www.heliotropemag.com Open in urlscan Pro
2607:f1c0:100f:f000::238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Effective URL:
http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Submission: On February 18 via api (February 18th 2020, 11:12:11 pm UTC) from BE

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2607:f1c0:100f:f000::238, located in United States and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is www.heliotropemag.com.

This is the only time www.heliotropemag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 17	2607:f1c0:100... 2607:f1c0:100f:f000::238		8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
3	2606:4700::68... 2606:4700::6811:4104		13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2

17 2607:f1c0:100f:f000::238 (United States) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

heliotropemag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heliotropemag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	heliotropemag.com 1 redirects heliotropemag.com www.heliotropemag.com	158 KB
3	cloudflare.com cdnjs.cloudflare.com	6 KB
19	2

	Domain	Requested by
16	www.heliotropemag.com	www.heliotropemag.com
3	cdnjs.cloudflare.com	www.heliotropemag.com
1	heliotropemag.com	1 redirects
19	3

This site contains links to these domains. Also see Links.

Domain
silktide.com
wordpress.org
thematictheme.com

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Frame ID: D8D612ABAC125306A0B33A126805A50F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=... HTTP 301
http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

19
Requests

16 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

164 kB
Transfer

169 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://thematictheme.com/
Title: Thematic Theme Framework

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg HTTP 301
http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

Request Chain 16

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request HS Show response
www.heliotropemag.com/
Redirect Chain

http://heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg

8 KB
3 KB

439ms
309ms

Document
text/html

2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache / PHP/7.2.27
Resource Hash: d1d6094081f333e9733aa1471db8a334d1291f2fc31e702d28ec9bccece1ae93

Request headers

Host: www.heliotropemag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Tue, 18 Feb 2020 23:11:55 GMT
Server: Apache
X-Powered-By: PHP/7.2.27
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.heliotropemag.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip

Redirect headers

Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Date: Tue, 18 Feb 2020 23:11:54 GMT
Server: Apache
X-Powered-By: PHP/7.2.27
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg

GET
H/1.1 200
OK style.css
www.heliotropemag.com/wp-content/themes/thematic/ 3 KB
3 KB 128ms
126ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/style.css?ver=4.7.16
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 17da9e7eeb0f2200d8100e1f0e05abd1b5f80e1c8f54215e1646b656bef7e45f

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "a4d-5366a637e5591"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2637

GET
H/1.1 200
OK jquery.js Show response
www.heliotropemag.com/wp-includes/js/jquery/ 95 KB
95 KB 246ms
126ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Thu, 05 Sep 2019 12:15:10 GMT
Server: Apache
ETag: "17a6a-591cd45e34f80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 96874

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.heliotropemag.com/wp-includes/js/jquery/ 10 KB
10 KB 247ms
126ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:01:18 GMT
Server: Apache
ETag: "2748-5366a596ffb11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 10056

GET
H2

200

cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

5 KB
2 KB

15ms
14ms

Script
application/javascript

2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

Requested by

Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 23:11:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 24094260
cf-ray: 5673aed298a5d719-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-1207"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 07 Feb 2021 23:11:55 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK hoverIntent.js Show response
www.heliotropemag.com/wp-includes/js/ 5 KB
5 KB 442ms
321ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-includes/js/hoverIntent.js?ver=4.7.16
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 73efd57e5a881fd341583ee95d1dede21a584c9ced9a0e3f9f96741d09d095ec

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:01:18 GMT
Server: Apache
ETag: "1355-5366a5976447d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4949

GET
H/1.1 200
OK superfish.js Show response
www.heliotropemag.com/wp-content/themes/thematic/library/scripts/ 3 KB
3 KB 644ms
522ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/scripts/superfish.js?ver=1.4.8
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1de5648ee4525c03f71ac76605e2371ce55a2928edaa4916ab403966c3267445

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "abe-5366a637e26b0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2750

GET
H/1.1 200
OK supersubs.js Show response
www.heliotropemag.com/wp-content/themes/thematic/library/scripts/ 1 KB
1 KB 846ms
724ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/scripts/supersubs.js?ver=0.2b
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: fd0ffd23918936f5975f415292f27932cfe0554d10a7916799028a31957b800e

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:56 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "43e-5366a637e26b0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1086

GET
H/1.1 200
OK thematic-dropdowns.js Show response
www.heliotropemag.com/wp-content/themes/thematic/library/scripts/ 983 B
1 KB 253ms
124ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/scripts/thematic-dropdowns.js?ver=1.0
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 49b58f9b4156c8dad952ac90e693374b878c5158b53641ceeba35b1e7da55b84

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "3d7-5366a637e26b0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 983

GET
H/1.1 200
OK wp-embed.min.js Show response
www.heliotropemag.com/wp-includes/js/ 1 KB
2 KB 632ms
126ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-includes/js/wp-embed.min.js?ver=4.7.16
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Tue, 17 Jan 2017 17:56:28 GMT
Server: Apache
ETag: "576-5464e05013190"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1398

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.heliotropemag.com/wp-includes/js/ 11 KB
11 KB 125ms
124ms Script
application/javascript 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.16
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Tue, 17 Jan 2017 17:56:28 GMT
Server: Apache
ETag: "2c96-5464e050121f0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 11414

GET
H/1.1 200
OK reset.css
www.heliotropemag.com/wp-content/themes/thematic/library/styles/ 1 KB
2 KB 240ms
124ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/styles/reset.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: de03b59508a113bb02b491e44a897b7994467e67ee23480717c87ff4390aa150

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "4fb-5366a637e3650"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1275

GET
H/1.1 200
OK typography.css
www.heliotropemag.com/wp-content/themes/thematic/library/styles/ 2 KB
2 KB 249ms
126ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/styles/typography.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 55bebbb32a036f7f2cd34b18122603ce74be23d239974a31113ca65660ef6a83

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "85e-5366a637e3650"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2142

GET
H/1.1 200
OK 2c-r-fixed.css
www.heliotropemag.com/wp-content/themes/thematic/library/layouts/ 1 KB
2 KB 363ms
123ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/layouts/2c-r-fixed.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4676b58245de1970c2f9e870eee90cfc4b9ba90dd5b443beec5ad540d41ada58

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "52a-5366a637e0770"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1322

GET
H/1.1 200
OK images.css
www.heliotropemag.com/wp-content/themes/thematic/library/styles/ 2 KB
2 KB 375ms
126ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/styles/images.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 64f7998cc7dac95653879986b13d36226753aad9d9cbed89bb3677a9fe386c22

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "756-5366a637e3650"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1878

GET
H/1.1 200
OK default.css
www.heliotropemag.com/wp-content/themes/thematic/library/styles/ 14 KB
14 KB 435ms
125ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/styles/default.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: ea859263a86afd1f3739d6b4ff413f5f9b164352ec9b87dd87bfe1ca53beaa39

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "36e0-5366a637e3650"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14048

GET
H/1.1 200
OK plugins.css
www.heliotropemag.com/wp-content/themes/thematic/library/styles/ 1 KB
1 KB 486ms
124ms Stylesheet
text/css 2607:f1c0:100f:f000::238
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.heliotropemag.com/wp-content/themes/thematic/library/styles/plugins.css
Requested by: Host: www.heliotropemag.com
URL: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::238 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: f8bc2c5781032c03f418262bd21754351b7c86da23baef277f595c0527772241

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Feb 2020 23:11:55 GMT
Last-Modified: Wed, 29 Jun 2016 13:04:07 GMT
Server: Apache
ETag: "4f4-5366a637e3650"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1268

GET
H2

200

dark-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css

3 KB
936 B

13ms
13ms

Stylesheet
text/css

2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff15095a70ada9f7cf88ee1b30a6151d1f23959e74633fdf4ca67200c636fd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.heliotropemag.com/HS?b=M2uHHCpNHHI11IQFkuLi8fWhuhfft2n-D4Gj9CaoZwCZIYbLCmXGK28pPjSoC0EX&c=lvfBbKkQqPW0V7J5DQgJjg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 23:11:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 1004028
cf-ray: 5673aed7d8d1d719-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-c8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 07 Feb 2021 23:11:56 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css
Non-Authoritative-Reason: HSTS

GET
H2 200 logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 3 KB
3 KB 15ms
14ms Image
image/png 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/logo.png

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-floating.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 23:11:56 GMT
cf-cache-status: HIT
age: 9561743
cf-ray: 5673aed7e913d719-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 3083
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: "5afd48e8-c0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sun, 07 Feb 2021 23:11:56 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.000

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| cookieconsent_options boolean| hasCookieConsent object| twemoji object| wp object| $ULs function| update_cookieconsent_options

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.heliotropemag.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
heliotropemag.com
www.heliotropemag.com
2606:4700::6811:4104
2607:f1c0:100f:f000::238
17da9e7eeb0f2200d8100e1f0e05abd1b5f80e1c8f54215e1646b656bef7e45f
1de5648ee4525c03f71ac76605e2371ce55a2928edaa4916ab403966c3267445
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
4676b58245de1970c2f9e870eee90cfc4b9ba90dd5b443beec5ad540d41ada58
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49b58f9b4156c8dad952ac90e693374b878c5158b53641ceeba35b1e7da55b84
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
55bebbb32a036f7f2cd34b18122603ce74be23d239974a31113ca65660ef6a83
64f7998cc7dac95653879986b13d36226753aad9d9cbed89bb3677a9fe386c22
73efd57e5a881fd341583ee95d1dede21a584c9ced9a0e3f9f96741d09d095ec
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d1d6094081f333e9733aa1471db8a334d1291f2fc31e702d28ec9bccece1ae93
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
de03b59508a113bb02b491e44a897b7994467e67ee23480717c87ff4390aa150
ea859263a86afd1f3739d6b4ff413f5f9b164352ec9b87dd87bfe1ca53beaa39
f8bc2c5781032c03f418262bd21754351b7c86da23baef277f595c0527772241
fd0ffd23918936f5975f415292f27932cfe0554d10a7916799028a31957b800e
ff15095a70ada9f7cf88ee1b30a6151d1f23959e74633fdf4ca67200c636fd71