jefferson.corestream.com
Open in
urlscan Pro
20.96.128.77
Public Scan
Effective URL: https://jefferson.corestream.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2_Discounts&utm_conte...
Submission: On May 24 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 24th 2024. Valid for: a year.
This is the only time jefferson.corestream.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14340 (SALESFORCE, US)
PTR: click.relay.corestream.com
click.relay.corestream.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
jeffersonbenefitsplus.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
jefferson.corestream.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net | |
p.typekit.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-110.muc50.r.cloudfront.net
code.upscope.io |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tenants.corestream.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-118.muc50.r.cloudfront.net
js.upscope.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-84-168.compute-1.amazonaws.com
events.launchdarkly.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-26.muc50.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-174.muc50.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-31.muc50.r.cloudfront.net
js.intercomcdn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-71-46.compute-1.amazonaws.com
api-iam.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com
api.segment.io |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.logr-ingest.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
corestream.com
1 redirects
click.relay.corestream.com jefferson.corestream.com tenants.corestream.com — Cisco Umbrella Rank: 864139 cdn2.corestream.com — Cisco Umbrella Rank: 592525 |
2 MB |
9 |
launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 736 events.launchdarkly.com — Cisco Umbrella Rank: 907 clientstream.launchdarkly.com — Cisco Umbrella Rank: 886 |
4 KB |
8 |
segment.com
cdn.segment.com — Cisco Umbrella Rank: 1845 |
72 KB |
5 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565 |
83 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533 |
22 KB |
4 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 751 |
354 B |
4 |
intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1597 api-iam.intercom.io — Cisco Umbrella Rank: 2092 |
11 KB |
3 |
logr-ingest.com
cdn.logr-ingest.com — Cisco Umbrella Rank: 24861 r.logr-ingest.com — Cisco Umbrella Rank: 21513 |
182 KB |
2 |
intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2114 |
291 KB |
2 |
algolia.net
tkm2y5kpcd-dsn.algolia.net — Cisco Umbrella Rank: 744855 |
214 KB |
2 |
upscope.io
code.upscope.io — Cisco Umbrella Rank: 23934 js.upscope.io — Cisco Umbrella Rank: 40859 |
41 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
96 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89 |
352 B |
1 |
segment.io
api.segment.io — Cisco Umbrella Rank: 1425 |
180 B |
1 |
jeffersonbenefitsplus.com
1 redirects
jeffersonbenefitsplus.com |
333 B |
80 | 15 |
Domain | Requested by | |
---|---|---|
27 | jefferson.corestream.com |
jefferson.corestream.com
|
8 | cdn.segment.com |
jefferson.corestream.com
cdn.segment.com |
4 | dc.services.visualstudio.com |
jefferson.corestream.com
|
4 | events.launchdarkly.com |
jefferson.corestream.com
|
4 | app.launchdarkly.com |
jefferson.corestream.com
|
4 | tenants.corestream.com |
jefferson.corestream.com
|
4 | use.typekit.net |
jefferson.corestream.com
use.typekit.net |
3 | www.google-analytics.com |
cdn.segment.com
www.google-analytics.com jefferson.corestream.com |
3 | api-iam.intercom.io |
js.intercomcdn.com
|
2 | r.logr-ingest.com |
jefferson.corestream.com
|
2 | js.intercomcdn.com |
widget.intercom.io
|
2 | cdn2.corestream.com | |
2 | tkm2y5kpcd-dsn.algolia.net |
jefferson.corestream.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.google-analytics.com
|
1 | stats.g.doubleclick.net |
jefferson.corestream.com
|
1 | api.segment.io |
jefferson.corestream.com
|
1 | clientstream.launchdarkly.com | |
1 | widget.intercom.io |
jefferson.corestream.com
|
1 | js.upscope.io |
code.upscope.io
|
1 | code.upscope.io |
jefferson.corestream.com
|
1 | cdn.logr-ingest.com |
jefferson.corestream.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | jeffersonbenefitsplus.com | 1 redirects |
1 | click.relay.corestream.com | 1 redirects |
80 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
jefferson2.corestream.com |
www.corestream.com |
corp.corestream.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.corestream.com Go Daddy Secure Certificate Authority - G2 |
2024-04-24 - 2025-05-25 |
a year | crt.sh |
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-01 - 2025-03-03 |
a year | crt.sh |
logr-ingest.com GTS CA 1P5 |
2024-04-01 - 2024-06-30 |
3 months | crt.sh |
upscope.io Amazon RSA 2048 M03 |
2023-10-23 - 2024-11-20 |
a year | crt.sh |
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-04-04 - 2025-05-06 |
a year | crt.sh |
events.launchdarkly.com Amazon ECDSA 256 M03 |
2024-05-22 - 2025-06-21 |
a year | crt.sh |
*.intercom.com Amazon RSA 2048 M03 |
2024-01-15 - 2025-02-11 |
a year | crt.sh |
*.segment.com Amazon RSA 2048 M03 |
2023-11-14 - 2024-12-13 |
a year | crt.sh |
clientstream.launchdarkly.com Amazon RSA 2048 M02 |
2023-08-09 - 2024-09-05 |
a year | crt.sh |
algolia.net Sectigo RSA Organization Validation Secure Server CA |
2024-01-04 - 2025-02-02 |
a year | crt.sh |
sni1fbf6gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-02 - 2024-11-02 |
a year | crt.sh |
*.intercomcdn.com Amazon RSA 2048 M02 |
2023-12-01 - 2024-12-29 |
a year | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-04-10 - 2025-04-05 |
a year | crt.sh |
*.segment.io Amazon RSA 2048 M03 |
2023-12-13 - 2025-01-11 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
api.logrocket.com R3 |
2024-05-02 - 2024-07-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://jefferson.corestream.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2_Discounts&utm_content=Logo
Frame ID: DA2507092665A4ADFE72C08223E59035
Requests: 65 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.b31bfb87.js
Frame ID: 7A7C4E8844E34912BCD07D5E61228139
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Home | Jefferson Benefits PlusPage URL History Show full URLs
-
https://click.relay.corestream.com/?qs=e99ffb25f17c6492e9ef3f945f77df0a194f1b7674fce16325dce412fe7f1bbd1adaf533...
HTTP 302
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2... HTTP 302
https://jefferson.corestream.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Segment (Analytics) Expand
Detected patterns
- cdn\.segment\.com/analytics\.js
Typekit (Font Scripts) Expand
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: click here
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: cookie policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.relay.corestream.com/?qs=e99ffb25f17c6492e9ef3f945f77df0a194f1b7674fce16325dce412fe7f1bbd1adaf533bc9c84fd1d5250c915dfa7754b8d7a64c6579369
HTTP 302
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2_Discounts&utm_content=Logo HTTP 302
https://jefferson.corestream.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=ChangeOfAddress_EM2_Discounts&utm_content=Logo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
80 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
jefferson.corestream.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vcw7mfs.css
use.typekit.net/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-DjWMusk0.js
jefferson.corestream.com/assets/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
@microsoft-DLRaN0GO.js
jefferson.corestream.com/assets/ |
158 KB 159 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styled-components-BXbpQhMr.js
jefferson.corestream.com/assets/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xstate-DevVGWv7.js
jefferson.corestream.com/assets/ |
61 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
algolia-Cij3_1Kw.js
jefferson.corestream.com/assets/ |
127 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logrocket-Dlj0pJiQ.js
jefferson.corestream.com/assets/ |
144 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-BqBXxTei.css
jefferson.corestream.com/assets/ |
160 KB 161 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logger-1.min.js
cdn.logr-ingest.com/ |
844 KB 167 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CgX8WAhWJi.js
code.upscope.io/ |
1 KB 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
jefferson.prod.corestream.com
tenants.corestream.com/TenantSites/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jefferson.prod.corestream.com
tenants.corestream.com/TenantSites/ |
9 KB 9 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upscope-2.4.134.es6.js
js.upscope.io/ |
142 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a6409218-408b-40b2-827f-65973211f475
https://jefferson.corestream.com/ |
471 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
jefferson.corestream.com/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f072772b5b1880b7229eb3e
app.launchdarkly.com/sdk/goals/ |
2 B 199 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/diagnostic/ |
0 358 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJraW5kIjoibXVsdGkiLCJvcmdhbml6YXRpb24iOnsia2V5IjoiSkVGRkVSU09OIiwia2luZCI6Im9yZ2FuaXphdGlvbiIsIm5hbWUiOiJKZWZmZXJzb24ifSwidXNlciI6eyJhbm9ueW1vdXMiOnRydWUsImVtcGxveWVlSWQiOiJERUZBVUxUIiwia2V5IjoiS...
app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/contexts/ |
20 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5f072772b5b1880b7229eb3e
app.launchdarkly.com/sdk/goals/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/diagnostic/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
eyJraW5kIjoibXVsdGkiLCJvcmdhbml6YXRpb24iOnsia2V5IjoiSkVGRkVSU09OIiwia2luZCI6Im9yZ2FuaXphdGlvbiIsIm5hbWUiOiJKZWZmZXJzb24ifSwidXNlciI6eyJhbm9ueW1vdXMiOnRydWUsImVtcGxveWVlSWQiOiJERUZBVUxUIiwia2V5IjoiS...
app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/contexts/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dz17m8b8
widget.intercom.io/widget/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/ |
103 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta.json
jefferson.corestream.com/ |
50 B 212 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJraW5kIjoibXVsdGkiLCJvcmdhbml6YXRpb24iOnsia2V5IjoiSkVGRkVSU09OIiwia2luZCI6Im9yZ2FuaXphdGlvbiIsIm5hbWUiOiJKZWZmZXJzb24ifSwidXNlciI6eyJhbm9ueW1vdXMiOnRydWUsImVtcGxveWVlSWQiOiJERUZBVUxUIiwia2V5IjoiS...
clientstream.launchdarkly.com/eval/5f072772b5b1880b7229eb3e/ |
20 KB 0 |
EventSource
text/event-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Tokens
tenants.corestream.com/Metadata/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
query
tkm2y5kpcd-dsn.algolia.net/1/indexes/offers/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UnauthHome-B6Z9B0Qs.js
jefferson.corestream.com/assets/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useIsSiteEffective-DcOuatQz.js
jefferson.corestream.com/assets/ |
206 B 375 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-home-CBnKHvDL.js
jefferson.corestream.com/assets/ |
904 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/28158e/00000000000000003b9b4066/27/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/62681e/00000000000000003b9b406a/27/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tokens
tenants.corestream.com/Metadata/ |
6 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
query
tkm2y5kpcd-dsn.algolia.net/1/indexes/offers/ |
955 KB 214 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c88f1372-41b5-4b34-adce-1a39b24d85bb.png
cdn2.corestream.com/tenantimages/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corestream-logo-full-color.svg
cdn2.corestream.com/tenantimages/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-RMgTfNNj.js
jefferson.corestream.com/assets/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.esm-CucO-Y8Y.js
jefferson.corestream.com/assets/ |
644 B 814 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-hook-form-Bu323a-0.js
jefferson.corestream.com/assets/ |
27 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LockOutlined-BdppTnSp.js
jefferson.corestream.com/assets/ |
372 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VisibilityOff-CbUx-jfw.js
jefferson.corestream.com/assets/ |
902 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wysiwig-content-BpR9yQ4o.js
jefferson.corestream.com/assets/ |
814 B 984 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wysiwig-content-BjetqwH9.css
jefferson.corestream.com/assets/ |
182 B 341 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useTrackDetailedPageEvent-BBtxmXYw.js
jefferson.corestream.com/assets/ |
160 B 329 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useTrackVisitor-CH9WParV.js
jefferson.corestream.com/assets/ |
243 B 412 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
use-on-page-close-BxSmq7Bg.js
jefferson.corestream.com/assets/ |
297 B 467 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useEffectOnceSessionStorage-DDR6T0F7.js
jefferson.corestream.com/assets/ |
359 B 529 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
disclaimer-CUXmC5U7.js
jefferson.corestream.com/assets/ |
718 B 887 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
disclaimer-C8T1LPow.css
jefferson.corestream.com/assets/ |
940 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-BEradSLX.css
jefferson.corestream.com/assets/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/386e17/00000000000000003b9b4067/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.b31bfb87.js
js.intercomcdn.com/ Frame 7A7C |
460 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.84baedee.js
js.intercomcdn.com/ Frame 7A7C |
492 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 200 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 154 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame 7A7C |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a16cf88658c18bbddb93.js
cdn.segment.com/next-integrations/actions/algolia-plugins/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f2b65540f91528301bda.js
cdn.segment.com/next-integrations/actions/845/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ |
21 B 180 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ |
70 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame 7A7C |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
15 B 35 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 352 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame 7A7C |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
276 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/bulk/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/bulk/ |
0 358 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
i
r.logr-ingest.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
r.logr-ingest.com/ |
14 KB 15 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| __tsUtils$gblCfg object| __dynProto$Gbl function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ string| __reactRouterVersion number| 2f1acc6c3a606b082e5eef5e54414ffb function| Upscope string| scriptUrl object| regeneratorRuntime function| _LRLogger boolean| _lr_loaded boolean| __upscopeIdleManagerActive function| Intercom object| analytics function| _lrXMLHttpRequest object| intercomSettings function| __intercomAssignLocation function| __intercomReloadLocation object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkDestination function| algolia-pluginsDestination object| google-analyticsDeps function| google-analyticsLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jeffersonbenefitsplus.com/ | Name: ApplicationGatewayAffinityCORS Value: 1e4e4d484d830c42477f155fdfd09475 |
|
jeffersonbenefitsplus.com/ | Name: ApplicationGatewayAffinity Value: 1e4e4d484d830c42477f155fdfd09475 |
|
jefferson.corestream.com/ | Name: ApplicationGatewayAffinityCORS Value: b4a0f805849ef0b7cf33b84e1c2edfc2 |
|
jefferson.corestream.com/ | Name: ApplicationGatewayAffinity Value: b4a0f805849ef0b7cf33b84e1c2edfc2 |
|
jefferson.corestream.com/ | Name: ai_user Value: X2HoKvKjW2TKIrir5TN60D|2024-05-24T19:14:03.232Z |
|
.corestream.com/ | Name: _upscope__region Value: ImV1LWNlbnRyYWwi |
|
.corestream.com/ | Name: _upscope__shortId Value: IlpLRUpSRVhEUDExRU5NSERLIg== |
|
jefferson.corestream.com/ | Name: ai_session Value: nf9bud2MhhiP/s494TWgBr|1716578043938|1716578043938 |
|
jefferson.corestream.com/ | Name: _lr_tabs_-rnree3%2Fcs-prod Value: {%22sessionID%22:0%2C%22recordingID%22:%225-d30af9c0-8925-4006-899f-49425067db62%22%2C%22webViewID%22:null%2C%22lastActivity%22:1716578044088} |
|
jefferson.corestream.com/ | Name: _lr_hb_-rnree3%2Fcs-prod Value: {%22heartbeat%22:1716578044088} |
|
jefferson.corestream.com/ | Name: _lr_uf_-rnree3 Value: e5a1fc1c-5555-43e7-82c6-e8fb81c3193d |
|
.corestream.com/ | Name: ajs_anonymous_id Value: ac3cc1ff-eebf-466b-9e72-0528360481f7 |
|
.corestream.com/ | Name: intercom-id-dz17m8b8 Value: d98eb864-4b1c-4180-a6f2-44242698a2c5 |
|
.corestream.com/ | Name: intercom-session-dz17m8b8 Value: |
|
.corestream.com/ | Name: intercom-device-id-dz17m8b8 Value: 1ab77f46-bfbd-4ddf-ad8d-a2711c748074 |
|
.corestream.com/ | Name: _ga Value: GA1.2.1792021892.1716578046 |
|
.corestream.com/ | Name: _gid Value: GA1.2.504272113.1716578046 |
|
.corestream.com/ | Name: _gat Value: 1 |
|
.corestream.com/ | Name: _ga_S8ZW193L27 Value: GS1.2.1716578046.1.0.1716578046.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
api.segment.io
app.launchdarkly.com
cdn.logr-ingest.com
cdn.segment.com
cdn2.corestream.com
click.relay.corestream.com
clientstream.launchdarkly.com
code.upscope.io
dc.services.visualstudio.com
events.launchdarkly.com
jefferson.corestream.com
jeffersonbenefitsplus.com
js.intercomcdn.com
js.upscope.io
p.typekit.net
r.logr-ingest.com
region1.google-analytics.com
stats.g.doubleclick.net
tenants.corestream.com
tkm2y5kpcd-dsn.algolia.net
use.typekit.net
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
104.198.23.205
108.138.32.174
13.111.234.83
13.248.151.210
151.101.66.217
18.173.187.118
18.173.187.31
18.66.192.110
20.221.116.71
20.236.236.165
20.50.88.242
20.96.128.77
2001:4860:4802:34::36
23.92.179.154
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:803::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9d
2a02:26f0:3500:16::215:1495
2a06:98c1:3120::3
34.223.74.168
44.193.71.46
54.208.84.168
54.230.228.26
04102e04f95813a3168efedb2581cf4182554069695e3e186a09030cf4d1af5b
09d305a5a1c4756015b5b0c509dcc3f121a6e9a754a92ed5bacbb5a60899d411
0baa214182463c1c56ee98298c8d4eea99863b89b26828ac25503bf7fd19d7be
0e215e6effd1d2708e752cf070dbe733c222d68f0c4400115c183cd66fb5ce01
11a3940fab46a8f1551990d31c2cb73264995f0c1b40bdab602e9098df09b221
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1ba951fe754b64c51f2e4283dcd44934fe81e5ed72bce5ea0118027ea11f84b7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
209416544415cf580f3b6a193c70b1b891d52e15271534b12015ef1d31e2e97a
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2ed7acec3a242f1f1caad54196b11e504360687e784c4279f3c00bd07636d039
2f762434dfe5d77cd2e04f3189fd7d6758c6359d771bafaa0f1e88f23ed3334e
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
32833f37ed7f06075aa1c4f4541c8bdfeb0b0be937c3c80f3840d6001f26ee1a
32ced94fc8e2bf0187864e9f0ba4488202f136694cf6656d8b1e1998576f3968
44b03412a6da72789f5f88a9c98eaf4ca6158acf37deda292cb4469445fa238b
4c0490b471dbb929d65f43aff1d7b44502c8f3e71631a49ff852cd73dccd7c41
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50aad1f2329e9ff038917effb5a458f239692889e1a4f739e455b4d5a2e19b58
521bf0423a56c40d1ffeaf6f0a9fa1da940c487284307f85e995756670dab671
554e4ab9d23ef513d5518f62f001424eaeecb5b3648f970c4983e54b4418fec2
558b20a5e3223a9bd9377a2a3cf50a33811e6fcdf9655ef18c031fabde437f9f
58f5d549b1bafb7d4a738a80d6bd1606f8e1ac3de6a5cb4b3847e2b525ba4f83
5af015e2f958f4547f04b1f0e4756a9cf26b08cdddbdb1f728ed76259c17e5b3
60ad6dfedbaa3202e5fb388be7d11e29c257747f87bf0856e9d7364bc495f92a
66c251780f7c05e8b043b829201be5734aed164247be2a8650f00340c1599513
69941568ec6f1d5f72ff335bc23ebfa5572d69411cf1e5654c87fa510c0b4848
6a3850fdf673951b3a4b87913aaa2e87da18ea90052eab46b08f22f3b3ffd58d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7222c6fbafc2b2de06f2466c4323b8f55750e6382adf9c946322d1b32473276a
72c2a06c2669cae49b25c84d20958a70abbc17d9e47e8ff7b64064beaf197710
792effa00ed9bc424574a5680e1ad74a78456c774e786d25cbeceb5f8ebf2f26
7a3e95d661b8f8496c28bc54b0580fbb5ba6f83602a032d969edc102b1a517ec
7a6f5f3c8c1eb49a2380db93285012fffda9934701833d5a4e7b07af99ae8dae
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
8a11ac96a286a1280374122a557d20824c78c7fa986e0933a87211595c02a1d0
8b1d95f9d6c4cec1109de279b06c9e1c0d7e1a9cac4e47a386a982d290d7e856
90beeaab482d473308e41d89d512b6eef2eb3c9804a9b991105041d76daf6ba4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
938598c6fe839be639d8dfddbb20957afdc95ff0eef5ba3477f8a61f22f7280d
93fdb4a2f36b27693196fee8be314c55dc35f5e12924cc2bb8ed8911c1e45431
95e5b92758260294eb55352063c394dc65f3c8a58d50e05f870390d2957c1386
96ddd4528a871e49f37f0935d7c1498d95d00498157c943e6ca91cd11274cf73
98331fecb568cf260e6f101d1b52783ad70d626821b1ec43a4bb4d888a925490
9e12c9a9398d985f36094e4e65123ef4a973d68e0b5712acc7027a8160ef6cd6
9f24e3e3efe64751bb86222c5cfac583242700c509a97420853ce6c8110e4d17
a004dcb4d350ddfca670acf2a59ae33ccac60bf00bce356187b9f38c7e7d9f75
aa2c61d202e09e5e99610fed467ee88d18da9225fe9bd976e316eeb740dc7d91
ab0d91e2c7979bda3f68fb66477a511a28bc4ecce92b9c9e539e0feef8acabfa
b2b59182340acaeb14a32c11dd79b37e2c4ffde47a997d22c0e0f7f6f2d3bad0
b37992185be892f4f70f02e650eb18d2eb89f80c4a951c6cf5b71cf91354e32f
bdd9ae5b26ebce443a73fc7b4ecf583880e3bc0bce6e4e3fb8aa16c71b65025f
c28d4a92e6c63f35e98ee6f03b9c9765236386a9e04e8bf57718d64a426b30d4
c5080f08d0cd17c1804e57c50f215296d5a922fe4d3446068292ab279f505d37
c5156bb27be841d932acc56dedf4b67659fd843a33ae5e8291e112041566370d
cc645a5713972cc4888b5a1b5b062c654a4e32752b20f831e00bf10b089bbbb3
d049e99b08d22f48e87bf5f65814219c3946d518f1213e8f514d1b68b289b0ba
d489b866f669f2f15392d5cdce4b6e23f9e66fd7e0f38155510282f5e68c8ec2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17e331501b6bc63de0c23d0149646f8a611e10dd805c75893483e82515252e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49ad450c05a4ead76a4d4b61e09018c606f15362d80e75ad122dee5efc8f908
e5eaa930a247f99415a6c4955d96dbba2cd93a3dc92b5f8d3ad5334a8526d807
f16d3800d47aceeafb3c4ad1be1ae9269ed13478369a9927323009a577a384dd
f5e1c0282c906cab0e9d2ae07c36fac0f305b02877941dbcd7a745cb72019778
f5f40baa2b253c1f1316b651550c8c8046075fe80f9d1bd06cfcab38f792cda2