urlscan.io logo urlscan.io
SecurityTrails logo

backoffice.samerk.com Open in urlscan Pro
192.124.249.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://backoffice.samerk.com/index.html
Submission: On December 30 via manual from BH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 192.124.249.65, located in United States and belongs to SUCURI-SEC, US. The main domain is backoffice.samerk.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 18th 2020. Valid for: a year.
This is the only time backoffice.samerk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 192.124.249.65 30148 (SUCURI-SEC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 6
14    192.124.249.65 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10065.sucuri.net
backoffice.samerk.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
14 backoffice.samerk.com backoffice.samerk.com
2 unpkg.com backoffice.samerk.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com backoffice.samerk.com
1 maxcdn.bootstrapcdn.com backoffice.samerk.com
19 5

This site contains no links.

Subject Issuer Validity Valid
backoffice.samerk.com
Go Daddy Secure Certificate Authority - G2		 2020-07-18 -
2021-08-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://backoffice.samerk.com/index.html
Frame ID: 05DFED3C4A3FADA0947AD925836DFB35
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://backoffice.samerk.com/index.html Page URL
  2. https://backoffice.samerk.com/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

1123 kB
Transfer

2675 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://backoffice.samerk.com/index.html Page URL
  2. https://backoffice.samerk.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
backoffice.samerk.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
5b615e454d0c8dd20837c375b4c32f871e827a80c0e38b14a1ebca3823bea861
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
backoffice.samerk.com
:scheme
https
:path
/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Wed, 30 Dec 2020 12:02:26 GMT
content-type
text/html
x-sucuri-id
13015
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
upgrade-insecure-requests;
Primary Request index.html
backoffice.samerk.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/index.html
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
87afc7c2654a3b6d24e36414f0a2aab82ead935a32d60aede25be0d63ba54a13
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:method
GET
:authority
backoffice.samerk.com
:scheme
https
:path
/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://backoffice.samerk.com/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sucuri_cloudproxy_uuid_da4ded21b=50e5db933c841e9918ee6bc8ba3fa9aa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://backoffice.samerk.com/index.html

Response headers

server
nginx
date
Wed, 30 Dec 2020 12:02:26 GMT
content-type
text/html; charset=utf-8
x-sucuri-id
13015
x-xss-protection
1; mode=block 1; mode=block
x-frame-options
SAMEORIGIN SAMEORIGIN
x-content-type-options
nosniff nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 28 Dec 2020 14:02:04 GMT
vary
Accept-Encoding
etag
W/"5fe9e55c-68c"
content-encoding
gzip
x-sucuri-cache
BYPASS
grapes.min.css
backoffice.samerk.com/static/grapejs/dist/css/ 		88 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/dist/css/grapes.min.css
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
bd40ebc07687172c20fe65131a0d31841fe69171f7dd922a6151e4ace55c7264
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-15ea7"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
vue-multiselect.min.css
unpkg.com/vue-multiselect@2.1.0/dist/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.css
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
374619
vary
Accept-Encoding
cf-request-id
0755203ac700002c3ac1973000000001
last-modified
Sun, 18 Mar 2018 17:24:25 GMT
server
cloudflare
etag
W/"1c46-REXhA/xTGnqKrQ6n7ISPoCcwNxc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
010a32b23cf62d8d2c18e241282626c6
cache-control
public, max-age=31536000
cf-ray
609b9ca47b212c3a-FRA
VueQueryBuilder.css
unpkg.com/vue-query-builder@0.7.1/dist/ 		804 B
385 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-query-builder@0.7.1/dist/VueQueryBuilder.css
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e32e3036403340708b5b39e1bb5ef55fe24a6f4541a9c448022d206af3da5c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
84211
vary
Accept-Encoding
cf-request-id
0755203ac700002c3a7710c000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"324-cZXHRObfiJV33EF6CMIFy25KCRs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
04f4018692e9a62fa0a3964c7b3c5c0f
cache-control
public, max-age=31536000
cf-ray
609b9ca47b242c3a-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://backoffice.samerk.com
Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
app.0bec166e03a95e246b532a1dfe77d7b7.css
backoffice.samerk.com/static/css/ 		200 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/css/app.0bec166e03a95e246b532a1dfe77d7b7.css
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
25fe755eafeb426cca29698a4e6c8011b13a941ff62ed8a9719cdcb75b2e006a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-31f67"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
grapes.min.js
backoffice.samerk.com/static/grapejs/dist/ 		627 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/dist/grapes.min.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
2202e661936b7eb62dc746f6a5a6c0609c82dd40d4011458b47c32991e51a7da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-9ca68"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
grapesjs-blocks-basic.min.js
backoffice.samerk.com/static/grapejs/plugins/grapesjs-blocks-basic/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/plugins/grapesjs-blocks-basic/dist/grapesjs-blocks-basic.min.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
f2360359b97c4f56f3cbcf57e60de00a15442899c2a3c1b92277d65d455e5dd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-164f"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
grapesjs-plugin-ckeditor.min.js
backoffice.samerk.com/static/grapejs/plugins/grapesjs-plugin-ckeditor/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/plugins/grapesjs-plugin-ckeditor/dist/grapesjs-plugin-ckeditor.min.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
65d46f81b0eaf2e1e5dabd419303420a43ed115fc0442448888b3fd9bf3154f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-a81"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
grapesjs-blocks-bootstrap4.min.js
backoffice.samerk.com/static/grapejs/plugins/grapesjs-blocks-bootstrap4-master/dist/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/plugins/grapesjs-blocks-bootstrap4-master/dist/grapesjs-blocks-bootstrap4.min.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
b33430d0a4a5f3a644093c2ea4487a0704937bcff526943cedd48d9beb30c4c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-fd61"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
htmlPlugin.js
backoffice.samerk.com/static/grapejs/plugins/custom-plugins/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/plugins/custom-plugins/htmlPlugin.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
329edadc73ae0bb95f65207f5d8ac52ff2e1e75d3df4cbfdec919b434c67f513
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-a49"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
formComponent.js
backoffice.samerk.com/static/grapejs/plugins/custom-plugins/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/grapejs/plugins/custom-plugins/formComponent.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
4c20a55b525903486385f9dcbd93f9c0d021caaecd88594f06746afea019a486
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-152b"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
manifest.fd307a4c96e8775e3e97.js
backoffice.samerk.com/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/js/manifest.fd307a4c96e8775e3e97.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
4f091881bbcefe8634dda84fe87028845dadb26ac9b14ca0338db7f2d744c80c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-7fd"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor.fbd3c1a4b4dd94563ff4.js
backoffice.samerk.com/static/js/ 		761 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/js/vendor.fbd3c1a4b4dd94563ff4.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
45a0c4d8c468c544dab31eca3a3fc0312701357a36cf2fdc5cc2431f9d25dcee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-be5e3"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.939e5e94d66095e0fa1f.js
backoffice.samerk.com/static/js/ 		494 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/js/app.939e5e94d66095e0fa1f.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
8b12bd31e020b46b6af0dd0c0c481fcdcf89698cb73809a63465cb5e72427318
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 01 Dec 2020 11:24:11 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fc627db-7b714"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		2 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/static/css/app.0bec166e03a95e246b532a1dfe77d7b7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://backoffice.samerk.com/static/css/app.0bec166e03a95e246b532a1dfe77d7b7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Dec 2020 10:59:16 GMT
server
ESF
date
Wed, 30 Dec 2020 12:02:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Dec 2020 12:02:26 GMT
11.4fb66a7bb292a7ad758c.js
backoffice.samerk.com/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://backoffice.samerk.com/static/js/11.4fb66a7bb292a7ad758c.js
Requested by
Host: backoffice.samerk.com
URL: https://backoffice.samerk.com/static/js/manifest.fd307a4c96e8775e3e97.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.65 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10065.sucuri.net
Software
nginx /
Resource Hash
62cc5bf8a5555495aa8089628d8b27cf6b329d9c9aeb08e8991c0073f57f2245
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://backoffice.samerk.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Dec 2020 12:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 28 Dec 2020 14:02:04 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"5fe9e55c-13ff"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-sucuri-id
13015
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
898ec920cb9a5f11d736fff01fd23ea3808bd4bf094a52e797f35498bf96cede

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36d7a0626225df2b810e322572338f9f2e69bc58f53ae3acf17bb54fe596b1bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7c55cfe563ce4579624be62cc6014d01c2bb494b12a6dc77e4fb15f2b10eeed

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afd070664fd936c8e89fc9ecda74724e51e2fba8a8aa17500c003410d61aecdc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af80c11da2b819180cabedfe0337c00d9c8b2117bb09943c7d2e7ad6f76f475b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5d255f6692c7a83e3aadf88669707ba538c161b276eaa581a042a369a469ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d3280e51e4f94e1cb5037fe3c003ff90285d529af3fdc3644d8aa54f2fd3ee3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
img/png
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://backoffice.samerk.com
Referer
https://fonts.googleapis.com/css?family=Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 17:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
67322
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 29 Dec 2021 17:20:25 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| grapesjs object| grapesjs-blocks-basic object| grapesjs-plugin-ckeditor object| grapesjs-blocks-bootstrap4 function| webpackJsonp object| __core-js_shared__ object| __SVG_SPRITE__

1 Cookies

Domain/Path Name / Value
backoffice.samerk.com/ Name: sucuri_cloudproxy_uuid_da4ded21b
Value: 50e5db933c841e9918ee6bc8ba3fa9aa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backoffice.samerk.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
unpkg.com
192.124.249.65
2001:4de0:ac19::1:b:2b
2606:4700::6810:7baf
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
1d5d255f6692c7a83e3aadf88669707ba538c161b276eaa581a042a369a469ce
1e32e3036403340708b5b39e1bb5ef55fe24a6f4541a9c448022d206af3da5c1
2202e661936b7eb62dc746f6a5a6c0609c82dd40d4011458b47c32991e51a7da
25fe755eafeb426cca29698a4e6c8011b13a941ff62ed8a9719cdcb75b2e006a
329edadc73ae0bb95f65207f5d8ac52ff2e1e75d3df4cbfdec919b434c67f513
36d7a0626225df2b810e322572338f9f2e69bc58f53ae3acf17bb54fe596b1bd
45a0c4d8c468c544dab31eca3a3fc0312701357a36cf2fdc5cc2431f9d25dcee
4c20a55b525903486385f9dcbd93f9c0d021caaecd88594f06746afea019a486
4f091881bbcefe8634dda84fe87028845dadb26ac9b14ca0338db7f2d744c80c
5b615e454d0c8dd20837c375b4c32f871e827a80c0e38b14a1ebca3823bea861
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
62cc5bf8a5555495aa8089628d8b27cf6b329d9c9aeb08e8991c0073f57f2245
65d46f81b0eaf2e1e5dabd419303420a43ed115fc0442448888b3fd9bf3154f4
87afc7c2654a3b6d24e36414f0a2aab82ead935a32d60aede25be0d63ba54a13
898ec920cb9a5f11d736fff01fd23ea3808bd4bf094a52e797f35498bf96cede
8b12bd31e020b46b6af0dd0c0c481fcdcf89698cb73809a63465cb5e72427318
8d3280e51e4f94e1cb5037fe3c003ff90285d529af3fdc3644d8aa54f2fd3ee3
af80c11da2b819180cabedfe0337c00d9c8b2117bb09943c7d2e7ad6f76f475b
afd070664fd936c8e89fc9ecda74724e51e2fba8a8aa17500c003410d61aecdc
b33430d0a4a5f3a644093c2ea4487a0704937bcff526943cedd48d9beb30c4c5
b7c55cfe563ce4579624be62cc6014d01c2bb494b12a6dc77e4fb15f2b10eeed
bd40ebc07687172c20fe65131a0d31841fe69171f7dd922a6151e4ace55c7264
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41
f2360359b97c4f56f3cbcf57e60de00a15442899c2a3c1b92277d65d455e5dd2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c