Submitted URL: https://u1395503.ct.sendgrid.net/wf/click?upn=ZzGr5SzOA-2Bv4SDofPjvaTma4ApLOFrsd2Z626swArdKvXOgRhJPbATT3xp6xD2amv5UogLw5xqFMLIMOg...
Effective URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Submission Tags: falconsandbox
Submission: On January 30 via api from US

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 18.235.142.16, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.aflacduckfeed.com.
TLS certificate: Issued by Amazon on January 3rd 2021. Valid for: a year.
This is the only time www.aflacduckfeed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
1 17 18.235.142.16 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 6
Domain Requested by
17 www.aflacduckfeed.com 1 redirects www.aflacduckfeed.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.aflacduckfeed.com
1 fonts.googleapis.com www.aflacduckfeed.com
1 u1395503.ct.sendgrid.net 1 redirects
20 5

This site contains no links.

Subject Issuer Validity Valid
*.aflacduckfeed.com
Amazon
2021-01-03 -
2022-01-31
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Frame ID: 26A0B01B48A6F419BED2B248CA6D4BD3
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://u1395503.ct.sendgrid.net/wf/click?upn=ZzGr5SzOA-2Bv4SDofPjvaTma4ApLOFrsd2Z626swArdKvXOgRhJPbATT3xp6xD... HTTP 302
    https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@gra... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2817 kB
Transfer

2890 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u1395503.ct.sendgrid.net/wf/click?upn=ZzGr5SzOA-2Bv4SDofPjvaTma4ApLOFrsd2Z626swArdKvXOgRhJPbATT3xp6xD2amv5UogLw5xqFMLIMOgn-2FoJWUVCUNY1s2TBbay-2BnBrrg66XdeTAFkFX6-2BA-2F9nagjdFRo5mi9ZHkEUU7AEqMsPWyg-2F-2BLyMk71Z3qpilVMki0eg-3D_FaqtxgqZTc3qe8ewoTQYE-2BCsgZXcn9gdJ7VFU-2BGvtte4ukTaDZM0K5dxvq8sQYIy6KIO1cpVh6UuCk2ZHu9aBluF5rjzKpC6VJDKqSfswkFJVUGlTgrFivLnAOosahGu-2FU8LvoD5zuRxEkiLQvZTr1eNao1swDkdSFsd7QPC-2FjEYEKZQ-2BOQ4Z0sAK-2FBnYhie3uOySE3QE9trC-2F0LDdnBwdciUIBTZ9R4J3nE-2BWlpDR38det0HEmmHNbDH103WM6c HTTP 302
    https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.aflacduckfeed.com/logout?jsVer=1.26.4&ts=1612006614795 HTTP 302
  • https://www.aflacduckfeed.com/

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.aflacduckfeed.com/
Redirect Chain
  • https://u1395503.ct.sendgrid.net/wf/click?upn=ZzGr5SzOA-2Bv4SDofPjvaTma4ApLOFrsd2Z626swArdKvXOgRhJPbATT3xp6xD2amv5UogLw5xqFMLIMOgn-2FoJWUVCUNY1s2TBbay-2BnBrrg66XdeTAFkFX6-2BA-2F9nagjdFRo5mi9ZHkEUU7...
  • https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
6 KB
2 KB
Document
General
Full URL
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
cd350018b0f52f29b02c56707954053caa83662471b8da338e2ccb218b8fd8d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:method
GET
:authority
www.aflacduckfeed.com
:scheme
https
:path
/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
content-type
text/html; charset=utf-8
server
nginx
x-powered-by
Express
etag
W/"160f-gQGKOM4Whs9oifU0VSdWjAL5I/Y"
strict-transport-security
max-age=63072000; includeSubDomains; preload always max-age=63072000; includeSubDomains; preload always
x-xss-protection
1; mode=block 1; mode=block
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 30 Jan 2021 11:36:52 GMT
Content-Type
text/html; charset=utf-8
Content-Length
144
Connection
keep-alive
Location
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
X-Robots-Tag
noindex, nofollow
ionic.min.css
www.aflacduckfeed.com/lib/ionic/css/
201 KB
201 KB
Stylesheet
General
Full URL
https://www.aflacduckfeed.com/lib/ionic/css/ionic.min.css
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
f9c6e4298793d9bed973520132c97854d3af2a2b685d58b36960a99900b8bc65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Tue, 10 Dec 2019 21:09:36 GMT
server
nginx
x-powered-by
Express
etag
W/"322bf-16ef1a55e2c"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
205503
x-xss-protection
1; mode=block, 1; mode=block
ionic.bundle.min.js
www.aflacduckfeed.com/lib/ionic/js/
482 KB
483 KB
Script
General
Full URL
https://www.aflacduckfeed.com/lib/ionic/js/ionic.bundle.min.js
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
fe0abb80b92355697bfe6116e985a2c71880aa0e5ef3b9722e601fbc0fdf349b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Sun, 13 Jan 2019 19:44:53 GMT
server
nginx
x-powered-by
Express
etag
W/"78944-16848beda58"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
493892
x-xss-protection
1; mode=block, 1; mode=block
cordova.js
www.aflacduckfeed.com/
0
356 B
Script
General
Full URL
https://www.aflacduckfeed.com/cordova.js
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Sun, 13 Jan 2019 19:44:53 GMT
server
nginx
x-powered-by
Express
etag
W/"0-16848bed9f8"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block, 1; mode=block
global.css
www.aflacduckfeed.com/dist/css/
122 KB
122 KB
Stylesheet
General
Full URL
https://www.aflacduckfeed.com/dist/css/global.css?v=1.26.4
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
ec78008de34b4c8053e29c47d0108bc014e35364ff0178ba50d5151df52a5d42
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Thu, 28 Jan 2021 21:59:55 GMT
server
nginx
x-powered-by
Express
etag
W/"1e714-1774b02901c"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
124692
x-xss-protection
1; mode=block, 1; mode=block
templateCache.js
www.aflacduckfeed.com/dist/templates/
504 KB
505 KB
Script
General
Full URL
https://www.aflacduckfeed.com/dist/templates/templateCache.js?v=1.26.4
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
af59dbe6d8befa894127cefc3fea208713c3c1a42a7b27f4c064fb3bc09c450f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Thu, 28 Jan 2021 21:58:05 GMT
server
nginx
x-powered-by
Express
etag
W/"7dfb3-1774b00e441"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
516019
x-xss-protection
1; mode=block, 1; mode=block
scripts.min.js
www.aflacduckfeed.com/dist/js/
1 MB
1 MB
Script
General
Full URL
https://www.aflacduckfeed.com/dist/js/scripts.min.js?v=1.26.4
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e111aedfdf26aa93cef73f5626cc68098ac73456d86a3cec3e93f20571d514d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
last-modified
Tue, 26 Jan 2021 22:34:54 GMT
server
nginx
x-powered-by
Express
etag
W/"160c9a-17740d5e1a8"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1445018
x-xss-protection
1; mode=block, 1; mode=block
init.js
www.aflacduckfeed.com/
820 B
1 KB
Script
General
Full URL
https://www.aflacduckfeed.com/init.js?v=1.26.4
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b47efc935b74fe7757363772184c299414d6641873876e2e754494de51f7e784
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:53 GMT
etag
W/"334-2i82yh1hPeNwYp3wSmvdax5pTNs"
server
nginx
x-powered-by
Express
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
application/javascript; charset=utf-8
content-length
820
x-xss-protection
1; mode=block, 1; mode=block
css
fonts.googleapis.com/
3 KB
534 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,900,700
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/dist/js/scripts.min.js?v=1.26.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Jan 2021 11:36:54 GMT
server
ESF
date
Sat, 30 Jan 2021 11:36:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Jan 2021 11:36:54 GMT
desktopStyles.css
www.aflacduckfeed.com/dist/css/
410 B
776 B
Stylesheet
General
Full URL
https://www.aflacduckfeed.com/dist/css/desktopStyles.css
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/dist/js/scripts.min.js?v=1.26.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
c0654dd462bc8b8f42f2a87ef968e5da7bac63c5137c1aee5eb84716d4a1379b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:54 GMT
last-modified
Thu, 28 Jan 2021 21:59:53 GMT
server
nginx
x-powered-by
Express
etag
W/"19a-1774b028a89"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
410
x-xss-protection
1; mode=block, 1; mode=block
gtm.js
www.googletagmanager.com/
104 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W3F2BXZ
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/dist/js/scripts.min.js?v=1.26.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f67b7ba2824333f1a38670160caafeb8d8ec13e4abaa5d5bcff1146cd345e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34093
x-xss-protection
0
last-modified
Sat, 30 Jan 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Jan 2021 11:36:54 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,900,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.aflacduckfeed.com
Referer
https://fonts.googleapis.com/css?family=Lato:400,300,900,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 06:30:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
18389
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Sun, 30 Jan 2022 06:30:25 GMT
aflacHoz.png
www.aflacduckfeed.com/img/
11 KB
11 KB
Image
General
Full URL
https://www.aflacduckfeed.com/img/aflacHoz.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
901b6ff1f781985832d320b44a3ae1d3aca5e6e99f1e68e9cd21f37332854342
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:54 GMT
last-modified
Sat, 31 Mar 2018 00:04:58 GMT
server
nginx
x-powered-by
Express
etag
W/"2c8e-162795f1821"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
11406
x-xss-protection
1; mode=block, 1; mode=block
getSettings
www.aflacduckfeed.com/
345 B
596 B
XHR
General
Full URL
https://www.aflacduckfeed.com/getSettings?ver=web&jsVer=1.26.4&ts=1612006614678
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/lib/ionic/js/ionic.bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
5cfcc74a2e5caa2743e9f4f53afe6310c44638a8b29127b487cbde9f6dd45f2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:54 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
x-powered-by
Express
content-length
345
x-xss-protection
1; mode=block, 1; mode=block
/
www.aflacduckfeed.com/
Redirect Chain
  • https://www.aflacduckfeed.com/logout?jsVer=1.26.4&ts=1612006614795
  • https://www.aflacduckfeed.com/
6 KB
2 KB
XHR
General
Full URL
https://www.aflacduckfeed.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
cd350018b0f52f29b02c56707954053caa83662471b8da338e2ccb218b8fd8d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:54 GMT
content-encoding
gzip
etag
W/"160f-gQGKOM4Whs9oifU0VSdWjAL5I/Y"
server
nginx
x-powered-by
Express
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block, 1; mode=block

Redirect headers

date
Sat, 30 Jan 2021 11:36:54 GMT
server
nginx
x-powered-by
Express
vary
Accept
content-type
text/plain; charset=utf-8
location
/
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-length
23
x-xss-protection
1; mode=block, 1; mode=block
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,900,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.aflacduckfeed.com
Referer
https://fonts.googleapis.com/css?family=Lato:400,300,900,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 06:05:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
279061
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Thu, 27 Jan 2022 06:05:54 GMT
log
www.aflacduckfeed.com/
0
255 B
XHR
General
Full URL
https://www.aflacduckfeed.com/log?jsVer=1.26.4&ts=1612006615107
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/lib/ionic/js/ionic.bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 30 Jan 2021 11:36:55 GMT
vary
X-HTTP-Method-Override
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
x-powered-by
Express
content-length
0
x-xss-protection
1; mode=block, 1; mode=block
aflacHoz.png
www.aflacduckfeed.com/img/
11 KB
11 KB
Image
General
Full URL
https://www.aflacduckfeed.com/img/aflacHoz.png
Requested by
Host: www.aflacduckfeed.com
URL: https://www.aflacduckfeed.com/lib/ionic/js/ionic.bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
901b6ff1f781985832d320b44a3ae1d3aca5e6e99f1e68e9cd21f37332854342
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:55 GMT
last-modified
Sat, 31 Mar 2018 00:04:58 GMT
server
nginx
x-powered-by
Express
etag
W/"2c8e-162795f1821"
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
11406
x-xss-protection
1; mode=block, 1; mode=block
%7B%7B::langDoc.intro.playStoreBtnUrl%7D%7D
www.aflacduckfeed.com/
0
285 B
Image
General
Full URL
https://www.aflacduckfeed.com/%7B%7B::langDoc.intro.playStoreBtnUrl%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:55 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
server
nginx
x-powered-by
Express
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/html; charset=utf-8
content-length
0
x-xss-protection
1; mode=block, 1; mode=block
%7B%7B::langDoc.intro.appStoreBtnUrl%7D%7D
www.aflacduckfeed.com/
0
285 B
Image
General
Full URL
https://www.aflacduckfeed.com/%7B%7B::langDoc.intro.appStoreBtnUrl%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.142.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-142-16.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.aflacduckfeed.com/?accessCode=d8cf913a-5079-4bf2-bbe0-db3ed8da8418&email=klawrence+testing@grapevine6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 11:36:55 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
server
nginx
x-powered-by
Express
strict-transport-security
max-age=63072000; includeSubDomains; preload always, max-age=63072000; includeSubDomains; preload always
content-type
text/html; charset=utf-8
content-length
0
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ionic function| _rAF object| angular number| ng339 function| _typeof boolean| app boolean| mobile string| serverURL boolean| ionicTest boolean| newAccount object| contact string| userId string| loginDisclaimer boolean| isIE11 string| extBrowserBarColor string| contactEmail object| SSO boolean| allowSFCookies string| chromeExtensionId string| chromeExtensionlink function| querystringFromStr function| querystring function| onMessage function| sendExtensionMessage function| extensionCheckProp boolean| localStorAvailJS boolean| plugin string| urlToShare string| composeStream string| articleToShare string| sidToShare string| sURLToShare string| artidToShare string| emailToShare function| getCurrentDomain object| queryN object| launchEdit number| openUrlCount undefined| lastFocsExtWin object| win string| cssId object| head object| link function| loadSecureBrowser function| dismissSafari function| setFocusOnClose function| loadNewWinJS function| loadExternalWinJS function| loadArticleWinJS function| loadMailProtocol string| GTMCode function| runGTMCode function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperty function| LoadingController function| snackBarService function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| ArtCatController function| ownKeys function| _objectSpread function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| NotificationService function| AccountController function| FeedbackController function| HelpController function| ReportsController function| SettingsCtrlController object| defaultChartColors object| styleColors function| getChartColors function| loadChartColours function| initStyles function| loadStyles function| nativeSplit boolean| compliantExecNpcg function| _typeof2 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Color function| Chart function| setWLColours function| showThirdPartyAlert function| checkandSetUTS function| handleOpenURL function| loadOAuth function| loadAuthWinJS object| langLib function| Picker object| mp object| collide function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| twttr string| appName string| appTitle string| appTitleFormatted string| appIcon string| URL_SCHEME object| global object| chartColors object| dataLayer object| google_tag_manager object| pCnode string| primaryColor function| register function| handleIOS boolean| BOOTSTRAP_OK object| data function| getTopTermsFromShare

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload always max-age=63072000; includeSubDomains; preload always
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
u1395503.ct.sendgrid.net
www.aflacduckfeed.com
www.googletagmanager.com
167.89.115.54
18.235.142.16
2a00:1450:4001:801::2003
2a00:1450:4001:808::2008
2a00:1450:4001:825::2003
2a00:1450:4001:829::200a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0f67b7ba2824333f1a38670160caafeb8d8ec13e4abaa5d5bcff1146cd345e0e
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5cfcc74a2e5caa2743e9f4f53afe6310c44638a8b29127b487cbde9f6dd45f2c
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
901b6ff1f781985832d320b44a3ae1d3aca5e6e99f1e68e9cd21f37332854342
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
af59dbe6d8befa894127cefc3fea208713c3c1a42a7b27f4c064fb3bc09c450f
b47efc935b74fe7757363772184c299414d6641873876e2e754494de51f7e784
c0654dd462bc8b8f42f2a87ef968e5da7bac63c5137c1aee5eb84716d4a1379b
cd350018b0f52f29b02c56707954053caa83662471b8da338e2ccb218b8fd8d2
e111aedfdf26aa93cef73f5626cc68098ac73456d86a3cec3e93f20571d514d9
e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec78008de34b4c8053e29c47d0108bc014e35364ff0178ba50d5151df52a5d42
f9c6e4298793d9bed973520132c97854d3af2a2b685d58b36960a99900b8bc65
fe0abb80b92355697bfe6116e985a2c71880aa0e5ef3b9722e601fbc0fdf349b