urlscan.io logo urlscan.io
SecurityTrails logo

reg.learningstream.com Open in urlscan Pro
146.88.110.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://list.mg.mlgn2usa.com/track/click?u=f75de331bfe8b590187c79b46e70d24b&id=f3f8ef4ed27d3b5f&e=2ca397b0
Effective URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSE...
Submission: On January 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 146.88.110.118, located in United States and belongs to RMH-14, US. The main domain is reg.learningstream.com. The Cisco Umbrella rank of the primary domain is 636202.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 30th 2020. Valid for: 2 years.
This is the only time reg.learningstream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    159.135.137.162 (Germany)

ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB)
list.mg.mlgn2usa.com
6    146.88.110.118 (United States)

ASN33070 (RMH-14, US)
reg.learningstream.com
3    2a00:1450:401b:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.88.110.117 (United States)

ASN33070 (RMH-14, US)
admin.learningstream.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4007:815::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 47
110 KB
7 learningstream.com
reg.learningstream.com — Cisco Umbrella Rank: 636202
admin.learningstream.com — Cisco Umbrella Rank: 738325
52 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 279
www.google-analytics.com — Cisco Umbrella Rank: 42
37 KB
3 gstatic.com
fonts.gstatic.com
125 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
syndication.twitter.com — Cisco Umbrella Rank: 844
133 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
452 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
84 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
1 mlgn2usa.com
list.mg.mlgn2usa.com
196 B
34 9
Domain Requested by
10 fonts.googleapis.com reg.learningstream.com
6 reg.learningstream.com reg.learningstream.com
ajax.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
3 ajax.googleapis.com reg.learningstream.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net reg.learningstream.com
www.google-analytics.com
2 ssl.google-analytics.com 1 redirects reg.learningstream.com
2 platform.twitter.com reg.learningstream.com
platform.twitter.com
2 connect.facebook.net reg.learningstream.com
connect.facebook.net
1 syndication.twitter.com platform.twitter.com
1 admin.learningstream.com reg.learningstream.com
1 www.googletagmanager.com reg.learningstream.com
1 list.mg.mlgn2usa.com 1 redirects
34 13

This site contains links to these domains. Also see Links.

Domain
www.learningstream.com
Subject Issuer Validity Valid
reg.learningstream.com
GeoTrust RSA CA 2018		 2020-01-30 -
2022-01-29		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-06 -
2022-02-04		 3 months crt.sh
admin.learningstream.com
GeoTrust RSA CA 2018		 2020-01-30 -
2022-01-29		 2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Frame ID: 8067B9E4AE99866CC0DAF7FDB4D168EE
Requests: 32 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Freg.learningstream.com
Frame ID: 0FFB5C98B33403AE70290E9764D12C49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

..:: Learning Stream - Standard and Plus ::..

Page URL History Show full URLs

  1. https://list.mg.mlgn2usa.com/track/click?u=f75de331bfe8b590187c79b46e70d24b&id=f3f8ef4ed27d3b5f&e=2ca397b0 HTTP 302
    https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS Page URL
  2. https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

34
Requests

97 %
HTTPS

69 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

577 kB
Transfer

1558 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://list.mg.mlgn2usa.com/track/click?u=f75de331bfe8b590187c79b46e70d24b&id=f3f8ef4ed27d3b5f&e=2ca397b0 HTTP 302
    https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS Page URL
  2. https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://list.mg.mlgn2usa.com/track/click?u=f75de331bfe8b590187c79b46e70d24b&id=f3f8ef4ed27d3b5f&e=2ca397b0 HTTP 302
  • https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS
Request Chain 29
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=206927818&utmhn=reg.learningstream.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=..%3A%3A%20Learning%20Stream%20-%20Standard%20and%20Plus%20%3A%3A..&utmhid=2002899767&utmr=0&utmp=%2Fview%2Fcal4a.aspx%3Fek%3D%26ref%3D%26aa%3D%26sid1%3D%26sid2%3D%26as%3D12%26wp%3D17%26tz%3D%26ms%3D%26nav%3D%26cc%3D%26cat1%3D%26cat2%3D%26cat3%3D%26aid%3DMOSERS%26rf%3D%26pn%3D&utmht=1643322022735&utmac=UA-11584887-1&utmcc=__utma%3D149643445.174017553.1643322023.1643322023.1643322023.1%3B%2B__utmz%3D149643445.1643322023.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=533218247&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11584887-1&cid=174017553.1643322023&jid=533218247&_v=5.7.2&z=206927818

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
view_month.aspx
reg.learningstream.com/view/
Redirect Chain
  • https://list.mg.mlgn2usa.com/track/click?u=f75de331bfe8b590187c79b46e70d24b&id=f3f8ef4ed27d3b5f&e=2ca397b0
  • https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ff8821c099b9295e2a140df620b1431639cfb55c4edc87f4f570ff596dc4e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Thu, 27 Jan 2022 22:20:11 GMT
Content-Length
766

Redirect headers

server
nginx/1.14.0 (Ubuntu)
date
Thu, 27 Jan 2022 22:20:20 GMT
content-type
text/html; charset=UTF-8
location
https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS
Primary Request cal4a.aspx
reg.learningstream.com/view/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9d8bee82baa6fe1ccbe0240e28b6edf17c38a8e05b7be6c91bb04ff02359508b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
Origin
https://reg.learningstream.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/view_month.aspx?as=12&wp=17&aid=MOSERS

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 27 Jan 2022 22:19:11 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Thu, 27 Jan 2022 22:20:11 GMT
Content-Length
7547
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 01:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 01:45:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 13:07:05 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 17:27:56 GMT
spin.js
reg.learningstream.com/s_includes/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.learningstream.com/s_includes/spin.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 06 Aug 2020 20:51:14 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0cda952336cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Thu, 27 Jan 2022 22:20:11 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
2086
X-XSS-Protection
1; mode=block
font-awesome.min.css
reg.learningstream.com/s_common/font_awesome_icons/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reg.learningstream.com/s_common/font_awesome_icons/css/font-awesome.min.css
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 06 Aug 2020 20:51:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"046164f336cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Thu, 27 Jan 2022 22:20:12 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
6989
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fa6ee53c3ef19ace03102a1db4f117bb978ee63e116882903cc157caeff67a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 20:23:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		13 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600,400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00506b7c30d28e4119083db48907dbf79d2156eedd378812663033ba52a55154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		7 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu::400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4d4469b4aec279c59ba19e2a860084a639a28bdd98f3ed6df35369488c709f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e84c7c84edd45ae00abe02027275c2ab7e3b2e72973d2af32ed1ff5e6711f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		4 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbe61a7cdc87c17c45fbaf9f896e5c22f6fcaf8392f464987320cd66c3e5f6d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		6 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7ca41f11677360dc8f4fbd4c826aa43c9d4f86678c45651347c2c6a1f3b98cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da51eb9eade2d854f014d33f3c075cfbe2154b193084060a96da1503b8f48e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		1 KB
411 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arvo:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
068c3d7118d9d83db6e290cce2dbdf0cc8fd08f7f0393beb9cc03ccf0571f518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		702 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bree+Serif:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea2eacb5f47d394b480c940fdfa4c6e554c7846eb9aa0e6ed570be78a440311d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
css
fonts.googleapis.com/ 		1020 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial:400,700,400italic,700italic
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 22:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 22:20:22 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11584887-1
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72e63e58f37d428de99120ff48d7980c6a391e3d17422b89d9bbf4beb4b660be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 22:20:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36064
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 21:41:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 22:20:22 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85853085a14ff1032da3cda3036154c6cd59c2c5ef9c515a2b90cf9a0e6f983c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Origin
https://reg.learningstream.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Kf9hPfq8YWR9jEMUhel/sw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
bD6GXO2fp7JGGN9bQxGf2jlJywgEAn/jFRIuSjiogRpyC0TA1yWKSdQafDCQAIUaf/HH4U2DICv+so67bzrKlw==
x-fb-trip-id
2050670934
x-fb-content-md5
229870494a0f5e657e61045e474a18f9
x-frame-options
DENY
date
Thu, 27 Jan 2022 22:20:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"387a6c408def41e868fd42b628433510"
timing-allow-origin
*
expires
Thu, 27 Jan 2022 22:26:57 GMT
moserslogo.jpg
admin.learningstream.com/files/AC4C6D9C-0F55-47A8-B40F-828866E8DA54_12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.learningstream.com/files/AC4C6D9C-0F55-47A8-B40F-828866E8DA54_12/moserslogo.jpg
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.117 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf7436ccaf3f9e1e9559ffae0cc3f5e56e18dddaa4d99d62321a790462477db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 01 May 2017 13:04:33 GMT
Server
Microsoft-IIS/8.5
ETag
"74555f7a7bc2d21:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Date
Thu, 27 Jan 2022 22:20:12 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
19636
X-XSS-Protection
1; mode=block
pb_ls_logo_trans.png
reg.learningstream.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reg.learningstream.com/images/pb_ls_logo_trans.png
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8c1012bcdace84d4a7a56aebb138f98467d196e8034d36118f9087d63c367889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 07 Aug 2020 20:37:54 GMT
Server
Microsoft-IIS/8.5
ETag
"03d3da0fa6cd61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Date
Thu, 27 Jan 2022 22:20:12 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
7035
X-XSS-Protection
1; mode=block
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 22:20:22 GMT
Content-Encoding
gzip
Age
1277
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29180
x-tw-cdn
VZ
Last-Modified
Wed, 19 Jan 2022 19:22:23 GMT
Server
ECS (frb/67F3)
Etag
"e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reg.learningstream.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 20:12:54 GMT
x-content-type-options
nosniff
age
180448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 20:12:54 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reg.learningstream.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
165948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 00:14:34 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu::400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reg.learningstream.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:32:35 GMT
x-content-type-options
nosniff
age
96467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:27 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:32:35 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
459
date
Thu, 27 Jan 2022 22:12:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 28 Jan 2022 00:12:43 GMT
inc_resp_view_category_select_fetch.aspx
reg.learningstream.com/view/ 		46 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://reg.learningstream.com/view/inc_resp_view_category_select_fetch.aspx?dl=6&as=12&ws=17&cs1=83&cs2=0&cs3=0&so=1&ls=0&ds=0&tz=0&drr=1&iec=0&il=1&stz=0&aid=MOSERS&ss=
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.88.110.118 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7482f2af252851e27a22d4373b462cf9823fad487169d344560a49b19b00a235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Date
Thu, 27 Jan 2022 22:20:14 GMT
X-Content-Type-Options
nosniff
Content-Length
5992
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=cc2d51023caa546b4528512afb5d64fd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17058a200edea30c8aa1fbab2d5a2eb87bff2ebdbd93c3eb7b5edd509bb706ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Origin
https://reg.learningstream.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sPTit3O5Y60hRjYNVBymzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83488
x-fb-rlafr
0
x-fb-debug
DEraDSn/j5eja6lwrGg2jR1FMrwAGcIl61ze/PxX+gK7KrA5LdtEqt/3QNo8DJigNWS1i4IshG2P+NAjlDWIRA==
x-fb-trip-id
2050670934
x-fb-content-md5
d3c025a6537a052d9ffebea5ea2c5529
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 27 Jan 2022 22:20:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"64a76659d37aca3ec1355162db2ccc03"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 Jan 2023 21:42:20 GMT
widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html
platform.twitter.com/widgets/ Frame 0FFB 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Freg.learningstream.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
603113
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Jan 2022 22:20:22 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 19 Jan 2022 19:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67DF)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 0FFB 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=630e9ddb572f4b9597cfaaf95408baa49b4465f1
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Freg.learningstream.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
106
date
Thu, 27 Jan 2022 22:20:21 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 22:20:22 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
df05a91a932984014c98063236c035ff75043674767dfbc78d626c9d9a4e4bab
content-length
166
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=206927818&utmhn=reg.learningstream.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11584887-1&cid=174017553.1643322023&jid=533218247&_v=5.7.2&z=206927818
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11584887-1&cid=174017553.1643322023&jid=533218247&_v=5.7.2&z=206927818
Requested by
Host: reg.learningstream.com
URL: https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Protocol
H2
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 27 Jan 2022 22:20:22 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 22:20:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11584887-1&cid=174017553.1643322023&jid=533218247&_v=5.7.2&z=206927818
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11584887-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2728
date
Thu, 27 Jan 2022 21:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 23:34:54 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2002899767&t=pageview&_s=1&dl=https%3A%2F%2Freg.learningstream.com%2Fview%2Fcal4a.aspx%3Fek%3D%26ref%3D%26aa%3D%26sid1%3D%26sid2%3D%26as%3D12%26wp%3D17%26tz%3D%26ms%3D%26nav%3D%26cc%3D%26cat1%3D%26cat2%3D%26cat3%3D%26aid%3DMOSERS%26rf%3D%26pn%3D&ul=en-us&de=UTF-8&dt=..%3A%3A%20Learning%20Stream%20-%20Standard%20and%20Plus%20%3A%3A..&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=149643445.174017553.1643322023.1643322023.1643322023.1&_utmz=149643445.1643322023.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1643322022949&_u=YQBCAUABAAAAAC~&jid=444847839&gjid=973985112&cid=174017553.1643322023&tid=UA-11584887-1&_gid=36102626.1643322023&_r=1&gtm=2ou1q0&z=1848828450
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 22:20:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reg.learningstream.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11584887-1&cid=174017553.1643322023&jid=444847839&gjid=973985112&_gid=36102626.1643322023&_u=YQBCAUAAAAAAAC~&z=892864811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reg.learningstream.com/view/cal4a.aspx?ek=&ref=&aa=&sid1=&sid2=&as=12&wp=17&tz=&ms=&nav=&cc=&cat1=&cat2=&cat3=&aid=MOSERS&rf=&pn=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 27 Jan 2022 22:20:23 GMT
content-type
text/plain
access-control-allow-origin
https://reg.learningstream.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| Spinner function| gtag object| dataLayer function| handleEnter string| account_id object| opts function| change_category function| clear_criteria function| change_time_zone function| LoadEvents function| initSpinner object| _gaq object| FB object| __twttrll object| twttr object| __twttr object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
list.mg.mlgn2usa.com/ Name: ln
Value: en
reg.learningstream.com/ Name: ASP.NET_SessionId
Value: mwlkkt555xolr3oen5yix1zw
.reg.learningstream.com/ Name: __utma
Value: 149643445.174017553.1643322023.1643322023.1643322023.1
.reg.learningstream.com/ Name: __utmc
Value: 149643445
.reg.learningstream.com/ Name: __utmz
Value: 149643445.1643322023.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.reg.learningstream.com/ Name: __utmt
Value: 1
.reg.learningstream.com/ Name: __utmb
Value: 149643445.1.10.1643322023
.learningstream.com/ Name: _ga
Value: GA1.2.174017553.1643322023
.learningstream.com/ Name: _gid
Value: GA1.2.36102626.1643322023
.learningstream.com/ Name: _gat_gtag_UA_11584887_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.learningstream.com
ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
list.mg.mlgn2usa.com
platform.twitter.com
reg.learningstream.com
ssl.google-analytics.com
stats.g.doubleclick.net
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.200
146.88.110.117
146.88.110.118
159.135.137.162
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:4007:815::2008
2a00:1450:400c:c00::9d
2a00:1450:401b:80d::200a
2a03:2880:f01c:8012:face:b00c:0:3
00506b7c30d28e4119083db48907dbf79d2156eedd378812663033ba52a55154
068c3d7118d9d83db6e290cce2dbdf0cc8fd08f7f0393beb9cc03ccf0571f518
0ff8821c099b9295e2a140df620b1431639cfb55c4edc87f4f570ff596dc4e62
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
17058a200edea30c8aa1fbab2d5a2eb87bff2ebdbd93c3eb7b5edd509bb706ce
1fa6ee53c3ef19ace03102a1db4f117bb978ee63e116882903cc157caeff67a4
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e84c7c84edd45ae00abe02027275c2ab7e3b2e72973d2af32ed1ff5e6711f7f
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72e63e58f37d428de99120ff48d7980c6a391e3d17422b89d9bbf4beb4b660be
7482f2af252851e27a22d4373b462cf9823fad487169d344560a49b19b00a235
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85853085a14ff1032da3cda3036154c6cd59c2c5ef9c515a2b90cf9a0e6f983c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c1012bcdace84d4a7a56aebb138f98467d196e8034d36118f9087d63c367889
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
9d8bee82baa6fe1ccbe0240e28b6edf17c38a8e05b7be6c91bb04ff02359508b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7ca41f11677360dc8f4fbd4c826aa43c9d4f86678c45651347c2c6a1f3b98cc
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
bbe61a7cdc87c17c45fbaf9f896e5c22f6fcaf8392f464987320cd66c3e5f6d3
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
da51eb9eade2d854f014d33f3c075cfbe2154b193084060a96da1503b8f48e38
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e4d4469b4aec279c59ba19e2a860084a639a28bdd98f3ed6df35369488c709f7
ea2eacb5f47d394b480c940fdfa4c6e554c7846eb9aa0e6ed570be78a440311d
ebf7436ccaf3f9e1e9559ffae0cc3f5e56e18dddaa4d99d62321a790462477db
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e