urlscan.io logo urlscan.io
SecurityTrails logo

darwinescapes.paydashboard.com Open in urlscan Pro
2606:4700:10::6816:4ab6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://darwinescapes.paydashboard.com/
Effective URL: https://darwinescapes.paydashboard.com/login
Submission: On February 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2606:4700:10::6816:4ab6, located in United States and belongs to CLOUDFLARENET, US. The main domain is darwinescapes.paydashboard.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.
This is the only time darwinescapes.paydashboard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.239.231.68 8075 (MICROSOFT...)
9 104.18.70.113 13335 (CLOUDFLAR...)
1 2606:2800:233... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 40.79.138.41 8075 (MICROSOFT...)
3 104.16.53.111 13335 (CLOUDFLAR...)
28 8
8    2606:4700:10::6816:4ab6 (United States)

ASN13335 (CLOUDFLARENET, US)
darwinescapes.paydashboard.com
1    52.239.231.68 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ukstgpdb.blob.core.windows.net
9    104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    40.79.138.41 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
3    104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)
paydashboard.zendesk.com
Domain Requested by
8 static.zdassets.com darwinescapes.paydashboard.com
static.zdassets.com
8 darwinescapes.paydashboard.com 1 redirects darwinescapes.paydashboard.com
4 dc.services.visualstudio.com az416426.vo.msecnd.net
3 paydashboard.zendesk.com az416426.vo.msecnd.net
static.zdassets.com
2 www.google-analytics.com darwinescapes.paydashboard.com
az416426.vo.msecnd.net
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 ekr.zdassets.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net darwinescapes.paydashboard.com
1 ukstgpdb.blob.core.windows.net darwinescapes.paydashboard.com
28 9

This site contains links to these domains. Also see Links.

Domain
www.paydashboard.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2020-11-19 -
2021-11-19		 a year crt.sh
ssl911790.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-10-28 -
2021-05-06		 6 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 01		 2021-02-04 -
2022-01-30		 a year crt.sh
paydashboard.zendesk.com
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://darwinescapes.paydashboard.com/login
Frame ID: 211F8D163BCB2749A8A2D59662E319E7
Requests: 17 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.a45fa2c18e7e8cb551b4.js
Frame ID: 4CFB844C5ED2E1EEC018E95E50753408
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://darwinescapes.paydashboard.com/ HTTP 302
    https://darwinescapes.paydashboard.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

8
IPs

5
Countries

964 kB
Transfer

3204 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://darwinescapes.paydashboard.com/ HTTP 302
    https://darwinescapes.paydashboard.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
darwinescapes.paydashboard.com/
Redirect Chain
  • https://darwinescapes.paydashboard.com/
  • https://darwinescapes.paydashboard.com/login
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2b9ce2fd71d0749845f3c5269bd451bff6df375821764dc5cc2f7b479848aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
darwinescapes.paydashboard.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d85fe5223322b386feea80f6102caafc91612759093
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-store, max-age=0,no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 08 Feb 2021 04:38:13 GMT,-1
last-modified
Mon, 08 Feb 2021 04:38:13 GMT
vary
*
set-cookie
.ASPXAUTH=; expires=Tue, 12-Oct-1999 00:00:00 GMT; path=/; secure; HttpOnly; SameSite=Lax __RequestVerificationToken=wz0PGj0R1SCLAvZAYdSL6uSyHmiPLq8Zx2k-_8Dno3BjDSjTzladSSsVnrLFFgElH9klLLcpGqWzROEGElZNvuR7x_p8OTAtUpYTTel0TX01; path=/; secure; HttpOnly
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
access-control-expose-headers
Request-Context
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
082187e85800001f2576023000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
61e2a8ed588c1f25-FRA
content-encoding
gzip

Redirect headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d85fe5223322b386feea80f6102caafc91612759093; expires=Wed, 10-Mar-21 04:38:13 GMT; path=/; domain=.paydashboard.com; HttpOnly; SameSite=Lax .ASPXAUTH=; expires=Tue, 12-Oct-1999 00:00:00 GMT; path=/; secure; HttpOnly; SameSite=Lax
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
location
/login
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
access-control-expose-headers
Request-Context
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
082187e7f300001f2532323000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
61e2a8ecb80e1f25-FRA
pd.DE.css
darwinescapes.paydashboard.com/Content/ 		263 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/Content/pd.DE.css?v=REZMY3AYFU3EuwRxit0s0K0PTu8b3O_RnjY6RXvHSlQ1
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16546ebd64f0f7640cdc0e80aaf7acea3e7cdfb713e10fcd490372d53d3f7040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darwinescapes.paydashboard.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
User-Agent,Accept-Encoding
content-length
63847
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Mon, 08 Feb 2021 04:38:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public, max-age=14400
cf-request-id
082187e91000001f252fa46000000001
accept-ranges
bytes
cf-ray
61e2a8ee79621f25-FRA
expires
Tue, 08 Feb 2022 04:38:13 GMT,-1
pd_login.DE.css
darwinescapes.paydashboard.com/Content/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/Content/pd_login.DE.css?v=jZCDdwG07mKMzW6OQ-0I4YHmlvpMJU0i5u9jX3l8-m81
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2696a49c89c222738393bb44068764d784c70d1aab263f2a4c6e269151c7c289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darwinescapes.paydashboard.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
User-Agent,Accept-Encoding
content-length
1141
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Mon, 08 Feb 2021 04:38:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public, max-age=14400
cf-request-id
082187e91000001f2544be5000000001
accept-ranges
bytes
cf-ray
61e2a8ee89651f25-FRA
expires
Tue, 08 Feb 2022 04:38:13 GMT,-1
DELogo.png
ukstgpdb.blob.core.windows.net/content/brand/DE/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukstgpdb.blob.core.windows.net/content/brand/DE/DELogo.png
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.231.68 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2c5bb7badee959de1caddd7827986ac417309bf49583e3bc87b3f344acbded08

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Feb 2021 04:38:13 GMT
Last-Modified
Wed, 22 Jul 2020 10:07:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
f9GuSXs09Ub0fEMwFw1pCg==
ETag
0x8D82E2702FDED1B
Content-Type
image/png
x-ms-request-id
c17bb78d-901e-0061-37d4-fdba69000000
Cache-Control
max-age=3600
x-ms-version
2009-09-19
Content-Length
3795
loading-login.gif
darwinescapes.paydashboard.com/Content/images/App/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://darwinescapes.paydashboard.com/Content/images/App/loading-login.gif
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae3a937f3b588acd3c466bf5381769ca5155ed3eff45d39a83dfb0feaeb9a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darwinescapes.paydashboard.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-length
23888
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Thu, 04 Feb 2021 17:18:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"04ab7c019fbd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Request-Context
cache-control
max-age=86400
cf-request-id
082187e9aa00001f2535b8e000000001
accept-ranges
bytes
cf-ray
61e2a8ef7a061f25-FRA
expires
-1
pd.js
darwinescapes.paydashboard.com/scripts/ 		604 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/scripts/pd.js?v=mePDhQaGY-ztQX-R_s5oFGU1oROenBqFMU-q7Hc24cU1
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad64f0ef274a215849ed4d74af384647004b2c4dee8b6f948a79aed184306080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darwinescapes.paydashboard.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Mon, 08 Feb 2021 04:38:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public, max-age=14400
cf-request-id
082187e96800001f256c20c000000001
cf-ray
61e2a8ef09c01f25-FRA
expires
Tue, 08 Feb 2022 04:38:13 GMT,-1
pd_login.js
darwinescapes.paydashboard.com/scripts/ 		3 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/scripts/pd_login.js?v=L6z5fE5r4emMFEiDJtOCP7-zHnOwaBKLAPcZBg17dfY1
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1daea06653e97433d898567fc20f43bf01d00d2874271ece4a1ee89238a13c6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darwinescapes.paydashboard.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
User-Agent,Accept-Encoding
content-length
824
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Mon, 08 Feb 2021 04:38:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public, max-age=14400
cf-request-id
082187e9a000001f257b339000000001
accept-ranges
bytes
cf-ray
61e2a8ef69f81f25-FRA
expires
Tue, 08 Feb 2022 04:38:13 GMT,-1
snippet.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
br
cf-cache-status
HIT
age
24
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
A4D8BC14C56D25DD
x-amz-id-2
k/m0HPmaYAg6JMi7PbrhPuGWXV1+D3ip5MRLQLftFvnPiX1rX9DxWIV+7RYlgLlj4VB4g+F6bVI=
last-modified
Tue, 10 Mar 2020 23:13:51 GMT
server
cloudflare
etag
W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id
082187e9d200001ec6660c6000000001
cf-ray
61e2a8efbaed1ec6-AMS
fontawesome-webfont.woff2
darwinescapes.paydashboard.com/Content/library/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://darwinescapes.paydashboard.com/Content/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/Content/pd.DE.css?v=REZMY3AYFU3EuwRxit0s0K0PTu8b3O_RnjY6RXvHSlQ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://darwinescapes.paydashboard.com
Referer
https://darwinescapes.paydashboard.com/Content/pd.DE.css?v=REZMY3AYFU3EuwRxit0s0K0PTu8b3O_RnjY6RXvHSlQ1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:74778d63-e4ad-4ef2-b534-10b41455eb1f
referrer-policy
same-origin
last-modified
Thu, 04 Feb 2021 17:18:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"04ab7c019fbd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff
access-control-expose-headers
Request-Context
cache-control
max-age=86400
cf-request-id
082187e9af00001f252fa4b000000001
cf-ray
61e2a8ef7a141f25-FRA
expires
-1
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
2f4e3e28aeb435afc9528382b79d0ddc2a19cd3485998874b7d9ed502f8fd9c9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Feb 2021 04:38:13 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
KgAEVir75okvQY+ndtbz2w==
age
1423
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.5.11.min.js
content-length
38084
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jan 2021 18:46:55 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.5.11
etag
0x8D8C1619682E7DB
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3070f164-a01e-0057-2ed0-fd3955000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
expires
Mon, 08 Feb 2021 05:08:13 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: darwinescapes.paydashboard.com
URL: https://darwinescapes.paydashboard.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4386
date
Mon, 08 Feb 2021 03:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 08 Feb 2021 05:25:07 GMT
74c5c88d-03b4-4bf4-8387-dc98f7473d29
ekr.zdassets.com/compose/ 		926 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/74c5c88d-03b4-4bf4-8387-dc98f7473d29
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a296062fbcf2bc66b47dba2a17909d1457bbe114597dff16a0ac486de16a46be
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200 OK
strict-transport-security
max-age=0
cf-request-id
082187ea960000fa64a6b3f000000001
x-request-id
917ed072-46ac-460f-808e-4561f14c7040
x-runtime
0.002625
server
cloudflare
etag
W/"a296062fbcf2bc66b47dba2a17909d14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
61e2a8f0eb95fa64-AMS
collect
www.google-analytics.com/j/ 		4 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=542286563&t=pageview&_s=1&dl=https%3A%2F%2Fdarwinescapes.paydashboard.com%2Flogin&ul=en-us&de=UTF-8&dt=PayDashboard%20-%20The%20Interactive%20Payslip%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=524080858&gjid=1874172577&cid=260807186.1612759094&tid=UA-70851797-1&_gid=1577806091.1612759094&_r=1&_slc=1&z=967796575
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Feb 2021 04:38:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://darwinescapes.paydashboard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-70851797-1&cid=260807186.1612759094&jid=524080858&gjid=1874172577&_gid=1577806091.1612759094&_u=IEBAAEAAAAAAAC~&z=86257643
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Feb 2021 04:38:13 GMT
content-type
text/plain
access-control-allow-origin
https://darwinescapes.paydashboard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://darwinescapes.paydashboard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 08 Feb 2021 04:38:13 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
737373fb20d7c7bd04498874873f8daae3ffa07c66d57224422fc70628060690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
FD8288B9-FED0-4791-8D33-F3C42FE18591
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 08 Feb 2021 04:38:14 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
preload.a45fa2c18e7e8cb551b4.js
static.zdassets.com/web_widget/latest/ Frame 4CFB 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.a45fa2c18e7e8cb551b4.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53251e973bf38e26f6d1fa4213fe91d42c159eeb265c4b1ad36a7305880ce9b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
345077
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CB09B2E5EC6C55E2
x-amz-id-2
3eUDa3V3WmQi7msLwp61x9PYB6ozk0KAP10MaMP1l5/hxEVUV11vbkm7XGmHMDmFRIswKv1/xcM=
last-modified
Wed, 03 Feb 2021 23:13:13 GMT
server
cloudflare
etag
W/"f85c449e16be390335e3c865756e351c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
n1qWzApYM7Kgv2HP0tdpUyxOQqOZZ8Y5
cf-request-id
082187eb4e00001ec6852f1000000001
cf-ray
61e2a8f21f731ec6-AMS
expires
Thu, 03 Feb 2022 23:13:12 GMT
web_widget.b43d605c8bd3c2da5f21.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 4CFB 		501 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.b43d605c8bd3c2da5f21.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
67
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
902BA3865A14096E
x-amz-id-2
8WN+yd2QW/ke518ldkjYfHXCpSR5+4DlNFktdEP2Md/TrwYYkdToQWGCaftkJn0tN+cydIcS6Hw=
last-modified
Tue, 19 Jan 2021 23:41:14 GMT
server
cloudflare
etag
W/"69eb9ecd7b4785b9a75c65b0c0e472bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7xRrYBPAAvcPYIzTYvqG95fxH_SFu.y1
cf-request-id
082187eb4e00001ec66b8fe000000001
cf-ray
61e2a8f21f741ec6-AMS
expires
Wed, 19 Jan 2022 23:41:13 GMT
web_widget.6c622d888a79329b5337.chunk.js
static.zdassets.com/web_widget/latest/lazy/ Frame 4CFB 		498 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/lazy/web_widget.6c622d888a79329b5337.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0b4dad2b7ce372caecb289a3493fe8223e84cc1b6500ae9b37ad5b4362f512
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
87
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
5B7207753924663D
x-amz-id-2
rft8awxGqEgZkRpj8ozPlN8/+uZRkTXwfs4UvUeIozA8goI197GZi8inW5bqp6Sxo5xK6AzPalg=
last-modified
Wed, 03 Feb 2021 03:10:54 GMT
server
cloudflare
etag
W/"3971f24ed6d6cd72327349bae375cd55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Un2drc2iGBjpHc8O_D4chQy3ge7Ku.c3
cf-request-id
082187eb5000001ec6660e6000000001
cf-ray
61e2a8f21f761ec6-AMS
expires
Thu, 03 Feb 2022 03:10:53 GMT
web_widget.b7acd150fc91a92a8964.chunk.js
static.zdassets.com/web_widget/latest/ Frame 4CFB 		338 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.b7acd150fc91a92a8964.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030ada0f3e9e8121186b8d54ab934208dc9c0b82e64a0eac89f7669fb2a2ec62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
345077
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C7A37AEF69D643F1
x-amz-id-2
Uh/Z7+t+NLU2huvv3+/O4HxmjMwAxOqN8PgVXNeDyF2+zPF2076dqhNiTkerp1qKy3CVoBJaC44=
last-modified
Wed, 03 Feb 2021 23:13:15 GMT
server
cloudflare
etag
W/"f416593f1e9fd19ad241c9e4b325fdc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
lPm1pG5fC0fVF4vFYUZQePovQNEdqdz7
cf-request-id
082187eb4f00001ec652306000000001
cf-ray
61e2a8f21f771ec6-AMS
expires
Thu, 03 Feb 2022 23:13:14 GMT
vendors~web_widget.ab97379118a5b2805f2a.chunk.js
static.zdassets.com/web_widget/latest/ Frame 4CFB 		516 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16563
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
0C187F761C8026DE
x-amz-id-2
YEYewECPJPlI5DNbpWMczIv+XyhAjsSWBzwgXlGFnxX3+A8KYSjD5bDQd86ifA24vE9HQ2oEArU=
last-modified
Mon, 04 Jan 2021 00:38:50 GMT
server
cloudflare
etag
W/"d8b36c871889a179bfc603bc480db2d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
MQoH2PhH1gQXAgAyxB2Xf6doAtoit68t
cf-request-id
082187eb4f00001ec6623c3000000001
cf-ray
61e2a8f21f7a1ec6-AMS
expires
Tue, 04 Jan 2022 00:38:49 GMT
web_widget~messenger.2ef813a806a3fb817c2a.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 4CFB 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.2ef813a806a3fb817c2a.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=74c5c88d-03b4-4bf4-8387-dc98f7473d29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1643578
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
AB3E4323AA777A4F
x-amz-id-2
m0Wxvfpfcru1HWsuQ3uD4XBpXZFai7Q3vclnS4TpQD7X4V8+t/hvxPVPNI9F92G63zJzlay5Yqk=
last-modified
Tue, 19 Jan 2021 23:41:14 GMT
server
cloudflare
etag
W/"772e4f1ca6313200071ee61fbcaf7dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
0c5A63QLlcuaeqSDRPbXzm921Lct0pGO
cf-request-id
082187eb4f00001ec63a35b000000001
cf-ray
61e2a8f21f7b1ec6-AMS
expires
Wed, 19 Jan 2022 23:41:13 GMT
config
paydashboard.zendesk.com/embeddable/ 		497 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paydashboard.zendesk.com/embeddable/config
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841ad493bb48821c25563c97c74062e10311bef2470fe80b44b5e73179991e49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"max_age":604800,"report_to":"cf-nel"}
x-zendesk-origin-server
embeddable-app-server-54cd99b74b-84mq7
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
cf-request-id
082187ebb00000720988089000000001
x-request-id
61e2a8f2b8907209-AMS
x-runtime
0.001261
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HuLNEau%2FP%2F86qBoKdTZiD43NnaCf74NSIEGGGUea4eNxpaw5Xv5SXt2a%2BH8uiSrcHR5IHby7v6i7MpAGqY%2FXN%2FVBTtcR0eo2xwu6Hw9BHJfpF6M1jf75BEs%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
61e2a8f2b8907209-AMS
en-us-json.9a948b459f1402a51e41.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame 4CFB 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us-json.9a948b459f1402a51e41.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.a45fa2c18e7e8cb551b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eadbbe4df2c727d6ad55917c4a33db9a1bf8fd2c4e8129701c4ec9752f8f7c9a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
884382
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
3186793CD5691F62
x-amz-id-2
S3r16r8JZMmO/TW68/WZUDIb/TL2/xDN09rVkMt4p7aQNgY3MmGlHbZ8IbyzzoqiWfkQO5h0lZc=
last-modified
Thu, 28 Jan 2021 04:44:53 GMT
server
cloudflare
etag
W/"ca52c8d82d9b8387820f8cd967021dae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
20INU7hAoKQqGGxvk_7FKZ3pNbdkANDZ
cf-request-id
082187ec1200001ec654ad6000000001
cf-ray
61e2a8f349fa1ec6-AMS
expires
Fri, 28 Jan 2022 04:44:52 GMT
embeddable_blip
paydashboard.zendesk.com/ Frame 4CFB 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paydashboard.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJzdXBwcmVzcyI6dHJ1ZX0sImNvbG9yIjp7InRoZW1lIjoiIzVmNGE2MCJ9LCJjb250YWN0Rm9ybSI6eyJmaWVsZHMiOlt7ImlkIjoxMTQwOTkyNDY3MzMsInByZWZpbGwiOnsiKiI6IiJ9fV19LCJoZWxwQ2VudGVyIjp7ImZpbHRlciI6eyJsYWJlbF9uYW1lcyI6ImxvZ2luIn19fX0sImJ1aWQiOiIwMDc3NTQzNDYyMWQ3OTM1ZWVhMmNlNWZhYmM1MGQzZSIsInN1aWQiOiI2ODdhZDQ4NDk3YWU4NmE3YmE0NWQ2Nzg0NzAyYTJiOSIsInZlcnNpb24iOiI4Zjk0MzAyYjIiLCJ0aW1lc3RhbXAiOiIyMDIxLTAyLTA4VDA0OjM4OjE0LjI4M1oiLCJ1cmwiOiJodHRwczovL2RhcndpbmVzY2FwZXMucGF5ZGFzaGJvYXJkLmNvbS9sb2dpbiJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EkOD6Kz8kyF2h3Dj79LQXMIFIlQeAWiY3SR3GlK8oY67WtIZem3uBZmLCFeiaLHvoBCGhhUvLkbWSNP9g0MmMdcw9A9W%2F4uv3aKVxTOKKaoFiA2ScuBlFM8%3D"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://darwinescapes.paydashboard.com
cache-control
no-store, no-cache, must-revalidate
cf-ray
61e2a8f358c47209-AMS
cf-request-id
082187ec16000072097432f000000001
embeddable_blip
paydashboard.zendesk.com/ Frame 4CFB 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paydashboard.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9kYXJ3aW5lc2NhcGVzLnBheWRhc2hib2FyZC5jb20vbG9naW4iLCJ0aW1lIjoxMzUsImxvYWRUaW1lIjo0NC42NjAwMDAxMzA1MzQxNywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlBheURhc2hib2FyZCAtIFRoZSBJbnRlcmFjdGl2ZSBQYXlzbGlwIFBsYXRmb3JtIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiIwMDc3NTQzNDYyMWQ3OTM1ZWVhMmNlNWZhYmM1MGQzZSIsInN1aWQiOiI2ODdhZDQ4NDk3YWU4NmE3YmE0NWQ2Nzg0NzAyYTJiOSIsInZlcnNpb24iOiI4Zjk0MzAyYjIiLCJ0aW1lc3RhbXAiOiIyMDIxLTAyLTA4VDA0OjM4OjE0LjM4N1oiLCJ1cmwiOiJodHRwczovL2RhcndpbmVzY2FwZXMucGF5ZGFzaGJvYXJkLmNvbS9sb2dpbiJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 04:38:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qDeTMb0h89MDZu7180jFEZumXgjJON5f0L360uSpn2csbf6iG6Rkp5plyQEwAyB%2F3SLvEASIGh2NB%2BO9WydHBd1bc74%2FOPcH5YwCGwtZ7M8fhmz9HEj5D1A%3D"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://darwinescapes.paydashboard.com
cache-control
no-store, no-cache, must-revalidate
cf-ray
61e2a8f3f8f57209-AMS
cf-request-id
082187ec7c00007209829a3000000001
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://darwinescapes.paydashboard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 08 Feb 2021 04:38:29 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c8ab01e25298c3932627b30b8c421d91a9b7f8732ff3e0d4306c3486f1fb7e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
81F80DA1-71B4-4358-9EC5-62248FC8261B
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 08 Feb 2021 04:38:29 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights object| e function| t object| Microsoft function| __assign function| __extends function| AppEvents object| utils object| errorHandler object| loginTimeout object| base object| formValidation object| storage object| sideWaysToggle object| dynamicTable object| html5 object| Modernizr function| $ function| jQuery function| moment object| pdEvents object| StorageType object| login string| GoogleAnalyticsObject function| ga object| pdColours object| zESettings object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| zE function| zEmbed object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| zEACLoaded function| $zopim

8 Cookies

Domain/Path Name / Value
darwinescapes.paydashboard.com/ Name: ai_session
Value: q8fu8PgO0CIGO3lSWaikH4|1612759093895|1612759093895
.paydashboard.com/ Name: _gid
Value: GA1.2.1577806091.1612759094
darwinescapes.paydashboard.com/ Name: UtcOffset
Value: 60
darwinescapes.paydashboard.com/ Name: ai_user
Value: X9wf5czmj88lT3MlJNAU8t|2021-02-08T04:38:13.771Z
.paydashboard.com/ Name: __cfduid
Value: d85fe5223322b386feea80f6102caafc91612759093
.paydashboard.com/ Name: _ga
Value: GA1.2.260807186.1612759094
.paydashboard.com/ Name: _gat
Value: 1
darwinescapes.paydashboard.com/ Name: __RequestVerificationToken
Value: wz0PGj0R1SCLAvZAYdSL6uSyHmiPLq8Zx2k-_8Dno3BjDSjTzladSSsVnrLFFgElH9klLLcpGqWzROEGElZNvuR7x_p8OTAtUpYTTel0TX01

1 Console Messages

Source Level URL
Text
console-api warning URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js(Line 2)
Message:
invalid params passed into zE.identify [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
darwinescapes.paydashboard.com
dc.services.visualstudio.com
ekr.zdassets.com
paydashboard.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
ukstgpdb.blob.core.windows.net
www.google-analytics.com
104.16.53.111
104.18.70.113
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:4ab6
2a00:1450:4001:813::200e
2a00:1450:400c:c00::9c
40.79.138.41
52.239.231.68
030ada0f3e9e8121186b8d54ab934208dc9c0b82e64a0eac89f7669fb2a2ec62
0c8ab01e25298c3932627b30b8c421d91a9b7f8732ff3e0d4306c3486f1fb7e7
16546ebd64f0f7640cdc0e80aaf7acea3e7cdfb713e10fcd490372d53d3f7040
1b0b4dad2b7ce372caecb289a3493fe8223e84cc1b6500ae9b37ad5b4362f512
1daea06653e97433d898567fc20f43bf01d00d2874271ece4a1ee89238a13c6b
2696a49c89c222738393bb44068764d784c70d1aab263f2a4c6e269151c7c289
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5bb7badee959de1caddd7827986ac417309bf49583e3bc87b3f344acbded08
2f4e3e28aeb435afc9528382b79d0ddc2a19cd3485998874b7d9ed502f8fd9c9
4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
737373fb20d7c7bd04498874873f8daae3ffa07c66d57224422fc70628060690
73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b
7ae3a937f3b588acd3c466bf5381769ca5155ed3eff45d39a83dfb0feaeb9a08
841ad493bb48821c25563c97c74062e10311bef2470fe80b44b5e73179991e49
a296062fbcf2bc66b47dba2a17909d1457bbe114597dff16a0ac486de16a46be
ad64f0ef274a215849ed4d74af384647004b2c4dee8b6f948a79aed184306080
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999
bc2b9ce2fd71d0749845f3c5269bd451bff6df375821764dc5cc2f7b479848aa
d53251e973bf38e26f6d1fa4213fe91d42c159eeb265c4b1ad36a7305880ce9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eadbbe4df2c727d6ad55917c4a33db9a1bf8fd2c4e8129701c4ec9752f8f7c9a
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7