urlscan.io logo urlscan.io
SecurityTrails logo

secure.lorimorrison.com Open in urlscan Pro
2606:4700::6811:d125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clients.lorimorrison.com/
Effective URL: https://secure.lorimorrison.com/portal?r_done=1
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 47 HTTP transactions. The main IP is 2606:4700::6811:d125, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.lorimorrison.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2022. Valid for: a year.
This is the only time secure.lorimorrison.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 2606:4700::68... 13335 (CLOUDFLAR...)
2 13 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:20e... 16509 (AMAZON-02)
2 11 2606:4700::68... 13335 (CLOUDFLAR...)
7 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
47 9
8    2606:4700::6811:d025 (United States)

ASN13335 (CLOUDFLARENET, US)
clients.lorimorrison.com
13    2606:4700::6811:cf25 (United States)

ASN13335 (CLOUDFLARENET, US)
lorimorrison.kartra.com
app.kartra.com
3    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:20eb:8e00:1c:2135:3780:21 (United States)

ASN16509 (AMAZON-02, US)
d2uolguxr56s4e.cloudfront.net
11    2606:4700::6811:d125 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.lorimorrison.com
7    2600:9000:21f3:c800:6:a951:7b00:21 (United States)

ASN16509 (AMAZON-02, US)
d1aettbyeyfilo.cloudfront.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 lorimorrison.com
clients.lorimorrison.com
secure.lorimorrison.com
179 KB
13 kartra.com
lorimorrison.kartra.com
app.kartra.com — Cisco Umbrella Rank: 117558
58 KB
12 cloudfront.net
d2uolguxr56s4e.cloudfront.net
d1aettbyeyfilo.cloudfront.net
1 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
4 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1595
16 KB
2 gstatic.com
fonts.gstatic.com
46 KB
47 6
Domain Requested by
11 secure.lorimorrison.com 2 redirects app.kartra.com
secure.lorimorrison.com
static.cloudflareinsights.com
8 lorimorrison.kartra.com 2 redirects secure.lorimorrison.com
lorimorrison.kartra.com
8 clients.lorimorrison.com 2 redirects static.cloudflareinsights.com
clients.lorimorrison.com
7 d1aettbyeyfilo.cloudfront.net secure.lorimorrison.com
5 app.kartra.com clients.lorimorrison.com
5 d2uolguxr56s4e.cloudfront.net clients.lorimorrison.com
secure.lorimorrison.com
3 fonts.googleapis.com clients.lorimorrison.com
secure.lorimorrison.com
3 static.cloudflareinsights.com clients.lorimorrison.com
secure.lorimorrison.com
2 fonts.gstatic.com fonts.googleapis.com
47 9

This site contains links to these domains. Also see Links.

Domain
lorimorrison.kartra.com
home.kartra.com
Subject Issuer Validity Valid
clients.lorimorrison.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
secure.lorimorrison.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.lorimorrison.com/portal?r_done=1
Frame ID: 1C7B31F2A4750D0A0991E38B3192E291
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lori Morrison Membership Portal

Page URL History Show full URLs

  1. https://clients.lorimorrison.com/ HTTP 302
    https://clients.lorimorrison.com/front/domain_validation?step=1&domain=clients.lorimorrison.com&url=https%3A%... HTTP 307
    https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=clients.lorimorrison.com&url=https%3A%... HTTP 307
    https://clients.lorimorrison.com/?r_done=1 Page URL
  2. http://clients.lorimorrison.com/portal HTTP 307
    https://clients.lorimorrison.com/portal Page URL
  3. https://secure.lorimorrison.com/portal HTTP 307
    https://secure.lorimorrison.com/front/domain_validation?step=1&domain=secure.lorimorrison.com&url=https%3A%2... HTTP 307
    https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=secure.lorimorrison.com&url=https%3A%2... HTTP 307
    https://secure.lorimorrison.com/portal?r_done=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

100 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

1348 kB
Transfer

4083 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clients.lorimorrison.com/ HTTP 302
    https://clients.lorimorrison.com/front/domain_validation?step=1&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F HTTP 307
    https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F HTTP 307
    https://clients.lorimorrison.com/?r_done=1 Page URL
  2. http://clients.lorimorrison.com/portal HTTP 307
    https://clients.lorimorrison.com/portal Page URL
  3. https://secure.lorimorrison.com/portal HTTP 307
    https://secure.lorimorrison.com/front/domain_validation?step=1&domain=secure.lorimorrison.com&url=https%3A%2F%2Fsecure.lorimorrison.com%2Fportal HTTP 307
    https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=secure.lorimorrison.com&url=https%3A%2F%2Fsecure.lorimorrison.com%2Fportal HTTP 307
    https://secure.lorimorrison.com/portal?r_done=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clients.lorimorrison.com/ HTTP 302
  • https://clients.lorimorrison.com/front/domain_validation?step=1&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F HTTP 307
  • https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F HTTP 307
  • https://clients.lorimorrison.com/?r_done=1
Request Chain 2
  • http://clients.lorimorrison.com/portal HTTP 307
  • https://clients.lorimorrison.com/portal

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
clients.lorimorrison.com/
Redirect Chain
  • https://clients.lorimorrison.com/
  • https://clients.lorimorrison.com/front/domain_validation?step=1&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F
  • https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=clients.lorimorrison.com&url=https%3A%2F%2Fclients.lorimorrison.com%2F
  • https://clients.lorimorrison.com/?r_done=1
717 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d05277680e60b3235e2a23fbcce3c32be006f5a74da04d16194c18c6b1b17e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7076698f5e3a01eb-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 02:09:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7076698c9b4d0229-ZRH
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 02:09:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://clients.lorimorrison.com/?r_done=1
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://clients.lorimorrison.com/
Origin
https://clients.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
707669906b2f23df-ZRH
portal
clients.lorimorrison.com/
Redirect Chain
  • http://clients.lorimorrison.com/portal
  • https://clients.lorimorrison.com/portal
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3542ecf6714db71dfb0ed3faad0b8d7fd7743c756b61f4938455ccee5aaac3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://clients.lorimorrison.com/?r_done=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
70766990bf4501eb-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 02:09:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://clients.lorimorrison.com/portal
Non-Authoritative-Reason
HSTS
rum
clients.lorimorrison.com/cdn-cgi/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://clients.lorimorrison.com/?r_done=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Sat, 07 May 2022 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://clients.lorimorrison.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
70766990bf4601eb-ZRH
vary
Origin
rum
clients.lorimorrison.com/cdn-cgi/ 		0
0
css
fonts.googleapis.com/ 		39 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c2044df01b07131d511e651196f03e31b6809a523edc562b4df1a88c3e83c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 02:09:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:09:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:09:14 GMT
new_bootstrap.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 		73 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/new_bootstrap.css
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8e00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14e8ad4b5405ed75fefc855cb00f8ca97ea87d2b70d35f930ef3fc9f9c4e2689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
d1xvSRkSfd8OjkOB2k2Ai53c7Tpsuod8
content-encoding
gzip
last-modified
Tue, 03 May 2022 13:33:51 GMT
server
AmazonS3
age
55580
etag
W/"864ae5aadfb9f1a8f8d9cf49fa0e7280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date
Fri, 06 May 2022 10:46:06 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
D6FOiuHR8aFY3k98KiXzCdRQmSHG0IIlGuuzJRcCBnsn3EB9L6DOJQ==
kartra_components.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ 		2 MB
164 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8e00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbd7c9e6d915b6e2fd07480766974b5769f786738f11f389b9bb301dde87703e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
qV6KlZhOSpEZpRBWxf6VWoBxOn29ZO3h
content-encoding
gzip
last-modified
Tue, 03 May 2022 13:33:51 GMT
server
AmazonS3
age
55580
etag
W/"297708e5d2e3675c213ea6d61632611a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date
Fri, 06 May 2022 10:46:06 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
bVwk8XdnCvflLT-M7StNIyw1cIq3bs8YN01lZdTGc5WTxKyGdkY3wA==
font-awesome.css
d2uolguxr56s4e.cloudfront.net/internal/kartra_fontawesome_icons/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/internal/kartra_fontawesome_icons/font-awesome.css
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8e00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bb441c2132383eff2066d48413e629dd2b7ac2120e5ce8e441b4a9459f19df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 10:43:14 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 13:11:53 GMT
server
AmazonS3
age
141961
etag
W/"30e0e65319a8ac914eb5fb7e5e97c4b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7iZOgmQxqSNz4j4hUYbq5VpanxDUwHBI
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
text/css
x-amz-cf-id
3cRuHRu4THiWe0iSptMdzn_z2RsuSTt8GFsVFViRbzgLJ1OzfkNvbg==
skeleton-above.js
clients.lorimorrison.com/js/build/front/pages/ 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/js/build/front/pages/skeleton-above.js
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60a8af714dd9b920ccbc93f5a6c5db1afc31fa43ed88ee9c875b713714c6d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/portal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 02 May 2022 16:12:23 GMT
server
cloudflare
etag
W/"627002e7-2d727"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
70766991e80401eb-ZRH
expires
Sat, 07 May 2022 02:14:15 GMT
redirect.js
app.kartra.com//js/build/front/pages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com//js/build/front/pages/redirect.js
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7664cfe8a3c6d5b1015b6cc4300fdaa2ac275c4020fd4ac410dcd35b31b648e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:14 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 16 Feb 2022 09:43:17 GMT
server
cloudflare
etag
W/"620cc735-133e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=300
cf-polished
origSize=4926
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669920e180229-ZRH
expires
Sat, 07 May 2022 02:14:14 GMT
skeleton-immediate.js
clients.lorimorrison.com/js/build/front/pages/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/js/build/front/pages/skeleton-immediate.js
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/portal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:14 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 09:43:17 GMT
server
cloudflare
etag
W/"620cc735-1c52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
70766991e80601eb-ZRH
expires
Sat, 07 May 2022 02:14:14 GMT
skeleton-below.js
clients.lorimorrison.com/js/build/front/pages/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.lorimorrison.com/js/build/front/pages/skeleton-below.js
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/portal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 28 Apr 2022 11:55:34 GMT
server
cloudflare
etag
W/"626a80b6-31cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
70766994d9dd01eb-ZRH
expires
Sat, 07 May 2022 02:14:15 GMT
xpdGyjr2
app.kartra.com/resources/js/analytics/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/analytics/xpdGyjr2
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
7076699668850229-ZRH
page_check
app.kartra.com/resources/js/ 		127 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/page_check?page_id=fzqLrluP0XrK
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
7076699759130229-ZRH
kartra_embed_wild_card
app.kartra.com/resources/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=xpdGyjr2
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c23cb8bd5c026b3fdc092710a2b8bf6bcfdcf0ecb2fc251c5cd4648208f3fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
707669920e190229-ZRH
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://clients.lorimorrison.com/
Origin
https://clients.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
707669990f1423df-ZRH
fzqLrluP0XrK
app.kartra.com/analytics/visitorTime/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/analytics/visitorTime/fzqLrluP0XrK
Requested by
Host: clients.lorimorrison.com
URL: https://clients.lorimorrison.com/js/build/front/pages/skeleton-above.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://clients.lorimorrison.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:09:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://clients.lorimorrison.com
access-control-allow-credentials
true
cf-ray
70766996889e0229-ZRH
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
Primary Request portal
secure.lorimorrison.com/
Redirect Chain
  • https://secure.lorimorrison.com/portal
  • https://secure.lorimorrison.com/front/domain_validation?step=1&domain=secure.lorimorrison.com&url=https%3A%2F%2Fsecure.lorimorrison.com%2Fportal
  • https://lorimorrison.kartra.com/front/domain_validation?step=2&domain=secure.lorimorrison.com&url=https%3A%2F%2Fsecure.lorimorrison.com%2Fportal
  • https://secure.lorimorrison.com/portal?r_done=1
37 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/portal?r_done=1
Requested by
Host: app.kartra.com
URL: https://app.kartra.com//js/build/front/pages/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f12670f13eb82153c69329fe0c05d4b2ea7ff96eac6b3fecc0a4d00fec9166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://clients.lorimorrison.com/portal
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7076699e1b080211-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 02:09:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7076699b3b510229-ZRH
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 02:09:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://secure.lorimorrison.com/portal?r_done=1
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic&display=swap
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adef95e62536ef4a3c45c8d75acf53dbe25b3d3cbb0b0f3b542f163b1753f545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 02:09:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:09:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:09:16 GMT
css
fonts.googleapis.com/ 		7 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700italic,700,900,900italic,100italic,100&subset=latin,latin-ext&display=swap
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 01:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:09:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:09:16 GMT
jquery-1.10.2.min.js
secure.lorimorrison.com/js/node_modules/kartra-jquery/jquery-1.10.2/ 		140 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/node_modules/kartra-jquery/jquery-1.10.2/jquery-1.10.2.min.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cd9d4db056b0b87ed7dda8617cb99f491f2cc354bbcb491ee25e625e638e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-23089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a02c0a0211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
bootstrap.min.js
secure.lorimorrison.com/js/node_modules/bootstrap/dist/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/node_modules/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 25 Jul 2016 15:53:30 GMT
server
cloudflare
etag
W/"579635fa-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a02c0d0211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
santitation.js
lorimorrison.kartra.com/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com/js/santitation.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7a70bdcd92479741dea297fec3a956955ff594a21e84aafcc589665367f84e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 09:43:17 GMT
server
cloudflare
etag
W/"620cc735-305b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a02de50229-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
membership_portal.css
secure.lorimorrison.com/css/new/css/membership_portal/ 		205 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/css/new/css/membership_portal/membership_portal.css
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0833b481f5894c127dc6005f62b522b79a6408add28566bce5486228e6017440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Feb 2022 08:15:18 GMT
server
cloudflare
etag
W/"620e0416-332c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a02c0e0211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
1922325_1536107940LcJlm_250x50_2.png
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/1922325_1536107940LcJlm_250x50_2.png
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
054eb146534cf5fca86c4c09a5c5874ae24cfb7cc19cc881e8bffaee60f984ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Wed, 05 Sep 2018 00:39:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a1da25b116c467d728403b1f99813df2"
x-cache
Miss from cloudfront
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
content-length
50216
x-amz-cf-id
wzyHOnLU2HxGN6Q2IMQcJfIl5LWW0RuK2Xh8fLVkZs012cF3HsrX7w==
bootstrap-select.min.js
secure.lorimorrison.com/js/node_modules/bootstrap-select-173/dist/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/node_modules/bootstrap-select-173/dist/js/bootstrap-select.min.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb27197f3bf012a4c307b49328bb6e645803c3119d60e8fced1d16af9d7c2b68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 26 Jun 2015 17:07:00 GMT
server
cloudflare
etag
W/"558d86b4-7718"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a4ae120211-ZRH
expires
Sat, 07 May 2022 02:14:18 GMT
portals_front.js
secure.lorimorrison.com/js/members/sellers/ 		1001 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/members/sellers/portals_front.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484ff92bfeb214bf77d3e7743643d1a7275e69376aced9189f703ca76cd01334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 09:43:17 GMT
server
cloudflare
etag
W/"620cc735-3e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a4de2b0211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
jquery.form.js
secure.lorimorrison.com/js/node_modules/jquery-form/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/node_modules/jquery-form/jquery.form.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23fc25133ed072cdf7dae575213067b1da3c6843b2a0e489c8b7fc984c60ce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 18 May 2014 13:38:43 GMT
server
cloudflare
etag
W/"5378b7e3-ab23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a4ee350211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
front_common.js
secure.lorimorrison.com/js/front/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/js/front/front_common.js
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e03f853b1122506d167fbf7151165e36e104eb77b840c99ce3b372d7aaedb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/portal?r_done=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 02 May 2022 16:12:23 GMT
server
cloudflare
etag
W/"627002e7-286b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a4ee370211-ZRH
expires
Sat, 07 May 2022 02:14:17 GMT
membership_login_modal
lorimorrison.kartra.com//resources/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com//resources/js/membership_login_modal
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179a0cf1adf33515e85e116c5a479fceb0b17390efb2c4f6b03c146f387d8688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
707669a4e87d0229-ZRH
kartra_embed_wild_card
lorimorrison.kartra.com/resources/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com/resources/js/kartra_embed_wild_card?type=portal&owner=xpdGyjr2
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c5b6be2a3a189b65697be8a9a15cae3ae5b7d876a640de6b9415c6048f3445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
707669a4e87e0229-ZRH
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://secure.lorimorrison.com/
Origin
https://secure.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:17 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
707669a4dd4b23df-ZRH
kartra-external-icon-set.woff2
d2uolguxr56s4e.cloudfront.net/icons/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/icons/kartra-external-icon-set.woff2?edagnx
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/css/new/css/membership_portal/membership_portal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8e00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a126e6ed5c13c86be5c8ebc2deb7a18e1949d8be38b34ac2d14525cb398c8ff

Request headers

Referer
https://secure.lorimorrison.com/
Origin
https://secure.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
37660
last-modified
Mon, 01 Nov 2021 08:07:59 GMT
server
AmazonS3
etag
"f56fa0401e16dabec2b0bb0e582ad9f8"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
TOvI3hykkpFATldcFNPdqwJePggSU.gu
access-control-allow-origin
*
access-control-expose-headers
ETag, x-amz-meta-custom-header
x-amz-meta-version-id
OnFrIWbe9uy5ZvNfUoEaljco9zbIiTg9
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
yzXmdTCx29P13exJvn4Q7G66oYP86AGMpXdy7v-bpAVB1fqYsBujJw==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700italic,700,900,900italic,100italic,100&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 17:08:09 GMT
x-content-type-options
nosniff
age
291668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 17:08:09 GMT
jquery-1.10.2.min.js
lorimorrison.kartra.com/js/node_modules/kartra-jquery/jquery-1.10.2/ 		140 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com/js/node_modules/kartra-jquery/jquery-1.10.2/jquery-1.10.2.min.js
Requested by
Host: lorimorrison.kartra.com
URL: https://lorimorrison.kartra.com//resources/js/membership_login_modal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cd9d4db056b0b87ed7dda8617cb99f491f2cc354bbcb491ee25e625e638e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-23089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669a80a260229-ZRH
expires
Sat, 07 May 2022 02:14:18 GMT
27668960_6266c69527433_Supplement_Circle_with_Desk.jpeg
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/27668960_6266c69527433_Supplement_Circle_with_Desk.jpeg
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d9fbb55d875176e0a259a963966f0429ddb5d89ed9b991105354d5402be8668

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Mon, 25 Apr 2022 16:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"8d657390d182546fa4f7c6cc065c30ee"
x-cache
Miss from cloudfront
x-amz-version-id
kmUl.gicm1t_dY97_iXnIvtfvwVl32_Z
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
151222
x-amz-cf-id
DNSYegyBcw84Pc6sNSMDxIMlFQZ8c0VoZ4Y6eYfDJoTik_xy_VerVw==
12495800_5f4697cc3cd8e_Blue-butterflies-isolated-on-white-1076115562_2395x2549.jpeg
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/12495800_5f4697cc3cd8e_Blue-butterflies-isolated-on-white-1076115562_2395x2549.jpeg
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aabd0ccaba1848cbf35e7f390bcbe84cb8fc1100fc6b90f5792bd9db6b7f3fc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Wed, 26 Aug 2020 17:11:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"5f769c977ced2f6b2ef36fba903758f9"
x-cache
Miss from cloudfront
x-amz-version-id
hiW30W6fhk45PiUZ3yFl1S.SCbsS0WtP
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
97622
x-amz-cf-id
Y-3C5d6gaWTJv1Cr9w1AfM0VFYe1-ib0pyB1BILd829dFW3M0QlVng==
13148709_5f67c735a3fe2_Butterfly_Mastering_You.jpg
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/13148709_5f67c735a3fe2_Butterfly_Mastering_You.jpg
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52aef52f44603b47cdc350a0f9298393a03b7d6a51c68fbbdedc9259b2f6b3f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Sun, 20 Sep 2020 21:18:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"ac6f25197163cd3b977b6b41f463922c"
x-cache
Miss from cloudfront
x-amz-version-id
X1roYxT98DAAzACQxkwwaZ2jyY.olwoK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
30282
x-amz-cf-id
sZZR929aCHhN8i7axU8nmMcXaoGsust-xDYd9lY4xyhTF4LENOfLgQ==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700italic,700,900,900italic,100italic,100&subset=latin,latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.lorimorrison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 17:08:09 GMT
x-content-type-options
nosniff
age
291669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 17:08:09 GMT
7379381_5e1bdc1be3a07_Black_and_Gold_Butterfly.jpg
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/7379381_5e1bdc1be3a07_Black_and_Gold_Butterfly.jpg
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5ea302a38fbb71f7a3a0f9c832d5c53fa61c4799a9e39d374217bec28672a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 02:55:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"85348c431471a24353f791f178724d44"
x-cache
Miss from cloudfront
x-amz-version-id
uHERTpQL8gSQVC2Ae6DF.V._gLPg6Dec
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
71615
x-amz-cf-id
bqJEqiBSGQAvkhy1VmHT8XA8Gj0GAH4H9ygi5MzSKmBAB7Bz7TxD_Q==
5906167_5d900e8fecd17_MIND.jpg
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/5906167_5d900e8fecd17_MIND.jpg
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8d9e13abd3022178ffbc442301cb573aeb2c566f777d7a6ebb219d5b0259a07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Sun, 29 Sep 2019 01:53:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"336d2d3ea81a2b0e9241fb3d20f56a37"
x-cache
Miss from cloudfront
x-amz-version-id
579RelRjRGWjOB465KB7wb3.IJ00.O38
accept-ranges
bytes
content-type
image/jpeg
content-length
108995
x-amz-cf-id
6jW4j1G-IlKghusu4-dVtEmQJIft_45FsQLNTRMMtjxEabuesepkjg==
1923125_5b8f3faa7bf99_Tree_of_Life_circle_3.png
d1aettbyeyfilo.cloudfront.net/lorimorrison/ 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/lorimorrison/1923125_5b8f3faa7bf99_Tree_of_Life_circle_3.png
Requested by
Host: secure.lorimorrison.com
URL: https://secure.lorimorrison.com/portal?r_done=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c800:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b5de86d31054c6249055b0348bfd8358834b52d19128f309c19f79e9935e2a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Wed, 05 Sep 2018 02:30:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"32990bc4840385a9ce4945589881bc1d"
x-cache
Miss from cloudfront
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
content-length
299753
x-amz-cf-id
PppQfPi73A9S3qbIXvLW-nd6yPQrmHhMwqzA3lel2YsnWcf3_gsC1g==
porthole.js
lorimorrison.kartra.com/js/node_modules/porthole/src/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com/js/node_modules/porthole/src/porthole.js
Requested by
Host: lorimorrison.kartra.com
URL: https://lorimorrison.kartra.com//resources/js/membership_login_modal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a7c68bff7b40c8fb289be074270449d8995ecdcdafa8798dbf3eb47d3b5a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-4acc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669aced040229-ZRH
expires
Sat, 07 May 2022 02:14:18 GMT
external_wrapper_modal.css
lorimorrison.kartra.com/css/new/css/ 		1 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lorimorrison.kartra.com/css/new/css/external_wrapper_modal.css
Requested by
Host: lorimorrison.kartra.com
URL: https://lorimorrison.kartra.com//resources/js/membership_login_modal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b610b7b67a741719f6d2b7ec5f18d500d2458b73a8e15aa9649d3edc5770e995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Feb 2022 08:15:16 GMT
server
cloudflare
etag
W/"620e0414-475"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
707669adbd800229-ZRH
expires
Sat, 07 May 2022 02:14:19 GMT
processing_new.gif
d2uolguxr56s4e.cloudfront.net/img/shared/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2uolguxr56s4e.cloudfront.net/img/shared/processing_new.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8e00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ebd1cdf39d79551fc5f2574b6eb80932bf82748283551ede2b39b9c1c8f198d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.lorimorrison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
fXTYmPYjUeMNp4eY8gLJivmvSmwbxmGU
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Thu, 05 Mar 2020 15:03:56 GMT
server
AmazonS3
age
55564
etag
"5b1ea98aa0783d8f908ffe1dc162c959"
x-cache
Hit from cloudfront
content-type
image/gif
date
Fri, 06 May 2022 10:53:02 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
32758
x-amz-cf-id
8XzFNkPBw-up0n16ZXsqUq34QQ_FS3gBrjBeF70TReyLrbvXNNWlwQ==
rum
secure.lorimorrison.com/cdn-cgi/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.lorimorrison.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.lorimorrison.com/portal?r_done=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Sat, 07 May 2022 02:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://secure.lorimorrison.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
707669ae2a730211-ZRH
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clients.lorimorrison.com
URL
https://clients.lorimorrison.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| jQuery110208226086440481097 function| apply_santitation function| findCharacters function| isValidChar function| isValidString function| verify_decimal_value function| verifyValueLength object| jsVars string| default_user_image boolean| trigger function| initConfirmActionPopovers function| displayConfirmActionPopover function| setBackgroundContrast function| calculateLuminance function| checkExportStatus object| kartra object| gdpr_cookie_banner_settings function| isKartraDomain object| __cfBeacon function| kartra_jquery_296791120 object| Porthole

4 Cookies

Domain/Path Name / Value
.clients.lorimorrison.com/ Name: kartra_visited
Value: 9f1dff01c893e2ba4c78ed0c8823edc5f341032c
secure.lorimorrison.com/ Name: ci_session
Value: k5skc127p1u429ktt1rdk576k39q1cfi
.secure.lorimorrison.com/ Name: kartra_visited
Value: ad34912fd477fb5bcf95c05446061fafa0b43034
.secure.lorimorrison.com/ Name: kartra_profile_icon_tooltip
Value: 6d7b99299b103f135955f56eb546503f04c4333c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.kartra.com
clients.lorimorrison.com
d1aettbyeyfilo.cloudfront.net
d2uolguxr56s4e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lorimorrison.kartra.com
secure.lorimorrison.com
static.cloudflareinsights.com
clients.lorimorrison.com
2600:9000:20eb:8e00:1c:2135:3780:21
2600:9000:21f3:c800:6:a951:7b00:21
2606:4700:440e::ac40:9c1a
2606:4700::6811:cf25
2606:4700::6811:d025
2606:4700::6811:d125
2a00:1450:4001:809::2003
2a00:1450:4001:812::200a
054eb146534cf5fca86c4c09a5c5874ae24cfb7cc19cc881e8bffaee60f984ee
0833b481f5894c127dc6005f62b522b79a6408add28566bce5486228e6017440
0c7a70bdcd92479741dea297fec3a956955ff594a21e84aafcc589665367f84e
14e8ad4b5405ed75fefc855cb00f8ca97ea87d2b70d35f930ef3fc9f9c4e2689
179a0cf1adf33515e85e116c5a479fceb0b17390efb2c4f6b03c146f387d8688
23c23cb8bd5c026b3fdc092710a2b8bf6bcfdcf0ecb2fc251c5cd4648208f3fb
23fc25133ed072cdf7dae575213067b1da3c6843b2a0e489c8b7fc984c60ce6b
26a7c68bff7b40c8fb289be074270449d8995ecdcdafa8798dbf3eb47d3b5a10
2d9fbb55d875176e0a259a963966f0429ddb5d89ed9b991105354d5402be8668
2ebd1cdf39d79551fc5f2574b6eb80932bf82748283551ede2b39b9c1c8f198d
3542ecf6714db71dfb0ed3faad0b8d7fd7743c756b61f4938455ccee5aaac3c4
46d05277680e60b3235e2a23fbcce3c32be006f5a74da04d16194c18c6b1b17e
484ff92bfeb214bf77d3e7743643d1a7275e69376aced9189f703ca76cd01334
52aef52f44603b47cdc350a0f9298393a03b7d6a51c68fbbdedc9259b2f6b3f7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5b5de86d31054c6249055b0348bfd8358834b52d19128f309c19f79e9935e2a4
63cd9d4db056b0b87ed7dda8617cb99f491f2cc354bbcb491ee25e625e638e01
6bb441c2132383eff2066d48413e629dd2b7ac2120e5ce8e441b4a9459f19df2
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
8c2044df01b07131d511e651196f03e31b6809a523edc562b4df1a88c3e83c5f
8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a126e6ed5c13c86be5c8ebc2deb7a18e1949d8be38b34ac2d14525cb398c8ff
a8d9e13abd3022178ffbc442301cb573aeb2c566f777d7a6ebb219d5b0259a07
aabd0ccaba1848cbf35e7f390bcbe84cb8fc1100fc6b90f5792bd9db6b7f3fc1
adef95e62536ef4a3c45c8d75acf53dbe25b3d3cbb0b0f3b542f163b1753f545
b610b7b67a741719f6d2b7ec5f18d500d2458b73a8e15aa9649d3edc5770e995
c3f12670f13eb82153c69329fe0c05d4b2ea7ff96eac6b3fecc0a4d00fec9166
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c60a8af714dd9b920ccbc93f5a6c5db1afc31fa43ed88ee9c875b713714c6d8b
d9c5b6be2a3a189b65697be8a9a15cae3ae5b7d876a640de6b9415c6048f3445
dbd7c9e6d915b6e2fd07480766974b5769f786738f11f389b9bb301dde87703e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e03f853b1122506d167fbf7151165e36e104eb77b840c99ce3b372d7aaedb3
e5ea302a38fbb71f7a3a0f9c832d5c53fa61c4799a9e39d374217bec28672a4c
e7664cfe8a3c6d5b1015b6cc4300fdaa2ac275c4020fd4ac410dcd35b31b648e
fb27197f3bf012a4c307b49328bb6e645803c3119d60e8fced1d16af9d7c2b68
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505