Submitted URL: https://login.tamko.brightervision.com/
Effective URL: https://tamko.brightervision.com/
Submission: On June 15 via automatic, source certstream-suspicious

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 33 HTTP transactions. The main IP is 34.194.108.77, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is tamko.brightervision.com.
TLS certificate: Issued by R3 on June 15th 2021. Valid for: 3 months.
This is the only time tamko.brightervision.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
5 fonts.googleapis.com tamko.brightervision.com
5 tamko.brightervision.com tamko.brightervision.com
4 maps.googleapis.com tamko.brightervision.com
maps.googleapis.com
3 beacon-v2.helpscout.net tamko.brightervision.com
beacon-v2.helpscout.net
2 connect.facebook.net tamko.brightervision.com
connect.facebook.net
2 fast.wistia.com tamko.brightervision.com
2 cdn.jsdelivr.net tamko.brightervision.com
1 vars.hotjar.com static.hotjar.com
1 in.getclicky.com static.getclicky.com
1 script.hotjar.com static.hotjar.com
1 www.facebook.com tamko.brightervision.com
1 static.hotjar.com tamko.brightervision.com
1 pro.fontawesome.com tamko.brightervision.com
1 static.getclicky.com tamko.brightervision.com
1 stackpath.bootstrapcdn.com tamko.brightervision.com
1 assets.calendly.com tamko.brightervision.com
1 ajax.googleapis.com tamko.brightervision.com
1 login.tamko.brightervision.com 1 redirects
33 18

This site contains no links.

Subject Issuer Validity Valid
tamko.brightervision.com
R3
2021-06-15 -
2021-09-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-03 -
2021-08-03
a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-17 -
2021-08-09
3 months crt.sh
*.calendly.com
Go Daddy Secure Certificate Authority - G2
2021-02-06 -
2022-03-10
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.getclicky.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-03 -
2022-08-03
2 years crt.sh
*.helpscout.net
Amazon
2021-04-25 -
2022-05-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://tamko.brightervision.com/
Frame ID: A5D51DFEBF6AE89DA1C3BD52398D8B5A
Requests: 32 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 4AC66C2E8889CA3F7766F50FABEE5977
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://login.tamko.brightervision.com/ HTTP 302
    https://tamko.brightervision.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

2499 kB
Transfer

10682 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.tamko.brightervision.com/ HTTP 302
    https://tamko.brightervision.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tamko.brightervision.com/
Redirect Chain
  • https://login.tamko.brightervision.com/
  • https://tamko.brightervision.com/
4 KB
2 KB
Document
General
Full URL
https://tamko.brightervision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.108.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-108-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5c245452e76a4ced6d4e66e038f49fbc14803d11ffa3dab06bbf5f9b5bde23d5

Request headers

Host
tamko.brightervision.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Server
nginx
Date
Tue, 15 Jun 2021 23:09:53 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Tue, 15 Jun 2021 21:29:10 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Etag
W/"60c91ba6-119b"
Content-Encoding
gzip
Via
1.1 vegur

Redirect headers

date
Tue, 15 Jun 2021 23:09:52 GMT
content-type
text/html; charset=utf-8
content-length
110
location
https://tamko.brightervision.com/
cf-ray
65ff77f40f2b2fa5-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
65ff77f40f2b2fa5
ot-tracer-sampled
true
ot-tracer-spanid
2f4620bb60facd21
ot-tracer-traceid
7daf17cb0e36f6c1
x-auth0-requestid
1b810ef381f6b0c91fa6
x-content-type-options
nosniff
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
app.cd6056ab.css
tamko.brightervision.com/css/
929 KB
107 KB
Stylesheet
General
Full URL
https://tamko.brightervision.com/css/app.cd6056ab.css
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.108.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-108-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f708324411e683a97adec982f510055504e8dbd4097f550c0203136ca1ce6f11

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tamko.brightervision.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://tamko.brightervision.com/
Connection
keep-alive
Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 23:09:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 21:29:10 GMT
Server
nginx
Etag
W/"60c91ba6-e8526"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
chunk-vendors.66eb8e4c.css
tamko.brightervision.com/css/
252 KB
29 KB
Stylesheet
General
Full URL
https://tamko.brightervision.com/css/chunk-vendors.66eb8e4c.css
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.108.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-108-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
967ff202fdae4187779a18fb2ed1bb4c96954f6cfb7a38fe68431b79d20d6639

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tamko.brightervision.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://tamko.brightervision.com/
Connection
keep-alive
Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 23:09:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 21:29:10 GMT
Server
nginx
Etag
W/"60c91ba6-3f187"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
app.e5e94b67.js
tamko.brightervision.com/js/
3 MB
447 KB
Script
General
Full URL
https://tamko.brightervision.com/js/app.e5e94b67.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.108.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-108-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
55b1c32c7a42efdda32753462880d4abec2e1a94f970bbf428470d09a5f20609

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tamko.brightervision.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://tamko.brightervision.com/
Connection
keep-alive
Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 23:09:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 21:29:10 GMT
Server
nginx
Etag
W/"60c91ba6-2ac03b"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
chunk-vendors.da09b249.js
tamko.brightervision.com/js/
4 MB
1 MB
Script
General
Full URL
https://tamko.brightervision.com/js/chunk-vendors.da09b249.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.108.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-108-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f4547c205107ea8491b0f026cc7aef1ddac3d69aee65199784090776a405ed6f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tamko.brightervision.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://tamko.brightervision.com/
Connection
keep-alive
Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 23:09:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 23:04:14 GMT
Server
nginx
Etag
W/"60c931ee-384ca2"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
jquery.bxslider.css
cdn.jsdelivr.net/bxslider/4.2.12/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ddd1f80cec627f624b79cea24ccd18fb38180c3bff6757ffe56be7c1a6445d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7351861
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by
cache-fra19127-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"f5e-9CY+ZfG2D1tXr+G8dDrQnwbBEmY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
65ff77f7ab534a7a-FRA
rr48oca7af.jsonp
fast.wistia.com/embed/medias/
4 KB
2 KB
Script
General
Full URL
https://fast.wistia.com/embed/medias/rr48oca7af.jsonp
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e358e6598436e39ebf4f9db26c79faec26c7cab7a225b5652323e16fcf1364c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
53569
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1441
x-request-id
263253c8ff29c1232729a2964b241029
x-served-by
cache-dca17762-DCA, cache-hhn4033-HHN
x-runtime
0.046521
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1623798593.299615,VS0,VE88
etag
W/"7e358e6598436e39ebf4f9db26c79fae"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
89
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 0
E-v1.js
fast.wistia.com/assets/external/
598 KB
113 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78e7bfcb7ef9319a645b47b1573cfbb9923745a49270e4ed2c4ed531968e279f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
vary
Accept-Encoding
age
3333
x-cache
HIT, HIT
content-length
115202
x-served-by
cache-dca17764-DCA, cache-hhn4033-HHN
access-control-allow-origin
*
x-browser-version
89
last-modified
Tue, 15 Jun 2021 18:39:32 GMT
x-timer
S1623798593.299649,VS0,VE0
etag
"60c8f3e4-1c202"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 282
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:11:04 GMT
jquery.bxslider.min.js
cdn.jsdelivr.net/bxslider/4.2.12/
23 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7351861
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by
cache-fra19182-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"5bf7-z6ox3Bc9Kcb0lQd4zMXLOxqRM5Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
65ff77f7ab544a7a-FRA
widget.js
assets.calendly.com/assets/external/
25 KB
6 KB
Script
General
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:400:d:1c5c:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA2-C1
x-cache
RefreshHit from cloudfront
content-length
6026
access-control-allow-origin
*
last-modified
Tue, 15 Jun 2021 20:39:48 GMT
server
cloudflare
date
Tue, 15 Jun 2021 23:09:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cf-ray
65feeb65dc322b65-FRA
x-amz-cf-id
kfGbf16QPbLkaT8yvueccpzJz3ANQi5cMY81xSTS3uGuMpvx8Ay7Ig==
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
7352040
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fc1a75116c932681ed09108db37b84c
cf-ray
65ff77f7a9fb4a8c-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
41 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Caudex|Alegreya|Courgette|Dancing+Script|Great+Vibes|Josefin+Sans|Lato:400,700|Lora|Merriweather|Montserrat|Open+Sans|PT+Serif|Pacifico|Playfair+Display|Poppins:700|Raleway|Roboto:700|Satisfy|Source+Sans+Pro:400,700|Work+Sans:300,700|Viga:400|Hammersmith+One:400|Nunito:700|Oswald:400|Rubik:400|Dosis:400|Recursive:400|Titillium+Web:400&display=swap
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1379732dbbe68a17f8a3ce0be5b97cea0399e753647cf6ebadd6ac21250267e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:09:53 GMT
server
ESF
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 23:09:53 GMT
js
maps.googleapis.com/maps/api/
140 KB
46 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAiF8CrDvwVOXivcTfzjGUl_GKQmPeIfCs&libraries=places
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
c50c915eb46acd5868d82f84ffd310e7f25416feee913b7160036109005a3a72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46833
x-xss-protection
0
expires
Tue, 15 Jun 2021 23:39:53 GMT
js
static.getclicky.com/
15 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0bd461b72898c4f163b3ec06196d994a2b1a08e361c9703f1221333e69d9c66

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
7024
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 22 Jun 2021 23:09:53 GMT
cache-control
public, max-age=604800
cf-ray
65ff77f81ef82b22-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache
HIT
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9dc146b0780a633380160aa91b8b07bbe4443a07f438424de1e789e2c84d934b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BNW+jVR2S1HAIdpS5HGkcA==
cross-origin-resource-policy
cross-origin
expires
Tue, 15 Jun 2021 23:29:17 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
x-fb-rlafr
0
x-fb-debug
6/+eotxbjJ7T4VuUxIOX2PTwjpsimjwY776KpMrihIRe/zcLiIVqZmIfzkNbMnX+nRj6HpZAG11Yob5sNa1e2g==
x-fb-trip-id
686109401
x-fb-content-md5
ccae5efb9acebd7dc6c8b88ea02adbbf
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"764ddac9d7184264ffbfc72e232be15f"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
all.css
pro.fontawesome.com/releases/v5.15.2/css/
170 KB
33 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.15.2/css/all.css?ver=5.5.3
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
gzip
last-modified
Wed, 13 Jan 2021 18:38:39 GMT
etag
"5d0272dee21aa68865e04f1137c93c8b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1623798593.cds106.fr8.hn,1623798593.cds238.fr8.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
33424
hotjar-1806619.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1806619.js?sv=6
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-66.fra2.r.cloudfront.net
Software
/
Resource Hash
1caf4af7bb747406dfb8013b7ce22b4e9695a729490bd128ef36d0821334199c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/d885c2ce7ce5a82d88887c8931a2f135
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
w15UHKNYUtMrEwKvDcC7MtNvcixgpYjN6QqENczKllarrRgiaECLBg==
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/
247 KB
73 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=607c547ef7dac62749ed6b04dfeef2e0&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d77dff4b3fcb4822f233b1ea76428194573fd9b430b11fd4c886cff2678f706a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://tamko.brightervision.com
Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Wx8ulmVT4biu6E3AhipYIw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74563
x-fb-rlafr
0
x-fb-debug
Ea22b4TUa0vo7GPv9TIuw1D5/KeWXLW7rdS1WJMPVxYtippsLMUxZBAp9Q+5720lzK7hUFSWX+f+WgVJTQ0AEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
92ea0678061eb7130602719da79a6c50
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 15 Jun 2021 23:09:53 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ab976b801dfcb4b3f75ea96fa5e0fb98"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 20:44:25 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=908332976335547&ev=fb_page_view&dl=https%3A%2F%2Ftamko.brightervision.com%2F&rl=&if=false&ts=1623798593376&sw=1600&sh=1200&at=
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 15 Jun 2021 23:09:53 GMT
modules.2eec52a83858fa832941.js
script.hotjar.com/
219 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.2eec52a83858fa832941.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1806619.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-37.vie50.r.cloudfront.net
Software
/
Resource Hash
f8060823674bd0720a5965c4eb9c5e81e984c9c226d3af654f648cc067b277a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 12:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
126348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59028
access-control-allow-origin
*
last-modified
Mon, 14 Jun 2021 12:03:47 GMT
etag
"c210e03edb655b1909cb7a5766c26d54"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
U-4f3u_2DLVE1CVi_p-Yq4HSdOL6GMTgqC8bBsJkTBYqGwxtW-P9mw==
in.php
in.getclicky.com/
63 B
371 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=101265366&type=pageview&href=%2F&title=Brighter%20Vision%20%7C%20Roofing%20Branding%20%26%20Website%20Design%20Tool&res=1600x1200&lang=en&jsuid=2492321155&mime=js&x=0.5189738131388135
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.11 Portland, United States, ASN2044 (IINET-2044, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/
2 KB
559 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/css/app.cd6056ab.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 21:26:37 GMT
server
ESF
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 23:09:53 GMT
css
fonts.googleapis.com/
662 B
352 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Viga
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/css/app.cd6056ab.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
81e00783eaf7a9eb0682b8df476e010260fe48026867b5e2a9c1d46b53832447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 22:32:20 GMT
server
ESF
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 23:09:53 GMT
css
fonts.googleapis.com/
735 B
381 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Hammersmith+One
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/css/app.cd6056ab.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cbfa306e2a61130bfd8cc2daf0d8989dad0ff4073751ab3002eeea58acac717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:07:18 GMT
server
ESF
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 23:09:53 GMT
css
fonts.googleapis.com/
2 KB
502 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/css/app.cd6056ab.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 21:33:10 GMT
server
ESF
date
Tue, 15 Jun 2021 23:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 23:09:53 GMT
/
beacon-v2.helpscout.net/
293 B
620 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: tamko.brightervision.com
URL: https://tamko.brightervision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-39.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12f2810b9b3e43f37e9c4758a3eb9a90f85abf00ec5ed1d5f98abf698a701db3

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 23:09:13 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 08:09:43 GMT
server
AmazonS3
age
42
etag
"fa1361ad6ca8d6c18a934419a52423b4"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
244
x-amz-cf-id
fO_xyicMfmZacUDB5ezlwm-up3bEGeK-EkGffi_BQbpq7uYEFXV1eg==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 4AC6
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1806619.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-37.fra2.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tamko.brightervision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tamko.brightervision.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
aIDO7vZtMt2xWBBIUhxUK_1NLzSyG5cwgNcwdCVDH_Qd4Jya55CYZQ==
age
1083289
vendor.c9197b45.js
beacon-v2.helpscout.net/static/js/
808 KB
198 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.c9197b45.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-39.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b4c0d4b2f03942374793c232d54e67c03c29f66bf32d0699f1365d8c2b92a9e

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:10:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 08:09:44 GMT
server
AmazonS3
age
3592
etag
"6ab45f51a0e2b51d8f43f350aae716d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
202650
x-amz-cf-id
ypXFVS8PlK7BFxIsy-R-dBVbZtWMub6w-qcBez_El4nc2l682TUMeA==
main.173705c6.js
beacon-v2.helpscout.net/static/js/
351 KB
74 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.173705c6.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-39.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b3306edc9edd705dfb3fb020207ccd44e9f77e06035780d9869835a78d7a06e

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:10:02 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 08:09:44 GMT
server
AmazonS3
age
3593
etag
"8155a5397b0046f77c8363e06bc27ffc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
74893
x-amz-cf-id
43D5tIFsp9oYCkBu0FCJ5-qbIw9Vw9fVyPvv0v7tuvlNc6uwoiVAhg==
common.js
maps.googleapis.com/maps-api-v3/api/js/45/2/
90 KB
32 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/2/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAiF8CrDvwVOXivcTfzjGUl_GKQmPeIfCs&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
646863cc7d971361fa95f95b7a01307e0761a8cbb7c5b352ffd5b16ce8a30e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33171
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 23:43:06 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 22:26:41 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/45/2/
286 KB
87 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/2/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAiF8CrDvwVOXivcTfzjGUl_GKQmPeIfCs&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3413d24b2e7c099732dfb8b1ac6af80782a7e2b4c423a8a57565c5370379feb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 07:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89477
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 23:43:06 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 07:30:23 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/
62 B
83 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Ftamko.brightervision.com%2F&4sAIzaSyAiF8CrDvwVOXivcTfzjGUl_GKQmPeIfCs&callback=_xdc_._dxaaoh&key=AIzaSyAiF8CrDvwVOXivcTfzjGUl_GKQmPeIfCs&token=62172
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/2/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
eadd2cf44a17505bf664ea60aead6ed9065a8c1025202a6f891270d68bd0af42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tamko.brightervision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 23:09:58 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=29
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| hj object| _hjSettings object| clicky_site_ids function| fbAsyncInit object| FB object| clicky_obj object| clicky object| clicky_custom undefined| test object| _genericStats object| _genericStatsCustom object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| wistiajsonp-/embed/medias/rr48oca7af.jsonp object| Calendly object| bodyScrollLock function| Beacon object| webpackJsonp function| _ object| regeneratorRuntime object| core function| beaconJsonp object| HSDSPortalWrapperGlobalManager object| _xdc_

5 Cookies

Domain/Path Name / Value
.tamko.brightervision.com/ Name: _jsuid
Value: 2492321155
.tamko.brightervision.com/ Name: _first_pageview
Value: 1
.brightervision.com/ Name: _hjFirstSeen
Value: 1
.brightervision.com/ Name: _hjid
Value: e8247796-62e0-44a5-81c4-f7af72561559
.brightervision.com/ Name: _hjTLDTest
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.calendly.com
beacon-v2.helpscout.net
cdn.jsdelivr.net
connect.facebook.net
fast.wistia.com
fonts.googleapis.com
in.getclicky.com
login.tamko.brightervision.com
maps.googleapis.com
pro.fontawesome.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.getclicky.com
static.hotjar.com
tamko.brightervision.com
vars.hotjar.com
www.facebook.com
13.224.195.37
13.225.74.66
151.139.128.8
198.145.13.11
2600:9000:20eb:400:d:1c5c:fb80:93a1
2606:4700::6810:5614
2606:4700::6810:abfd
2606:4700::6810:dd1d
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::622
34.194.108.77
99.86.241.37
99.86.241.39
0b3306edc9edd705dfb3fb020207ccd44e9f77e06035780d9869835a78d7a06e
0cbfa306e2a61130bfd8cc2daf0d8989dad0ff4073751ab3002eeea58acac717
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f2810b9b3e43f37e9c4758a3eb9a90f85abf00ec5ed1d5f98abf698a701db3
1caf4af7bb747406dfb8013b7ce22b4e9695a729490bd128ef36d0821334199c
3413d24b2e7c099732dfb8b1ac6af80782a7e2b4c423a8a57565c5370379feb5
3b4c0d4b2f03942374793c232d54e67c03c29f66bf32d0699f1365d8c2b92a9e
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
55b1c32c7a42efdda32753462880d4abec2e1a94f970bbf428470d09a5f20609
55ddd1f80cec627f624b79cea24ccd18fb38180c3bff6757ffe56be7c1a6445d
5c245452e76a4ced6d4e66e038f49fbc14803d11ffa3dab06bbf5f9b5bde23d5
646863cc7d971361fa95f95b7a01307e0761a8cbb7c5b352ffd5b16ce8a30e2f
711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
78e7bfcb7ef9319a645b47b1573cfbb9923745a49270e4ed2c4ed531968e279f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7e358e6598436e39ebf4f9db26c79faec26c7cab7a225b5652323e16fcf1364c
81e00783eaf7a9eb0682b8df476e010260fe48026867b5e2a9c1d46b53832447
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
967ff202fdae4187779a18fb2ed1bb4c96954f6cfb7a38fe68431b79d20d6639
9dc146b0780a633380160aa91b8b07bbe4443a07f438424de1e789e2c84d934b
c50c915eb46acd5868d82f84ffd310e7f25416feee913b7160036109005a3a72
caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220
d77dff4b3fcb4822f233b1ea76428194573fd9b430b11fd4c886cff2678f706a
eadd2cf44a17505bf664ea60aead6ed9065a8c1025202a6f891270d68bd0af42
f0bd461b72898c4f163b3ec06196d994a2b1a08e361c9703f1221333e69d9c66
f1379732dbbe68a17f8a3ce0be5b97cea0399e753647cf6ebadd6ac21250267e
f4547c205107ea8491b0f026cc7aef1ddac3d69aee65199784090776a405ed6f
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f708324411e683a97adec982f510055504e8dbd4097f550c0203136ca1ce6f11
f8060823674bd0720a5965c4eb9c5e81e984c9c226d3af654f648cc067b277a8