urlscan.io logo urlscan.io
SecurityTrails logo

linkedbusinessaccelerator.linkedinleadstraffic.com Open in urlscan Pro
162.144.12.156  Public Scan

Go To Rescan Add Verdict Report
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Submission Tags: @phishunt_io
Submission: On September 08 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 27 HTTP transactions. The main IP is 162.144.12.156, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is linkedbusinessaccelerator.linkedinleadstraffic.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 7th 2020. Valid for: 3 months.
This is the only time linkedbusinessaccelerator.linkedinleadstraffic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.144.12.156 46606 (UNIFIEDLA...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a01:4a0:1338... 201011 (NETZBETRI...)
1 99.84.156.16 16509 (AMAZON-02)
2 2a04:4e42:3::84 54113 (FASTLY)
1 151.101.36.84 54113 (FASTLY)
27 11
1    162.144.12.156 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: regalvacation.com
linkedbusinessaccelerator.linkedinleadstraffic.com
2    2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
www.clickfunnels.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
platform.linkedin.com
1    99.84.156.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-16.txl52.r.cloudfront.net
platform.stumbleupon.com
2    2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)
assets.pinterest.com
1    151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
log.pinterest.com
Domain Requested by
2 assets.pinterest.com linkedbusinessaccelerator.linkedinleadstraffic.com
assets.pinterest.com
2 apis.google.com linkedbusinessaccelerator.linkedinleadstraffic.com
apis.google.com
2 connect.facebook.net linkedbusinessaccelerator.linkedinleadstraffic.com
connect.facebook.net
2 platform.twitter.com linkedbusinessaccelerator.linkedinleadstraffic.com
platform.twitter.com
2 www.google-analytics.com linkedbusinessaccelerator.linkedinleadstraffic.com
www.google-analytics.com
1 log.pinterest.com assets.pinterest.com
1 platform.stumbleupon.com linkedbusinessaccelerator.linkedinleadstraffic.com
1 platform.linkedin.com linkedbusinessaccelerator.linkedinleadstraffic.com
1 www.clickfunnels.com linkedbusinessaccelerator.linkedinleadstraffic.com
1 app.clickfunnels.com 1 redirects
1 linkedbusinessaccelerator.linkedinleadstraffic.com
0 linkedbusinessaccelerator.com Failed linkedbusinessaccelerator.linkedinleadstraffic.com
27 12

This site contains no links.

Subject Issuer Validity Valid
cpanel.venturgo.co
Let's Encrypt Authority X3		 2020-09-07 -
2020-12-06		 3 months crt.sh
ssl566619.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-05-19 -
2020-11-25		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-03 -
2022-07-08		 2 years crt.sh
*.stumbleupon.com
GeoTrust RSA CA 2018		 2019-07-02 -
2021-07-22		 2 years crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Frame ID: 867FCBF24313C6899934A399285B5BB7
Requests: 26 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Flinkedbusinessaccelerator.linkedinleadstraffic.com
Frame ID: 19BE323EF5520E97DC9B645BD6DF1672
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /cufon-yui\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.linkedin\.com\/in\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

27
Requests

56 %
HTTPS

70 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

261 kB
Transfer

805 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://app.clickfunnels.com/assets/cfpop.js?ver=1.0.0 HTTP 301
  • https://www.clickfunnels.com/assets/cfpop.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
linkedbusinessaccelerator.linkedinleadstraffic.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.12.156 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
regalvacation.com
Software
Apache /
Resource Hash
e31179e1e9a5f5e37823f520b5c9421b477c91a7a78b875f700c6ae16fa1ae4d

Request headers

:method
GET
:authority
linkedbusinessaccelerator.linkedinleadstraffic.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 08 Sep 2020 20:36:56 GMT
server
Apache
vary
User-Agent,Accept-Encoding
last-modified
Tue, 08 Sep 2020 00:40:50 GMT
accept-ranges
bytes
content-encoding
gzip
content-length
3659
content-type
text/html; charset=UTF-8
cfpop.js
www.clickfunnels.com/assets/
Redirect Chain
  • https://app.clickfunnels.com/assets/cfpop.js?ver=1.0.0
  • https://www.clickfunnels.com/assets/cfpop.js
4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/assets/cfpop.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edca09937ddbf8dbe53f7ec35eca8c5ebf6ce464c51601f05ecb55f9d48c978f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 20:36:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
180
status
200
cf-request-id
051108a9940000dffbda11c200000001
last-modified
Wed, 05 Aug 2020 19:10:30 GMT
server
cloudflare
etag
W/"5f2b0426-1020"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5cfb76ef5ab4dffb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Tue, 08 Sep 2020 20:56:56 GMT

Redirect headers

date
Tue, 08 Sep 2020 20:36:56 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
642
status
301
cf-request-id
051108a9640000dffbda119200000001
server
cloudflare
location
https://www.clickfunnels.com/assets/cfpop.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5cfb76ef0a18dffb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Tue, 08 Sep 2020 20:56:56 GMT
typography.css
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/ 		0
0
style.css
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/ 		0
0
wp-socializer-buttons-css.css
linkedbusinessaccelerator.com/wp-content/plugins/wp-socializer/public/css/ 		0
0
jetpack.css
linkedbusinessaccelerator.com/wp-content/plugins/jetpack/css/ 		0
0
jquery.js
linkedbusinessaccelerator.com/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
linkedbusinessaccelerator.com/wp-includes/js/jquery/ 		0
0
js_cookie.js
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/ 		0
0
cufon-yui.js
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/ 		0
0
qtobject.js
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/ 		0
0
flowplayer-3.2.10.min.js
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/ 		0
0
flowplayer.ipad-3.2.9.min.js
linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/ 		0
0
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
4876
date
Tue, 08 Sep 2020 19:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Tue, 08 Sep 2020 21:15:40 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AC) /
Resource Hash
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Sep 2020 20:36:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 20:40:54 GMT
Server
ECS (fcn/41AC)
Age
327
Etag
"a58136137a93f33c1d165df7d4d973f8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28881
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51f35e4eb82edd5ae58c139c2d5ec3e4835612342657cadc07effde0ed73312a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3oHKnxwcxYRRxM0M3WRMFQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"b7def6b1515ba561d945851e30f247b5"
x-fb-debug
5fgT4csVWhNfSjKh9rH6a4ytDrxlOpVN5jKhcl4UBethQiAdbv5sdLiHPzi+uHHsoKhRmqEiBlJXmXxx5q8t1g==
x-fb-trip-id
664085054
x-fb-content-md5
91567cada5fb7cceb10a7c29bc91b77d
x-frame-options
DENY
date
Tue, 08 Sep 2020 20:36:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 08 Sep 2020 20:45:04 GMT
plusone.js
apis.google.com/js/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6/KmNF9A2a9M9OawtEQW8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"9d5cd1be658ea5e8c43387860482a354"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-6/KmNF9A2a9M9OawtEQW8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 08 Sep 2020 20:36:56 GMT
in.js
platform.linkedin.com/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Play /
Resource Hash
eb2d1716b1dd595dfbe1bf66a38dfdcfd692516e3e648d1b091c249117d748d2

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-UUID
eHaMtdPoMhZAPC0J0SoAAA==
Date
Tue, 08 Sep 2020 20:36:56 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
Server
Play
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
X-LI-Proto
http/1.1
Content-Length
55597
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
Expires
Tue, 8 Sep 2020 21:26:53 GMT
widgets.js
platform.stumbleupon.com/1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.stumbleupon.com/1/widgets.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-16.txl52.r.cloudfront.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d57341d00bb5b3b3f56329c608b175488d9a1c0adf7893b3bbe687dc91804edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 07:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45717
x-cache
Hit from cloudfront
status
200
content-length
4284
x-xss-protection
1; mode=block
last-modified
Mon, 29 Sep 2014 18:35:45 GMT
server
Apache/2.4.18 (Ubuntu)
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
x-amz-cf-id
qSugYkvhBTrksAL7RNRi43dHwxg9PikHv8cOo9hs57hJt8PX8rZWQA==
pinit.js
assets.pinterest.com/js/ 		361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: linkedbusinessaccelerator.linkedinleadstraffic.com
URL: https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 20:36:56 GMT
content-encoding
br
x-cdn
fastly
status
200
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
203
access-control-expose-headers
X-CDN
all.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49483a2b88513ea05f63392968cb19164b7e7218850ee6bcb272513bb6ad302b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://linkedbusinessaccelerator.linkedinleadstraffic.com
Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6YVpozjGzLVtTxHc10dslA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59848
etag
"d1d5fab5c7d86819235958b08d91536e"
x-fb-debug
JXZLOmxbXHciYULlOLrbaQoQ2ae+hlF5qZBXhNOviRufV1QU2IGaHFFIzRTdyzLQ/WBqlJiyP9tXlJy+hYp6kg==
x-fb-trip-id
664085054
x-fb-content-md5
a9de5107029f3a85fb7f0a1c03efd26a
x-frame-options
DENY
date
Tue, 08 Sep 2020 20:36:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 08 Sep 2021 19:07:55 GMT
collect
www.google-analytics.com/j/ 		1 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=914856531&t=pageview&_s=1&dl=https%3A%2F%2Flinkedbusinessaccelerator.linkedinleadstraffic.com%2F&ul=en-us&de=UTF-8&dt=Linked%20Business%20Accelerator%20-%20LinkedIn%20Marketing%20for%20Business%20%7C%20LinkedIn%20Marketing%20for%20Business%2C%20LinkedIn%20Marketing%20Small%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1803432218&gjid=1168179248&cid=1099775099.1599597417&tid=UA-58398503-1&_gid=1586843539.1599597417&_r=1&z=554081480
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Sep 2020 20:36:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://linkedbusinessaccelerator.linkedinleadstraffic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pinit_main.js
assets.pinterest.com/js/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.3718158626415704
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a4532133d42ae029a10be547d38826515cb3187317a62e72504ba35343e65df

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 20:36:56 GMT
content-encoding
br
x-cdn
fastly
status
200
etag
"1134e2eabea20f42c0f5d402698001ad"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
19005
access-control-expose-headers
X-CDN
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 		140 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 17:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 02 Aug 2020 22:35:54 GMT
server
sffe
age
99172
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50000
x-xss-protection
0
expires
Tue, 07 Sep 2021 17:04:04 GMT
wp-socializer-bookmark-js.js
linkedbusinessaccelerator.com/wp-content/plugins/wp-socializer/public/js/ 		0
0
widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 19BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Flinkedbusinessaccelerator.linkedinleadstraffic.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4187) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4824
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 08 Sep 2020 20:36:56 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 01 Sep 2020 17:58:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4187)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
/
log.pinterest.com/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.pinterest.com/
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.3718158626415704
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://linkedbusinessaccelerator.linkedinleadstraffic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Sep 2020 20:36:58 GMT
via
1.1 varnish
server
envoy
x-timer
S1599597418.976340,VS0,VE87
x-served-by
cache-ams21045-AMS
access-control-max-age
86400
x-cache
MISS
status
200
x-pinterest-rid
1654363555389802
access-control-allow-methods
GET, POST, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/typography.css
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/style.css
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/plugins/wp-socializer/public/css/wp-socializer-buttons-css.css?ver=2.4.9.8
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/plugins/jetpack/css/jetpack.css?ver=3.2.1
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/js_cookie.js?ver=1.0
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/cufon-yui.js
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/qtobject.js
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/flowplayer-3.2.10.min.js
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/themes/OptimizePress/js/flowplayer.ipad-3.2.9.min.js
Domain
linkedbusinessaccelerator.com
URL
http://linkedbusinessaccelerator.com/wp-content/plugins/wp-socializer/public/js/wp-socializer-bookmark-js.js?ver=2.4.9.8

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| clearText string| GoogleAnalyticsObject function| ga function| get_stripe_vars object| wu number| wc function| wpsrload function| wpsrasync object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| PIN_18513 object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| __core-js_shared__ object| Sslac object| IN object| PIN_1599597416898 object| PinUtils function| restoreOriginalWindowSettings function| makeWindowModal function| openPopup function| addIframeWrapperStyle function| addEvent function| checkExitCFPop function| cfResizer function| cf_embeds_load object| body object| doc number| viewWidth number| viewHeight object| originalBodyStyleOverflow string| eventMethod function| eventer string| messageEvent object| linkRegex string| currentPopup boolean| cfpopupExitCheck object| links object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| STMBLPN object| isHttps

3 Cookies

Domain/Path Name / Value
.linkedinleadstraffic.com/ Name: _gid
Value: GA1.2.1586843539.1599597417
.linkedinleadstraffic.com/ Name: _gat
Value: 1
.linkedinleadstraffic.com/ Name: _ga
Value: GA1.2.1099775099.1599597417

8 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
Invalid App Id: Must be a number or numeric string representing the application id.
console-api warning URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
FB.getLoginStatus() called before calling FB.init().
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
sdkperf: it took 42 ms and 62799 bytes to load https://connect.facebook.net/en_US/all.js
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
sdkperf: init logged after 80 ms
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
domReady
console-api warning URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
The "fb-root" div has not been created, auto-creating
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
XFBML Parsing Start 1
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=8348b842be5aceafbc3b36dcd8f26e37&ua=modern_es6(Line 52)
Message:
XFBML Parsing Finish 1, 0 tags found

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
app.clickfunnels.com
assets.pinterest.com
connect.facebook.net
linkedbusinessaccelerator.com
linkedbusinessaccelerator.linkedinleadstraffic.com
log.pinterest.com
platform.linkedin.com
platform.stumbleupon.com
platform.twitter.com
www.clickfunnels.com
www.google-analytics.com
linkedbusinessaccelerator.com
151.101.36.84
162.144.12.156
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:cc2
2a00:1450:4001:81b::200e
2a00:1450:4001:825::200e
2a01:4a0:1338:28::c38a:ff0b
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:3::84
99.84.156.16
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
49483a2b88513ea05f63392968cb19164b7e7218850ee6bcb272513bb6ad302b
4a4532133d42ae029a10be547d38826515cb3187317a62e72504ba35343e65df
51f35e4eb82edd5ae58c139c2d5ec3e4835612342657cadc07effde0ed73312a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
d57341d00bb5b3b3f56329c608b175488d9a1c0adf7893b3bbe687dc91804edf
e31179e1e9a5f5e37823f520b5c9421b477c91a7a78b875f700c6ae16fa1ae4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2d1716b1dd595dfbe1bf66a38dfdcfd692516e3e648d1b091c249117d748d2
edca09937ddbf8dbe53f7ec35eca8c5ebf6ce464c51601f05ecb55f9d48c978f