urlscan.io logo urlscan.io
SecurityTrails logo

express.sd Open in urlscan Pro
172.96.178.156  Public Scan

Go To Rescan Add Verdict Report
URL: https://express.sd/news/
Submission: On October 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 172.96.178.156, located in Canada and belongs to ONIAAS, US. The main domain is express.sd.
TLS certificate: Issued by R10 on October 4th 2024. Valid for: 3 months.
This is the only time express.sd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    172.96.178.156 (Canada)

ASN40092 (ONIAAS, US)
PTR: v1053713.hostpapavps.net
express.sd
2    2607:f8b0:400d:c03::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
sp-ao.shortpixel.ai
2    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4004:c09::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
Apex Domain
Subdomains		 Transfer
12 express.sd
express.sd
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 gstatic.com
fonts.gstatic.com
56 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
178 KB
2 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 33011
802 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2302
1 KB
21 7
Domain Requested by
12 express.sd 2 redirects express.sd
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com express.sd
www.googletagmanager.com
2 sp-ao.shortpixel.ai 2 redirects
2 fonts.googleapis.com express.sd
1 secure.gravatar.com
21 7

This site contains no links.

Subject Issuer Validity Valid
www.express.gumarabic.sd
R10		 2024-10-04 -
2025-01-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://express.sd/news/
Frame ID: 8BB1B0E154C9ABB45896F0162D3576D7
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

News – Express Custom Clearance

Page URL History Show full URLs

  1. https://express.sd/news HTTP 301
    https://express.sd/news/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

81 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

2522 kB
Transfer

5336 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://express.sd/news HTTP 301
    https://express.sd/news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_2048/https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png HTTP 302
  • https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
Request Chain 24
  • https://express.sd/favicon.ico HTTP 302
  • https://express.sd/wp-includes/images/w-logo-blue-white-bg.png
Request Chain 25
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_2048/https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png HTTP 302
  • https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
express.sd/news/
Redirect Chain
  • https://express.sd/news
  • https://express.sd/news/
51 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
f2478a7cb22744e1477228b28ff3450eda2e2e958ebc5f2bf4e1f1128434de9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 27 Oct 2024 04:42:06 GMT
link
<https://express.sd/wp-json/>; rel="https://api.w.org/"
server
Apache

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 27 Oct 2024 04:42:06 GMT
location
https://express.sd/news/
server
Apache
x-redirect-by
WordPress
autoptimize_3f399232ec23fc2dd8ef4085fa3c3281.css
express.sd/wp-content/cache/autoptimize/css/ 		490 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-content/cache/autoptimize/css/autoptimize_3f399232ec23fc2dd8ef4085fa3c3281.css
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
073a9ae94347c73b656f24508fdf7188a11b26b805e585d0bfc563006f35fa05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

cache-control
max-age=30672000, public, immutable
content-encoding
gzip
expires
Fri, 17 Oct 2025 04:42:07 GMT
accept-ranges
bytes
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Wed, 16 Oct 2024 17:46:26 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
css
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla%3A400%2C400i%2C700%2C700i%7CMontserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%26display%3Dswap&ver=1.0.0
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63f87dc634970b06c7048ede4e611861b67e9dcc2146f3e27359075b3527a2f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 04:42:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:07 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 27 Oct 2024 04:42:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
dashicons.min.css
express.sd/wp-includes/css/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-includes/css/dashicons.min.css?ver=6.6.2
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

accept-ranges
bytes
content-length
59016
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Thu, 04 Mar 2021 02:46:22 GMT
content-type
text/css
server
Apache
jquery.min.js
express.sd/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

accept-ranges
bytes
content-length
87553
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Mon, 28 Aug 2023 22:44:24 GMT
content-type
application/javascript
server
Apache
express-video-2048x1195.png
express.sd/wp-content/uploads/2021/12/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_2048/https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
  • https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
b5b04d58cf46705e4867a4ae04d7756d3407911b3d31418d3eb12d53c9a8c102

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

accept-ranges
bytes
content-length
1933903
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Tue, 15 Oct 2024 06:55:09 GMT
content-type
image/png
server
Apache

Redirect headers

x-robots-tag
noindex
cdn-status
302
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver
2-ns61
date
Sun, 27 Oct 2024 04:42:07 GMT
content-type
text/html; charset=UTF-8
cdn-cachedat
10/27/2024 04:42:07
cdn-cache
MISS
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
302
link
<https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png>; rel="canonical"
cache-control
public, max-age=43200
location
https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
cdn-requestpullsuccess
True
pragma
cache
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
417e10df7f433a037f66f5f2ec229609
cdn-pullzone
257218
cdn-tag
0; Domain: express.sd; 302
cdn-proxyver
1.05
cdn-requesttime
1
access-control-allow-origin
*
content-length
0
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
css2
fonts.googleapis.com/ 		5 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700;800&display=swap
Requested by
Host: express.sd
URL: https://express.sd/wp-content/cache/autoptimize/css/autoptimize_3f399232ec23fc2dd8ef4085fa3c3281.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d026348d17c7fd4dda4b48eea2ca7d9d16aa98e70295e64989d011ba05819934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 04:42:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:07 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 27 Oct 2024 04:14:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144566376-2
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12e157a2ab147b7d2f8618a872386c6347b609e2a8ac28dd5de322ccb010a144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 27 Oct 2024 04:42:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77414
x-xss-protection
0
server
Google Tag Manager
lazysizes.min.js
express.sd/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.12
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

accept-ranges
bytes
content-length
9813
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Wed, 16 Oct 2024 17:42:53 GMT
content-type
application/javascript
server
Apache
autoptimize_ce4418488ee21b327e9a7cf77c80e0c1.js
express.sd/wp-content/cache/autoptimize/js/ 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-content/cache/autoptimize/js/autoptimize_ce4418488ee21b327e9a7cf77c80e0c1.js
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
c44a2784e5100ef958b8559e9694852f38021cdc8a3fa9b1c9330aa50f22a100

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

cache-control
max-age=30672000, public, immutable
content-encoding
gzip
expires
Fri, 17 Oct 2025 04:42:07 GMT
accept-ranges
bytes
content-length
47405
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Wed, 16 Oct 2024 17:46:26 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e2055a278fe048dbd0b899284f3b36472e655900e2d9291a2c0e82fbce48487

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f8184c1c9943e483b926c651c6451fc6bc11fc5a9970fe11ab0619c02016e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be81e4f6e5689e945ef4e55f77faa65c5f9f4d067ab5c915bff08e679d5f5b63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4810d0e7d97785a00468e875c5a8e76c574409e09df05317d051514b81f4bfd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
0092c8e4-302f-43f5-872a-f6c7f53ad776
https://express.sd/ 		0
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%2C400i%2C700%2C700i%7CMontserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%26display%3Dswap&ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://express.sd
Referer
https://fonts.googleapis.com/

Response headers

age
160319
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 08:10:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 08:10:09 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://express.sd
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%2C400i%2C700%2C700i%7CMontserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%26display%3Dswap&ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://express.sd
Referer
https://fonts.googleapis.com/

Response headers

age
159425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 08:25:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 08:25:03 GMT
last-modified
Wed, 27 Sep 2023 15:41:12 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24364
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		298 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G5XVLDG1MK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144566376-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b7481b1caf6f4d153ebfdc125a8e3233d8b99201c649370848b9efa5ea763d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 27 Oct 2024 04:42:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103620
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144566376-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

content-encoding
gzip
age
2939
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 05:53:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 03:53:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-G5XVLDG1MK&gtm=45je4ao0v881856947za200&_p=1730004127672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848&cid=1483326635.1730004129&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1730004128&sct=1&seg=0&dl=https%3A%2F%2Fexpress.sd%2Fnews%2F&dt=News%20%E2%80%93%20Express%20Custom%20Clearance&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3217
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G5XVLDG1MK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://express.sd
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:08 GMT
content-type
text/plain
server
Golfe2
wp-emoji-release.min.js
express.sd/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: express.sd
URL: https://express.sd/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

accept-ranges
bytes
content-length
18726
date
Sun, 27 Oct 2024 04:42:08 GMT
last-modified
Thu, 27 Jun 2024 19:21:44 GMT
content-type
application/javascript
server
Apache
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=582313905&t=pageview&_s=1&dl=https%3A%2F%2Fexpress.sd%2Fnews%2F&ul=en-ca&de=UTF-8&dt=News%20%E2%80%93%20Express%20Custom%20Clearance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1454450860&gjid=199779328&cid=1483326635.1730004129&tid=UA-144566376-2&_gid=671609990.1730004129&_r=1&gtm=457e4ao0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&jsscut=1&z=1429547722
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://express.sd/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 04:42:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://express.sd
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
w-logo-blue-white-bg.png
express.sd/wp-includes/images/
Redirect Chain
  • https://express.sd/favicon.ico
  • https://express.sd/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://express.sd/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/news/

Response headers

accept-ranges
bytes
content-length
4119
date
Sun, 27 Oct 2024 04:42:09 GMT
last-modified
Tue, 16 Nov 2021 05:34:02 GMT
content-type
image/png
server
Apache

Redirect headers

x-redirect-by
WordPress
link
<https://express.sd/wp-json/>; rel="https://api.w.org/"
location
https://express.sd/wp-includes/images/w-logo-blue-white-bg.png
content-length
0
date
Sun, 27 Oct 2024 04:42:08 GMT
content-type
text/html; charset=UTF-8
server
Apache
express-video-2048x1195.png
express.sd/wp-content/uploads/2021/12/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_2048/https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
  • https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
2 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
Protocol
H2
Server
172.96.178.156 , Canada, ASN40092 (ONIAAS, US),
Reverse DNS
v1053713.hostpapavps.net
Software
Apache /
Resource Hash
b5b04d58cf46705e4867a4ae04d7756d3407911b3d31418d3eb12d53c9a8c102

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

accept-ranges
bytes
content-length
1933903
date
Sun, 27 Oct 2024 04:42:07 GMT
last-modified
Tue, 15 Oct 2024 06:55:09 GMT
content-type
image/png
server
Apache

Redirect headers

x-robots-tag
noindex
cdn-status
302
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver
2-ns61
date
Sun, 27 Oct 2024 04:42:07 GMT
content-type
text/html; charset=UTF-8
cdn-cachedat
10/27/2024 04:42:07
cdn-cache
MISS
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
302
link
<https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png>; rel="canonical"
cache-control
public, max-age=43200
location
https://express.sd/wp-content/uploads/2021/12/express-video-2048x1195.png
cdn-requestpullsuccess
True
pragma
cache
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
417e10df7f433a037f66f5f2ec229609
cdn-pullzone
257218
cdn-tag
0; Domain: express.sd; 302
cdn-proxyver
1.05
cdn-requesttime
1
access-control-allow-origin
*
content-length
0
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
31b90f2f5c5458040f1c7a98508ad6b6
secure.gravatar.com/avatar/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/31b90f2f5c5458040f1c7a98508ad6b6?s=40&d=mm&r=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dc15ed14c23ce1a976a7306db458305071c0a119026ecff8be8536f28684e391

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://express.sd/

Response headers

link
<https://gravatar.com/avatar/31b90f2f5c5458040f1c7a98508ad6b6?s=40&d=mm&r=g>; rel="canonical"
cache-control
max-age=300
x-nc
MISS jfk 1
expires
Sun, 27 Oct 2024 04:47:09 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
969
date
Sun, 27 Oct 2024 04:42:09 GMT
content-type
image/jpeg
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-disposition
inline; filename="31b90f2f5c5458040f1c7a98508ad6b6.png"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
express.sd
URL
blob:https://express.sd/0092c8e4-302f-43f5-872a-f6c7f53ad776

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| lazySizesConfig object| lazySizes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| bootstrap function| EvEmitter function| imagesLoaded function| WOW object| AOS object| twemoji object| wp object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.express.sd/ Name: _ga_G5XVLDG1MK
Value: GS1.1.1730004128.1.0.1730004128.0.0.0
.express.sd/ Name: _ga
Value: GA1.2.1483326635.1730004129
.express.sd/ Name: _gid
Value: GA1.2.671609990.1730004129
.express.sd/ Name: _gat_gtag_UA_144566376_2
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

express.sd
fonts.googleapis.com
fonts.gstatic.com
secure.gravatar.com
sp-ao.shortpixel.ai
www.google-analytics.com
www.googletagmanager.com
express.sd
172.96.178.156
2607:f8b0:4004:c09::66
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1f::5e
2607:f8b0:400d:c03::5f
2a04:fa87:fffe::c000:4902
37.19.207.34
073a9ae94347c73b656f24508fdf7188a11b26b805e585d0bfc563006f35fa05
12e157a2ab147b7d2f8618a872386c6347b609e2a8ac28dd5de322ccb010a144
3b7481b1caf6f4d153ebfdc125a8e3233d8b99201c649370848b9efa5ea763d5
4810d0e7d97785a00468e875c5a8e76c574409e09df05317d051514b81f4bfd0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
63f87dc634970b06c7048ede4e611861b67e9dcc2146f3e27359075b3527a2f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
8e2055a278fe048dbd0b899284f3b36472e655900e2d9291a2c0e82fbce48487
8f8184c1c9943e483b926c651c6451fc6bc11fc5a9970fe11ab0619c02016e07
9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f
b5b04d58cf46705e4867a4ae04d7756d3407911b3d31418d3eb12d53c9a8c102
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be81e4f6e5689e945ef4e55f77faa65c5f9f4d067ab5c915bff08e679d5f5b63
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c44a2784e5100ef958b8559e9694852f38021cdc8a3fa9b1c9330aa50f22a100
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d026348d17c7fd4dda4b48eea2ca7d9d16aa98e70295e64989d011ba05819934
dc15ed14c23ce1a976a7306db458305071c0a119026ecff8be8536f28684e391
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
f2478a7cb22744e1477228b28ff3450eda2e2e958ebc5f2bf4e1f1128434de9a