URL: https://blackrocksexpeditions.com/
Submission: On September 10 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 66.96.160.153, located in United States and belongs to BIZLAND-SD, US. The main domain is blackrocksexpeditions.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 14th 2024. Valid for: a year.
This is the only time blackrocksexpeditions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 blackrocksexpeditions.com
blackrocksexpeditions.com
8 MB
6 bokun.io
widgets.bokun.io — Cisco Umbrella Rank: 574850
static.bokun.io — Cisco Umbrella Rank: 530027
132 KB
4 gstatic.com
fonts.gstatic.com
118 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
2 google.com
maps.google.com — Cisco Umbrella Rank: 3713
www.google.com — Cisco Umbrella Rank: 10
280 B
2 cloudfront.net
d1z7pss8he85xn.cloudfront.net
30 KB
2 trpwrks.com
trpwrks.com — Cisco Umbrella Rank: 941586
1 KB
1 tripworks.com
lunenburgretreat.tripworks.com
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
1 KB
36 9
Domain Requested by
17 blackrocksexpeditions.com blackrocksexpeditions.com
5 widgets.bokun.io blackrocksexpeditions.com
static.bokun.io
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com blackrocksexpeditions.com
d1z7pss8he85xn.cloudfront.net
2 d1z7pss8he85xn.cloudfront.net blackrocksexpeditions.com
2 trpwrks.com 2 redirects
1 lunenburgretreat.tripworks.com trpwrks.com
1 cdnjs.cloudflare.com widgets.bokun.io
1 static.bokun.io widgets.bokun.io
1 www.google.com blackrocksexpeditions.com
1 maps.google.com 1 redirects
36 11

This site contains links to these domains. Also see Links.

Domain
www.lunenburgretreat.com
Subject Issuer Validity Valid
www.blackrocksexpeditions.com
Sectigo RSA Domain Validation Secure Server CA
2024-08-14 -
2025-08-14
a year crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
widgets.bokun.io
Amazon RSA 2048 M02
2024-07-17 -
2025-08-14
a year crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
static.bokun.io
Amazon RSA 2048 M02
2024-07-17 -
2025-08-14
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
*.tripworks.com
Go Daddy Secure Certificate Authority - G2
2023-09-16 -
2024-10-11
a year crt.sh

This page contains 6 frames:

Primary Page: https://blackrocksexpeditions.com/
Frame ID: 8E7B66BDA30C6FB15546CD458FEFE31A
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sRansom%27s+Lunenburg+Retreat!5e0!6i10
Frame ID: F9B7BCE2AE062B87AC9A1F227EA389D8
Requests: 1 HTTP requests in this frame

Frame: https://lunenburgretreat.tripworks.com/widgets/calendar?showDetail=true&calendarId=7p9qjljqi
Frame ID: C3CEFBDE6A6E208318F87860EF805D46
Requests: 1 HTTP requests in this frame

Frame: https://widgets.bokun.io/online-sales/7f477735-c666-40ad-ac30-0c97cd2688ba?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089&hideLanguageSelector=false&hostUrl=https%3A%2F%2Fblackrocksexpeditions.com%2F&isDuda=false&isModal=true&lang=en
Frame ID: 6B05D4813D70A1D90E7AE136374546AE
Requests: 1 HTTP requests in this frame

Frame: https://widgets.bokun.io/online-sales/7f477735-c666-40ad-ac30-0c97cd2688ba/experience/902215?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089&hostUrl=https%3A%2F%2Fblackrocksexpeditions.com%2F&mainIframeReady=false&rootFramePresent=true
Frame ID: 58A03ED26F9864F22F8B6819431D7E14
Requests: 1 HTTP requests in this frame

Frame: https://widgets.bokun.io/WidgetsCartBubble/?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089
Frame ID: B0574E5F7E99759E63732B37CB007403
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

58 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

8162 kB
Transfer

8654 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://trpwrks.com/build/sdk.js HTTP 302
  • https://d1z7pss8he85xn.cloudfront.net/build/prod/sdk-b5c0d65fdd79c05b674f.js
Request Chain 14
  • https://maps.google.com/maps?output=embed&q=Ransom%27s%20Lunenburg%20Retreat&z=10&t=m HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sRansom%27s+Lunenburg+Retreat!5e0!6i10
Request Chain 26
  • https://trpwrks.com/build/widgetsStyle.css HTTP 302
  • https://d1z7pss8he85xn.cloudfront.net/build/prod/widgetsStyle-a6c0e28f8a60e5aa20d3.css

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blackrocksexpeditions.com/
25 KB
25 KB
Document
General
Full URL
https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
b3214f68a0f02308d82d9a3d111436ace919f647ee6fa47fd6fb3757b52f7aed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
25370
Content-Type
text/html
Date
Tue, 10 Sep 2024 17:59:21 GMT
Etag
"631a-6205f4a09dd25"
Expires
Tue, 10 Sep 2024 18:59:21 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:56 GMT
Server
Apache
nicepage.css
blackrocksexpeditions.com/
1 MB
1 MB
Stylesheet
General
Full URL
https://blackrocksexpeditions.com/nicepage.css
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
f7ff01b0310513f6526cd608aa1b527bf1bc79e8b5d11ab39f84132f6bcf4feb

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:22 GMT
Last-Modified
Fri, 23 Aug 2024 20:05:01 GMT
Server
Apache
Age
0
ETag
"16cd4d-6205f4a5f04f1"
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1494349
Expires
Tue, 10 Sep 2024 21:59:22 GMT
index.css
blackrocksexpeditions.com/
22 KB
22 KB
Stylesheet
General
Full URL
https://blackrocksexpeditions.com/index.css
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
552bd781b84ee88d2a7b89e23e38c93f6074f8b76c0f26e99510da74596ea404

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:22 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:56 GMT
Server
Apache
Age
0
ETag
"5687-6205f4a061fd0"
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22151
Expires
Tue, 10 Sep 2024 21:59:22 GMT
jquery.js
blackrocksexpeditions.com/
87 KB
88 KB
Script
General
Full URL
https://blackrocksexpeditions.com/jquery.js
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:24 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:56 GMT
Server
Apache
Age
0
ETag
"15d84-6205f4a10aade"
Content-Type
application/x-javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89476
Expires
Tue, 10 Sep 2024 21:59:24 GMT
nicepage.js
blackrocksexpeditions.com/
365 KB
366 KB
Script
General
Full URL
https://blackrocksexpeditions.com/nicepage.js
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
d985894e23a78f97986f77bb64733aa35f208703725ad762b49360b528ef43fc

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:24 GMT
Last-Modified
Fri, 23 Aug 2024 20:05:03 GMT
Server
Apache
Age
0
ETag
"5b5b0-6205f4a78fe76"
Content-Type
application/x-javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
374192
Expires
Tue, 10 Sep 2024 21:59:24 GMT
css
fonts.googleapis.com/
73 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
861c748533bed673695876a14592e63c2750fab07c580819e9719b2d76cc9041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 17:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 17:59:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 17:59:22 GMT
css
fonts.googleapis.com/
7 KB
997 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d9740a58f2fee125edf28cea3cb1d2c98971bb6f2bdce19635575b3da4725a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 17:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 16:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 17:59:22 GMT
sdk-b5c0d65fdd79c05b674f.js
d1z7pss8he85xn.cloudfront.net/build/prod/
Redirect Chain
  • https://trpwrks.com/build/sdk.js
  • https://d1z7pss8he85xn.cloudfront.net/build/prod/sdk-b5c0d65fdd79c05b674f.js
135 KB
29 KB
Script
General
Full URL
https://d1z7pss8he85xn.cloudfront.net/build/prod/sdk-b5c0d65fdd79c05b674f.js
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H2
Server
2600:9000:225e:3a00:10:f240:82c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cea4727eb0658cb32b576646912e70bbd89e834b9e9d10f20fcc9c78eb8ebd4

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 14:00:59 GMT
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 11 Oct 2024 00:00:00 GMT", rule-id="Delete assets after 30 days"
last-modified
Tue, 10 Sep 2024 13:59:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
14303
etag
W/"409824960c27e7bab2d48790abcf41f2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5y6H7QlOr_SV_oRWcKkvSQGy_Jx6ZqWrIr3g-CG3Pr5BsdpswRry9A==

Redirect headers

date
Tue, 10 Sep 2024 17:58:24 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
x-amz-cf-pop
FRA60-P4
age
58
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
location
https://d1z7pss8he85xn.cloudfront.net/build/prod/sdk-b5c0d65fdd79c05b674f.js
access-control-allow-origin
*
cache-control
max-age=600, public
x-amz-cf-id
9aJ4leUfnR8_vBC9sPB8n0ydFgonso3FZL47XItS9aQqwMZ7E1hWgg==
BlackRocksBanner2.png
blackrocksexpeditions.com/images/
22 KB
23 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/BlackRocksBanner2.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
e3ac3c155c384e3cdd15e0428960ebf874cd0d35029ffb54f2dbfb71e47ffbf4

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:22 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:40 GMT
Server
Apache
Age
0
ETag
"59c4-6205f49199100"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22980
Expires
Tue, 10 Sep 2024 21:59:22 GMT
BlackRocks2.png
blackrocksexpeditions.com/images/
553 KB
553 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/BlackRocks2.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
80c885e42a229e76159fb7d70d18979ead85fb0732a4b8dd1ac958c4fe364159

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:22 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:39 GMT
Server
Apache
Age
0
ETag
"8a4a6-6205f4900738d"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
566438
Expires
Tue, 10 Sep 2024 21:59:22 GMT
13266180.png
blackrocksexpeditions.com/images/
3 KB
4 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/13266180.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
2ab167c70f7b04a64f6242a6f3b1f7bfa5629e72afab994b6ca4fe9edd81fc7b

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:22 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:28 GMT
Server
Apache
Age
1
ETag
"d2b-6205f485dd2f3"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3371
Expires
Tue, 10 Sep 2024 21:59:23 GMT
691874.png
blackrocksexpeditions.com/images/
4 KB
5 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/691874.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
3b8182d00d865ad2287e813ac0ff0d2ac9c2b467a76ce97ee4b3416260c7fb60

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:23 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:29 GMT
Server
Apache
Age
0
ETag
"1139-6205f48740a36"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4409
Expires
Tue, 10 Sep 2024 21:59:23 GMT
PTGAguide.png
blackrocksexpeditions.com/images/
288 KB
288 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/PTGAguide.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
6819820d9aa369a36f171c0a47a1374fc6959fe9e02515329b70991682e3ac34

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:25 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:43 GMT
Server
Apache
Age
0
ETag
"47e28-6205f4942d67f"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
294440
Expires
Tue, 10 Sep 2024 21:59:25 GMT
BokunWidgetsLoader.js
widgets.bokun.io/assets/javascripts/apps/build/
9 KB
4 KB
Script
General
Full URL
https://widgets.bokun.io/assets/javascripts/apps/build/BokunWidgetsLoader.js?bookingChannelUUID=7f477735-c666-40ad-ac30-0c97cd2688ba
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1800:17:72f3:b340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
642ba441c389ae42f24d142e7a63304f2825585c3469d8e530f69d10d6cc28e6

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:59:26 GMT
content-encoding
gzip
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P6
etag
W/"48aa2d2c9d40d75a4d8de7276ef640bc"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, max-age=0, must-revalidate, no-store
x-amz-cf-id
G64izA8klwWcT31yg5TLWXWs81zKs65dgspyHWAZjcbEBK9L_GLq9Q==
LR-LOGO-CIRCLE-FINAL-3.png
blackrocksexpeditions.com/images/
251 KB
252 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/LR-LOGO-CIRCLE-FINAL-3.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
c4304426b978750bc998ebb938d433f226c812bd0316a5ea169a914b63c696a9

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:26 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:42 GMT
Server
Apache
Age
0
ETag
"3edce-6205f49301293"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
257486
Expires
Tue, 10 Sep 2024 21:59:26 GMT
embed
www.google.com/maps/ Frame F9B7
Redirect Chain
  • https://maps.google.com/maps?output=embed&q=Ransom%27s%20Lunenburg%20Retreat&z=10&t=m
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sRansom%27s+Lunenburg+Retreat!5e0!6i10
0
0
Document
General
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sRansom%27s+Lunenburg+Retreat!5e0!6i10
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-rq2fmKocWdQZ3RjiLcQ1Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blackrocksexpeditions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1240
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-rq2fmKocWdQZ3RjiLcQ1Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 17:59:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 10 Sep 2024 17:59:26 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sRansom%27s+Lunenburg+Retreat!5e0!6i10
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
BlackRocksBanner.jpg
blackrocksexpeditions.com/images/
307 KB
307 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/BlackRocksBanner.jpg
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
cea3e26ebf3e519bf4ccd01d7d44cb5ec2fc064260e790a66eb10cf27cea29b1

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:26 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:40 GMT
Server
Apache
Age
0
ETag
"4cbf3-6205f4914dd92"
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
314355
Expires
Tue, 10 Sep 2024 21:59:26 GMT
fb180b3f-24a3-45c1-a977-f23c59ac9d5f.jpg
blackrocksexpeditions.com/images/
2 MB
2 MB
Image
General
Full URL
https://blackrocksexpeditions.com/images/fb180b3f-24a3-45c1-a977-f23c59ac9d5f.jpg
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
be9e5eb672fd08116dafc135ddfe4b45a319170ce6806a78e69a7456adeef291

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:26 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:51 GMT
Server
Apache
Age
0
ETag
"22d54d-6205f49bde699"
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2282829
Expires
Tue, 10 Sep 2024 21:59:26 GMT
2023-06-26-03123.JPG
blackrocksexpeditions.com/images/
248 KB
248 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/2023-06-26-03123.JPG
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
2f41fca76921a622da61c1eda3cdbd8aa5fd2e54b0d82aea5be9c7af30a75eb2

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:27 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:29 GMT
Server
Apache
Age
1
ETag
"3e00b-6205f486cfd9c"
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
253963
Expires
Tue, 10 Sep 2024 21:59:27 GMT
AA-DEB.png
blackrocksexpeditions.com/images/
839 KB
839 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/AA-DEB.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
4cce958ff0cab7f0e6f6313af72272bf9d0c7d836fef43f70037a993102dc8a8

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:26 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:32 GMT
Server
Apache
Age
0
ETag
"d1bcb-6205f48a44145"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
859083
Expires
Tue, 10 Sep 2024 21:59:26 GMT
AA-Jason.png
blackrocksexpeditions.com/images/
1 MB
1 MB
Image
General
Full URL
https://blackrocksexpeditions.com/images/AA-Jason.png
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
63a906613ab79582942c218dc8d98b82e342165695d71bd3cad191a9ce1937d5

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:26 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:36 GMT
Server
Apache
Age
0
ETag
"10c8b9-6205f48dff36c"
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1099961
Expires
Tue, 10 Sep 2024 21:59:26 GMT
DebZodiac.jpg
blackrocksexpeditions.com/images/
92 KB
92 KB
Image
General
Full URL
https://blackrocksexpeditions.com/images/DebZodiac.jpg
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.160.153 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
153.160.96.66.static.eigbox.net
Software
Apache /
Resource Hash
b4d496051474abab622257caf4b8ba1c2ae6d53513857789ab5763a055917888

Request headers

Referer
https://blackrocksexpeditions.com/index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 17:59:27 GMT
Last-Modified
Fri, 23 Aug 2024 20:04:41 GMT
Server
Apache
Age
0
ETag
"16e65-6205f4920a1c4"
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93797
Expires
Tue, 10 Sep 2024 21:59:27 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blackrocksexpeditions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 00:52:45 GMT
x-content-type-options
nosniff
age
320801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Sep 2025 00:52:45 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blackrocksexpeditions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:55:31 GMT
x-content-type-options
nosniff
age
21835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:55:31 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blackrocksexpeditions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:40:48 GMT
x-content-type-options
nosniff
age
22718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:40:48 GMT
BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
static.bokun.io/
421 KB
128 KB
Script
General
Full URL
https://static.bokun.io/BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
Requested by
Host: widgets.bokun.io
URL: https://widgets.bokun.io/assets/javascripts/apps/build/BokunWidgetsLoader.js?bookingChannelUUID=7f477735-c666-40ad-ac30-0c97cd2688ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:ea00:1f:868a:fec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6937150769cea167354c809089c61938bc0663706532dd6f6c4bc539bede7a6

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 14:51:28 GMT
content-encoding
br
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2024 14:35:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
11279
etag
W/"ecfec063b245ab11c457c7f8dc6c548e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
sTn_02Bb6acRi0CGYohDPkTBszmVQtFiRuCoWzVOL7TSlKY_v61OLw==
polyfill.min.js
cdnjs.cloudflare.com/polyfill/v3/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?features=Array.prototype.%40%40iterator%2CArray.prototype.copyWithin%2CArray.prototype.entries%2CArray.prototype.every%2CArray.prototype.fill%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.flatMap%2CArray.prototype.forEach%2CArray.prototype.includes%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CArray.prototype.reduceRight%2CArray.prototype.some%2CArray.prototype.values%2Ces2015%2Ces2016%2Ces2017%2Cfetch%2CMutationObserver%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise.prototype.finally%2CsetImmediate
Requested by
Host: widgets.bokun.io
URL: https://widgets.bokun.io/assets/javascripts/apps/build/BokunWidgetsLoader.js?bookingChannelUUID=7f477735-c666-40ad-ac30-0c97cd2688ba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bacf0512da485b395cadbfee54122dd50b036411ee2b40b426c784ab6595f6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:59:26 GMT
strict-transport-security
max-age=15780000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1768207
alt-svc
h3=":443"; ma=86400
x-compress-hint
on
last-modified
Wed, 21 Aug 2024 06:49:19 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JY9wX5boTOL0hFrbCqX2u40y6AfouTJ2K6hIipjp%2B20VQPoqrVsrulnYXZ8JemovPHsi5PIWbGrlo%2B%2FGirR2HKOdgW1GSLNb4Egkxhp3h%2BDT55L8b8mTVaV5tgLPw5rDOA5PNE8s"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-polyfill-version
3.111.0
cf-ray
8c114fd5ee388f35-FRA
expires
Tue, 17 Sep 2024 17:59:26 GMT
widgetsStyle-a6c0e28f8a60e5aa20d3.css
d1z7pss8he85xn.cloudfront.net/build/prod/
Redirect Chain
  • https://trpwrks.com/build/widgetsStyle.css
  • https://d1z7pss8he85xn.cloudfront.net/build/prod/widgetsStyle-a6c0e28f8a60e5aa20d3.css
3 KB
1 KB
Stylesheet
General
Full URL
https://d1z7pss8he85xn.cloudfront.net/build/prod/widgetsStyle-a6c0e28f8a60e5aa20d3.css
Requested by
Host: blackrocksexpeditions.com
URL: https://blackrocksexpeditions.com/
Protocol
H2
Server
2600:9000:225e:3a00:10:f240:82c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b890f7390a4b939014f002604feab66289f52f3b2c8c9fd59aaa8d7737e93bf2

Request headers

Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:54:26 GMT
content-encoding
br
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 11 Oct 2024 00:00:00 GMT", rule-id="Delete assets after 30 days"
last-modified
Tue, 10 Sep 2024 01:14:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
57901
etag
W/"a457e94c778d7895bfe4b5e8c07c0ee9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
U0xx6ae0kkYL47Az_KRKPnRPrZEl8EuWw05P1CXNVuZmYiUuR21RuQ==

Redirect headers

date
Tue, 10 Sep 2024 17:58:59 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
x-amz-cf-pop
FRA60-P4
age
27
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
location
https://d1z7pss8he85xn.cloudfront.net/build/prod/widgetsStyle-a6c0e28f8a60e5aa20d3.css
access-control-allow-origin
*
cache-control
max-age=600, public
x-amz-cf-id
tI1P8nUb1Sb8rELIfid1InyU6Asm_5CTNwjpGVpmteg1K8ALVGOhQA==
calendar
lunenburgretreat.tripworks.com/widgets/ Frame C3CE
0
0
Document
General
Full URL
https://lunenburgretreat.tripworks.com/widgets/calendar?showDetail=true&calendarId=7p9qjljqi
Requested by
Host: trpwrks.com
URL: https://trpwrks.com/build/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-94.cdg52.r.cloudfront.net
Software
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Referer
https://blackrocksexpeditions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 17:59:26 GMT
expires
Tue, 10 Sep 2024 17:59:26 GMT
server
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
vary
Accept-Encoding
via
1.1 a462d9473c62e045cd7ca3144781eb10.cloudfront.net (CloudFront)
x-amz-cf-id
jhIfQclsRuVPeOALxVRaJsaamrWrvOqnz-MWiThh3mhckm46kOnkDQ==
x-amz-cf-pop
CDG52-P4
x-cache
Miss from cloudfront
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blackrocksexpeditions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 12:21:18 GMT
x-content-type-options
nosniff
age
20288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 12:21:18 GMT
css
fonts.googleapis.com/
17 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700&display=swap
Requested by
Host: d1z7pss8he85xn.cloudfront.net
URL: https://d1z7pss8he85xn.cloudfront.net/build/prod/widgetsStyle-a6c0e28f8a60e5aa20d3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56bf78c80ef23db92384460f42cdccdb700c5c7f6f89d0f502e957bedecaa2db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d1z7pss8he85xn.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 17:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 17:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 17:59:26 GMT
loaded
widgets.bokun.io/widgets/7f477735-c666-40ad-ac30-0c97cd2688ba/
0
235 B
XHR
General
Full URL
https://widgets.bokun.io/widgets/7f477735-c666-40ad-ac30-0c97cd2688ba/loaded?widgetUrl=https%3A%2F%2Fwidgets.bokun.io%2Fonline-sales%2F7f477735-c666-40ad-ac30-0c97cd2688ba%2Fexperience%2F902215&refererUrl=https%3A%2F%2Fblackrocksexpeditions.com%2F&isBookingButton=false
Requested by
Host: static.bokun.io
URL: https://static.bokun.io/BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1800:17:72f3:b340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://blackrocksexpeditions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:59:26 GMT
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
Ma3l3FHuDEzx5CKKsZVW3kadj3kgxSXLUQd_37_ccqVGKhF6E0kH9A==
7f477735-c666-40ad-ac30-0c97cd2688ba
widgets.bokun.io/online-sales/ Frame 6B05
0
0
Document
General
Full URL
https://widgets.bokun.io/online-sales/7f477735-c666-40ad-ac30-0c97cd2688ba?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089&hideLanguageSelector=false&hostUrl=https%3A%2F%2Fblackrocksexpeditions.com%2F&isDuda=false&isModal=true&lang=en
Requested by
Host: static.bokun.io
URL: https://static.bokun.io/BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7200:17:72f3:b340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash

Request headers

Referer
https://blackrocksexpeditions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 17:59:26 GMT
server
nginx/1.22.1
vary
accept-encoding
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id
JbJgAmiIi3vMvbbQG1f_HWG0MOYq1_RV-ejk9zhVXzbSjt_YeW1gsw==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
902215
widgets.bokun.io/online-sales/7f477735-c666-40ad-ac30-0c97cd2688ba/experience/ Frame 58A0
0
0
Document
General
Full URL
https://widgets.bokun.io/online-sales/7f477735-c666-40ad-ac30-0c97cd2688ba/experience/902215?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089&hostUrl=https%3A%2F%2Fblackrocksexpeditions.com%2F&mainIframeReady=false&rootFramePresent=true
Requested by
Host: static.bokun.io
URL: https://static.bokun.io/BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7200:17:72f3:b340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash

Request headers

Referer
https://blackrocksexpeditions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 17:59:26 GMT
server
nginx/1.22.1
vary
accept-encoding
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id
UGQ7oPhkTqCZJxL37oMomw4GP563FPFLu8-D7hh7JQpHp2Oy_TV8aQ==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
/
widgets.bokun.io/WidgetsCartBubble/ Frame B057
0
0
Document
General
Full URL
https://widgets.bokun.io/WidgetsCartBubble/?bokunSessionId=64edc1c0-9d26-4d07-97e5-926cc4359089
Requested by
Host: static.bokun.io
URL: https://static.bokun.io/BokunWidgets.654d296ef3ea3407dea3020f863186fa1aff205b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7200:17:72f3:b340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash

Request headers

Referer
https://blackrocksexpeditions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 17:59:27 GMT
server
nginx/1.22.1
vary
accept-encoding
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id
d_jgOs2XV2ZG_nPMgeEtnYfzyap6TIa-7ntH-OmUcyu7qeMcYFVaiA==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
favicon.ico
blackrocksexpeditions.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blackrocksexpeditions.com
URL
https://blackrocksexpeditions.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| TripWorksJs object| BaseWidget object| __BokunWidgetsLoader function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| MailChimpForm function| loadMapsContent function| mapIframeApiReady object| MapsLoader function| Lightbox object| skrollr function| Waypoint function| WaypointAdapter function| _npStickyStack function| _npInitMenuLink function| AnimationInfo object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint function| AnimationFactory function| CountUp object| StepAnimationState object| StepCss function| StepAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| _npHorizontalLayoutSlider function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| _npAccordionInit function| setImmediate function| clearImmediate object| sha256 function| _npAuthInit object| FormDependencyCondition object| CountryList function| signRequestAnimFrame function| PaypalProductHtml function| PaymentMessage function| PaymentProduct function| PaymentService function| PaymentCart function| PaymentThankYou function| PayPalCurrencyWarning function| PaymentButtons function| PaymentEventListener function| ProductsModel function| _npCartInit function| PaginationBuilder object| CategoryView function| ProductsView object| SortingView function| ProductsRouter object| Currency function| ProductsBuilder object| _responsive function| serviceRequest boolean| bokunPolyfillReady number| __mobxInstanceCount object| __mobxGlobals function| iFrameResize object| onlineSalesHistory function| initializeBokunWidgets function| BokunWidgets string| waypointContextKey

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ACY6sGwko5BsvauM_qwjQcMsPr79auAt4D15Cjo3_6Dre0MTVGTm6-ZqCXcoGs-dON2px870BsS7-WbHcb9Rygo
blackrocksexpeditions.com/ Name: TripWorks
Value: {"landingUrl":"https://blackrocksexpeditions.com/","referrerUrl":"","firstView":"2024-09-10T17:59:26.345Z","pageViews":2,"recents":["https://blackrocksexpeditions.com/","https://blackrocksexpeditions.com/"],"language":"de-DE","viewport":{"height":1200,"width":1600}}
blackrocksexpeditions.com/ Name: sessionId
Value: 680f6395-6b9b-4b2d-8ca4-ffb4ed22dd69
blackrocksexpeditions.com/ Name: userId
Value: e21c27d8-ad3a-473d-837c-5fc7653f7a3d
blackrocksexpeditions.com/ Name: bokunSessionId_7f477735-c666-40ad-ac30-0c97cd2688ba
Value: 64edc1c0-9d26-4d07-97e5-926cc4359089
m.stripe.com/ Name: m
Value: 54e54faf-5ea6-4380-ade9-83e64c70e2f064b6a4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blackrocksexpeditions.com
cdnjs.cloudflare.com
d1z7pss8he85xn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lunenburgretreat.tripworks.com
maps.google.com
static.bokun.io
trpwrks.com
widgets.bokun.io
www.google.com
blackrocksexpeditions.com
104.17.24.14
142.250.184.196
18.155.129.94
18.66.147.71
2600:9000:225e:3a00:10:f240:82c0:21
2600:9000:2490:1800:17:72f3:b340:93a1
2600:9000:2490:7200:17:72f3:b340:93a1
2600:9000:275d:ea00:1f:868a:fec0:93a1
2a00:1450:4001:802::200e
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
66.96.160.153
0d9740a58f2fee125edf28cea3cb1d2c98971bb6f2bdce19635575b3da4725a0
2ab167c70f7b04a64f6242a6f3b1f7bfa5629e72afab994b6ca4fe9edd81fc7b
2f41fca76921a622da61c1eda3cdbd8aa5fd2e54b0d82aea5be9c7af30a75eb2
3b8182d00d865ad2287e813ac0ff0d2ac9c2b467a76ce97ee4b3416260c7fb60
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4cce958ff0cab7f0e6f6313af72272bf9d0c7d836fef43f70037a993102dc8a8
552bd781b84ee88d2a7b89e23e38c93f6074f8b76c0f26e99510da74596ea404
56bf78c80ef23db92384460f42cdccdb700c5c7f6f89d0f502e957bedecaa2db
63a906613ab79582942c218dc8d98b82e342165695d71bd3cad191a9ce1937d5
642ba441c389ae42f24d142e7a63304f2825585c3469d8e530f69d10d6cc28e6
6819820d9aa369a36f171c0a47a1374fc6959fe9e02515329b70991682e3ac34
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
80c885e42a229e76159fb7d70d18979ead85fb0732a4b8dd1ac958c4fe364159
861c748533bed673695876a14592e63c2750fab07c580819e9719b2d76cc9041
8bacf0512da485b395cadbfee54122dd50b036411ee2b40b426c784ab6595f6f
8cea4727eb0658cb32b576646912e70bbd89e834b9e9d10f20fcc9c78eb8ebd4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a6937150769cea167354c809089c61938bc0663706532dd6f6c4bc539bede7a6
b3214f68a0f02308d82d9a3d111436ace919f647ee6fa47fd6fb3757b52f7aed
b4d496051474abab622257caf4b8ba1c2ae6d53513857789ab5763a055917888
b890f7390a4b939014f002604feab66289f52f3b2c8c9fd59aaa8d7737e93bf2
be9e5eb672fd08116dafc135ddfe4b45a319170ce6806a78e69a7456adeef291
c4304426b978750bc998ebb938d433f226c812bd0316a5ea169a914b63c696a9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cea3e26ebf3e519bf4ccd01d7d44cb5ec2fc064260e790a66eb10cf27cea29b1
d985894e23a78f97986f77bb64733aa35f208703725ad762b49360b528ef43fc
e3ac3c155c384e3cdd15e0428960ebf874cd0d35029ffb54f2dbfb71e47ffbf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7ff01b0310513f6526cd608aa1b527bf1bc79e8b5d11ab39f84132f6bcf4feb