
schoolattendance.png
ipm.oreon.ai/jatim-ai-summit/sc-image/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.oreon.ai/jatim-ai-summit/sc-image/schoolattendance.png
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.16.198.161 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
japarshare.jogjahost.com
Software
LiteSpeed /
Resource Hash
d148956006c614de8a922cd1ae98d1bfd77bc04f44ac9fa8aa2658a058028ae2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/jatim-ai-summit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
last-modified
Sat, 13 Nov 2021 10:26:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
72289
expires
Mon, 22 Nov 2021 10:43:36 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1778197
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19127-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ae7e129296042cf-FRA
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/js/ 		1 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/js/all.min.js
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1502632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
363853
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-58d4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGwR0xFhCFVyQ0aXA%2F8agPwsGoqWv4nJmPSw1xMzkZf25wGrZ46CyswctxJAXn5itUss0%2BOMPQ5AoFULB%2FbXPuQaJvJ7J36%2BztY12AtBnaLnBWazGs7V%2F6NeFv0rzg2efXbX8%2Bxehv1NhAdzAL9Cb2lr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae7e1292cbf690d-FRA
expires
Sat, 05 Nov 2022 10:43:36 GMT
viewform
docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/ Frame 1CE1 		123 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Requested by
Host: ipm.oreon.ai
URL: https://ipm.oreon.ai/jatim-ai-summit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97643a51dc52f68e5b0ede0052d16b492d5c5ae2cf56a7464a803ce06f903909
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-z+hrJ6D7Jo/QNqzZXZLFZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ipm.oreon.ai/

Response headers

content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 15 Nov 2021 10:43:36 GMT
content-encoding
gzip
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-z+hrJ6D7Jo/QNqzZXZLFZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
alt-svc
clear
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://ipm.oreon.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:43:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8843180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Wed, 04 Aug 2021 22:34:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"610b15f4-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1YVOiV7JxEqZef9nr62OcAiu9bXG8nD4TVjtWKip7FOI7bRiQIILgCG5Rwoa3DX9VvYI86eUitFBQitqmJJEXE3MVXenJPkk%2FSlydJV1B%2B3Y8s0naD%2Bs0ThX7RiuuhM9ErDOzkNk4qPjYj9uK8sF8SJ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae7e1298f542c3a-FRA
expires
Sat, 05 Nov 2022 10:43:36 GMT
icon
fonts.googleapis.com/ Frame 1CE1 		616 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63db7c920b5cdf3b5a0176f1181d79f9fa59eeaaddd6a851dfdd33420251865a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 10:43:36 GMT
server
ESF
date
Mon, 15 Nov 2021 10:43:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 10:43:36 GMT
rs=AMjVe6hHc3yyPa_X8Yy8PRaP8eUbssIBRA
www.gstatic.com/_/freebird/_/ss/k=freebird.v.1rxvb7kk30lc0.L.W.O/d=1/ Frame 1CE1 		406 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.1rxvb7kk30lc0.L.W.O/d=1/rs=AMjVe6hHc3yyPa_X8Yy8PRaP8eUbssIBRA
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2703d4b9c95a3e7bc676bb09190ec0e1c93052102c51b5901c98f0fea85f16b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
50958
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 19:29:19 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Wed, 09 Nov 2022 21:29:44 GMT
css
fonts.googleapis.com/ Frame 1CE1 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:40:45 GMT
server
ESF
date
Mon, 15 Nov 2021 10:43:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 10:43:36 GMT
css
fonts.googleapis.com/ Frame 1CE1 		1 KB
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 10:42:54 GMT
server
ESF
date
Mon, 15 Nov 2021 10:43:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 10:43:36 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 1CE1 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81213
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
689
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 14 Nov 2022 12:10:03 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=1/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/ Frame 1CE1 		338 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=1/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
915c1027ce9c648dbf9689df308994ed238224c53305cca799616d3211f3a822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
112084
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 21:22:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Sat, 12 Nov 2022 04:15:56 GMT
qp_sprite154.svg
ssl.gstatic.com/docs/forms/ Frame 1CE1 		115 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/forms/qp_sprite154.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.1rxvb7kk30lc0.L.W.O/d=1/rs=AMjVe6hHc3yyPa_X8Yy8PRaP8eUbssIBRA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
311043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13435
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 19:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Fri, 11 Nov 2022 20:19:33 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1CE1 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 18:31:12 GMT
x-content-type-options
nosniff
age
317544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 18:31:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1CE1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
248628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:39:48 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1CE1 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:24:29 GMT
x-content-type-options
nosniff
age
249547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:24:29 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame 1CE1 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 08:56:07 GMT
x-content-type-options
nosniff
age
352049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35140
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 08:56:07 GMT
m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy14,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9a...
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=0/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/ Frame 1CE1 		421 KB
422 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=0/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy14,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,eFy6Rc,syr,KornIe,sy2p,gZjhIf,syg,syj,syh,sy1r,sy13,sy1s,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,wPRNsd,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2y,sy2z,sy30,I6YDgd,sy3k,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy16,p2tbsc,sy20,sy21,sy22,sy23,LxALBf,sy1y,sy4d,sy4e,sy4f,sy37,WdhPgc,sy4h,sy2x,sy3p,sy43,sy4c,sy4j,yDXup,sy1v,QwQO1b,sbHRWb,hYei2d,ok0nye,SM1lmd,sy34,sy47,sy44,sy4k,ayGULb,pA3VNb,sy1x,pFu8T,TOfxwf,sy45,sy46,JCrucd,vofJp,riEgMd,sy4i,sjEN0c,lSvzH,sy4w,AgZ6Hc,sy1w,sy40,sy41,sy49,sy4a,sy4b,sy48,RGrRJf,OkF2xb,oZECf,yUS4Lc,KOZzeb,sy4g,oCiKKc,D8e5bc,j0HcBf,UmOCme
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=1/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=viewer_base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bfb7544f0d054f1c913104df0ef85bc05f49aa85f19a542fb09e6e9906f65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:20:27 GMT
x-content-type-options
nosniff
age
292989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
431503
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 21:22:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Sat, 12 Nov 2022 01:20:27 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame 1CE1 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=0/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy14,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,eFy6Rc,syr,KornIe,sy2p,gZjhIf,syg,syj,syh,sy1r,sy13,sy1s,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,wPRNsd,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2y,sy2z,sy30,I6YDgd,sy3k,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy16,p2tbsc,sy20,sy21,sy22,sy23,LxALBf,sy1y,sy4d,sy4e,sy4f,sy37,WdhPgc,sy4h,sy2x,sy3p,sy43,sy4c,sy4j,yDXup,sy1v,QwQO1b,sbHRWb,hYei2d,ok0nye,SM1lmd,sy34,sy47,sy44,sy4k,ayGULb,pA3VNb,sy1x,pFu8T,TOfxwf,sy45,sy46,JCrucd,vofJp,riEgMd,sy4i,sjEN0c,lSvzH,sy4w,AgZ6Hc,sy1w,sy40,sy41,sy49,sy4a,sy4b,sy48,RGrRJf,OkF2xb,oZECf,yUS4Lc,KOZzeb,sy4g,oCiKKc,D8e5bc,j0HcBf,UmOCme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbc3a64eaad9f7374ceb9b0ee0d1206eaf2b4862ef574c137b4c560a9aa0cbc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 10:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28676
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 19:34:21 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="product-feedback-gathering"
expires
Mon, 15 Nov 2021 11:22:08 GMT
m=sy42,sWGJ4b,syo,syn,syp,sy4r,EGNJFf,iSvg6e,sy4q,uY3Nvd
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=0/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/ Frame 1CE1 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=0/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=sy42,sWGJ4b,syo,syn,syp,sy4r,EGNJFf,iSvg6e,sy4q,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=1/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=viewer_base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95ff3d05026a993f5b7034c63829b90bdf866b3b8023d84633c09860b4df08f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:21:34 GMT
x-content-type-options
nosniff
age
321723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
48383
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 21:22:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Fri, 11 Nov 2022 17:21:34 GMT
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/ Frame 1CE1 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.8e-aPSHAW4E.O/d=1/rs=AMjVe6jMfc_9TMvkxXh6I7e2wMr_zrp0Sg/m=viewer_base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Eennx7eBSa5LnkcLEbffSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw/viewform?embedded=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 10:43:37 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Eennx7eBSa5LnkcLEbffSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc
clear
server
GSE
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler number| uidEvent object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

3 Cookies

Domain/Path Name / Value
.docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw Name: S
Value: spreadsheet_forms=Ng01aRHQvpLwHhE3n4rSHMaTg1HS8M6Uz_8hPdBRUUk
.docs.google.com/forms/d/e/1FAIpQLSfkugDHjan2NSqLV7KdWT5E644D1-EqGkyjg-cVFzc736b4Hw Name: COMPASS
Value: spreadsheet_forms=CjIACWuJVzZJU-JRUQld-V8psne4JukZcHGCnnEwemnpadj4RjL8cVVyB1GNFMpMEM2pnxDoj8mMBho0AAlriVfd5A7D3OmhErEVJrZSZM7pIGqg00dbMegwutIxjPnunRy3pQBNRStPmtjmb7MGZg==
.google.com/ Name: NID
Value: 511=aG8CrNMx2OdcrI-qctejcD5IkLA5BHZ-NzgnXbMUFLt2tw0xQQD4EYmP_kPnWNEVXG4YqkDow3NuooQnpsiLsaki-3ORgInFSVwBGc8cQbai-nLbUePKy6Alsx2y7YMP_TmlB9ppyrqMCSwbZrFu9xvGiObm1PGfC1Ihlh2fi9s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ipm.oreon.ai
ssl.gstatic.com
www.gstatic.com
103.16.198.161
2606:4700::6810:135e
2606:4700::6810:5514
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
0200fee9317e05f1d6376660443f80b5c187560836cd1290993bea02f79bcd67
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2703d4b9c95a3e7bc676bb09190ec0e1c93052102c51b5901c98f0fea85f16b0
3f3b8fa9ce9462d4005f8cb697715034cde20ece7ea344fc438731f453be3c07
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
63db7c920b5cdf3b5a0176f1181d79f9fa59eeaaddd6a851dfdd33420251865a
6bfb7544f0d054f1c913104df0ef85bc05f49aa85f19a542fb09e6e9906f65c5
6f6c0864b2634f9f25d47262902e248db330882e3effc2458924ddfef08b7c80
7384fd818ae91717b44b2fd122c6e69d08b95fd4146db3baba8ada00a682d67f
7ae3376f18c894e773cf93804d4ba712896b774575df7da126e4d3ce558cb6ff
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
915c1027ce9c648dbf9689df308994ed238224c53305cca799616d3211f3a822
95ff3d05026a993f5b7034c63829b90bdf866b3b8023d84633c09860b4df08f4
97643a51dc52f68e5b0ede0052d16b492d5c5ae2cf56a7464a803ce06f903909
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
aa5c752d3b66e181c92c9b5c445cac1fa7255a554548e2e9c510b7491902f8e7
bb0a42e61a519b01b8cbcf94a0012811c5304a35812ed6547d27999b6bf5e0c4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d148956006c614de8a922cd1ae98d1bfd77bc04f44ac9fa8aa2658a058028ae2
dbc3a64eaad9f7374ceb9b0ee0d1206eaf2b4862ef574c137b4c560a9aa0cbc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3