urlscan.io logo urlscan.io
SecurityTrails logo

services.totalgp.com Open in urlscan Pro
66.155.18.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ebill.nnsend.net/tota
Effective URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Submission: On August 11 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 28 HTTP transactions. The main IP is 66.155.18.81, located in Canada and belongs to CENTURYLINK-TIER3-CLOUD, US. The main domain is services.totalgp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 29th 2020. Valid for: 2 years.
This is the only time services.totalgp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 4 52.214.129.170 16509 (AMAZON-02)
11 66.155.18.81 6640 (CENTURYLI...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 16
4    52.214.129.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-129-170.eu-west-1.compute.amazonaws.com
ebill.nnsend.net
11    66.155.18.81 (Canada)

ASN6640 (CENTURYLINK-TIER3-CLOUD, US)
services.totalgp.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:70a2 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspotfeedback.com
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
forms.hubspot.com
1    2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
11 services.totalgp.com services.totalgp.com
4 ebill.nnsend.net 4 redirects
1 www.google.de
1 www.google.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com js.hsadspixel.net
1 forms.hubspot.com js.hsleadflows.net
1 track.hubspot.com
1 app.hubspot.com js.hubspotfeedback.com
1 api.hubapi.com js.hsadspixel.net
1 api.hubspot.com js.usemessages.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hubspotfeedback.com js.hs-scripts.com
1 js.hs-scripts.com services.totalgp.com
28 19
Subject Issuer Validity Valid
*.totalgp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-29 -
2022-08-01		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Frame ID: 92F685531E2F25EA42EC451AB850ED1D
Requests: 27 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 85899685CFD448438EEF22A6F40121FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ebill.nnsend.net/tota HTTP 302
    https://ebill.nnsend.net/tota/ HTTP 302
    https://ebill.nnsend.net/tota//main HTTP 302
    https://ebill.nnsend.net/tota/main/ HTTP 302
    https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

82 %
IPv6

16
Domains

19
Subdomains

16
IPs

4
Countries

465 kB
Transfer

1005 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ebill.nnsend.net/tota HTTP 302
    https://ebill.nnsend.net/tota/ HTTP 302
    https://ebill.nnsend.net/tota//main HTTP 302
    https://ebill.nnsend.net/tota/main/ HTTP 302
    https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
services.totalgp.com/cas-web//
Redirect Chain
  • https://ebill.nnsend.net/tota
  • https://ebill.nnsend.net/tota/
  • https://ebill.nnsend.net/tota//main
  • https://ebill.nnsend.net/tota/main/
  • https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
494cdc8f222e08dd9fc8a20aafc15c493801e670d30091117d3ef162cc4c6373

Request headers

Host
services.totalgp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Apache-Coyote/1.1
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache no-store
Set-Cookie
JSESSIONID=0896A82DAB88B13180D65C1CF34E8E7F; Path=/cas-web; Secure; HttpOnly
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Date
Tue, 11 Aug 2020 19:19:12 GMT

Redirect headers

Date
Tue, 11 Aug 2020 19:19:14 GMT
Server
Apache/2.4.29 (Ubuntu)
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Referrer-Policy
same-origin
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=6h54sqlkutt7h3kir3hsm4ts55; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
X-Content-Type-Options
nosniff
Feature-Policy
sync-xhr 'self'
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
shadowbox.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/css/shadowbox.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
51524b25a5833e2bba8349a71a83b9dfcc26acfca390ed462cd592ef3b4644c4

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"3578-1320244720000"
Content-Length
3578
Content-Type
text/css;charset=UTF-8
tgp-login.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/css/ 		227 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/css/tgp-login.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
bbb726271a4cd321e2a9fab4f7c6b22363852ad991489974a55869077103c345

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Tue, 22 Nov 2011 13:14:58 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"227-1321967698000"
Content-Length
227
Content-Type
text/css;charset=UTF-8
custom.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/css/ 		136 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/css/custom.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
09555fbadc3bbb0c9126e1ec84d47a8e0d12bed6926de507861c11ff9481959b

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Fri, 14 Jul 2017 11:39:06 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"138910-1500032346000"
Content-Length
138910
Content-Type
text/css;charset=UTF-8
jquery-1.3.2.min.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/js/ 		56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/js/jquery-1.3.2.min.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"57254-1320244720000"
Content-Length
57254
Content-Type
text/javascript;charset=UTF-8
jquery.cycle.all.min.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/js/jquery.cycle.all.min.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
32ecb0fb6e8ad825c70b5361752d6debc883ba5eb664003ca811f62b8a7e2001

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"23729-1320244720000"
Content-Length
23729
Content-Type
text/javascript;charset=UTF-8
superfish.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/js/superfish.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
393ce1d2014ea7651d9e5f7e34f13a442962917b046e64e3814a26b724b98e5a

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"3511-1320244720000"
Content-Length
3511
Content-Type
text/javascript;charset=UTF-8
rotate.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/js/ 		911 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/js/rotate.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7cc891041e7fef776ea684d7d66b138a2e7a68517718ad8c2a5066e9442586c9

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"911-1320244720000"
Content-Length
911
Content-Type
text/javascript;charset=UTF-8
shadowbox.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
services.totalgp.com/cas-web/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.totalgp.com/cas-web/js/shadowbox.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
874c2d343f7789d981943c54d74c5cd28f512da7088c3177b650a25f35b01b1d

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:40 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"22390-1320244720000"
Content-Length
22390
Content-Type
text/javascript;charset=UTF-8
TGPLogo.png
services.totalgp.com/TGPBootStrap-theme/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.totalgp.com/TGPBootStrap-theme/images/TGPLogo.png
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d410a6f760f0bfcab1647ab2a543a5c66456100a09f3196d153db1f780d9e7d8

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 29 Jul 2020 15:02:51 GMT
Server
Apache-Coyote/1.1
ETag
"3aeeb555"
Vary
Accept-Encoding
servlet-2_4-dispatcher
REQUEST
Content-Type
image/png
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
url-regex-ignore-pattern
.+/-/.+
Accept-Ranges
bytes
Content-Length
35569
Expires
Fri, 09 Aug 2030 19:19:13 UTC
499747.js
js.hs-scripts.com/ 		3 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/499747.js
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f04c4512a7571f85b77fef10eb2a35f1c2aa15e0cda4e32e8f65a68e3246e8

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
53
cf-polished
origSize=2711
status
200
cf-request-id
04808f7abe000063591e1fd200000001
cf-bgj
minify
server
cloudflare
x-trace
2B0CD20368092A2CD46947C3A154D0E95B3BCA3CCD000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.gas-power.total.co.uk
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5c144ea46a4c6359-FRA
expires
Tue, 11 Aug 2020 19:20:15 GMT
bg_topbar_li.gif
services.totalgp.com/cas-web/images/ 		49 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.totalgp.com/cas-web/images/bg_topbar_li.gif
Requested by
Host: services.totalgp.com
URL: https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
66.155.18.81 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fe279c70782888fcf5dcc930389197427a69396c24172dce0581edd5d448b27e

Request headers

Referer
https://services.totalgp.com/cas-web/css/custom.css;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 19:19:12 GMT
Last-Modified
Wed, 02 Nov 2011 14:38:38 GMT
Server
Apache-Coyote/1.1
Accept-Ranges
bytes
ETag
W/"49-1320244718000"
Content-Length
49
Content-Type
image/gif;charset=UTF-8
feedbackweb-new.js
js.hubspotfeedback.com/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:70a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c335affdbf94f05848700bbb0ddfd231044d1fd99faa58e042dce596406e2237

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Origin
https://services.totalgp.com

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
via
1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
cf-ray
5c144ea4f9a9d6c9-FRA
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
04808f7b1a0000d6c9bc278200000001
last-modified
Fri, 03 Jul 2020 02:25:01 UTC
server
cloudflare
etag
W/"532d96b6e84a55c17e54609229445467"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
AloWSMMjcPEhyb_ai8NxNE622HJNETy9
access-control-allow-origin
*
cache-control
max-age=600
content-type
application/javascript; charset=utf-8
x-amz-cf-id
WFqv9EN5O6ployyy2CLiBc5e244xNKJ4wBuPg5aDQOtt-E0afCkDqA==
leadflows.js
js.hsleadflows.net/ 		401 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd8e3c80fde83e3490dfc7c73960f19a751419aa0ac6d6f96f1d804fe0e5329

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
Origin
https://services.totalgp.com

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
43135
x-amz-server-side-encryption
AES256
cf-ray
5c144ea4fc201f3d-FRA
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
04808f7b1900001f3d052e6200000001
last-modified
Fri, 10 Jul 2020 12:21:49 UTC
server
cloudflare
etag
W/"f007144f3d6494a9cd817569e127a504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
P3rDtiJD7HKnxeSZdufzjpsEiajovPfK
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
YhhnwUaokTVC63p_Ial1CLpTfPzRvKKIMHayV_poyBFWYm9nuZfHMw==
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c53bd25028bc21dbf5ee69c8dc671c96ed980ea86f57609983e4106e626363

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
via
1.1 76a7fdbced88b6eccf433c4e386bae41.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
373
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
04808f7b240000dfc31ca3b200000001
last-modified
Fri, 31 Jul 2020 01:31:53 UTC
server
cloudflare
etag
W/"c13ae749af279de311c36dc329306de6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
yw3dTqRR__02xwXTzTX3FGzZNEyW5hKp
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
5c144ea5082bdfc3-FRA
x-amz-cf-id
I0sDaGdMv3SX5Um6THC0lEvK7hUPii9hFfDS1j_w0avMCQRFSp2adw==
499747.js
js.hs-banner.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/499747.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fd39aeb54d940e8c52f99ef800335573fc7119b8ebd1a673ae9dd490c41120

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=iwG38A==, md5=xf2LJpIK/MS8j8P4sHH0tg==
date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
br
cf-cache-status
HIT
age
74
x-guploader-uploadid
AAANsUn1ozqa5E3l7E9VjOjd1D7XYRvWEx8Z-0yUZ1tM2xx6VlZJfCo1q2TZe_07BiV-k-MPKhoGODv27rceTUF2bw
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
04808f7b1b0000dfc7872ce200000001
timing-allow-origin
*
last-modified
Wed, 27 May 2020 03:08:09 GMT
server
cloudflare
etag
W/"c5fd8b26920afcc4bc8fc3f8b071f4b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1590548889738863
access-control-allow-origin
https://www.gas-power.total.co.uk
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
24591
cf-ray
5c144ea4fff2dfc7-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 11 Aug 2020 19:23:02 GMT
499747.js
js.hs-analytics.net/analytics/1597173300000/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1597173300000/499747.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e903a49a7f6e0ff6a5fb205cecca4682528b76234aaea026c1149d9565c3b60e

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
br
cf-cache-status
HIT
age
126
x-amz-server-side-encryption
AES256
status
200
x-amz-request-id
7E356DA2ED62B5F8
x-amz-id-2
WC2Hz0uIjXdgMV9wSFM7C+d7L9fWXjyhVC1sk1mdExu5344w2eUEui8Z/Jq7q6w9xnP+jpyxMg0=
last-modified
Tue, 11 Aug 2020 15:43:01 GMT
server
cloudflare
etag
W/"1695dce6190c2e11448bf88e2ea4178e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
04808f7b1a0000c2ef05b09200000001
cf-ray
5c144ea4ff6bc2ef-FRA
expires
Tue, 11 Aug 2020 19:22:10 GMT
conversations-embed.js
js.usemessages.com/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/499747.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c07d660edcb60ec64e2a94922764be4058284b0968c7866a27f6a79040fc3d3

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
via
1.1 224f09e9c236b40d399a8b2851ac0069.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
04808f7b1b00001f2d8cb68200000001
last-modified
Fri, 07 Aug 2020 05:54:34 UTC
server
cloudflare
etag
W/"5c064b6e9e0c65d8352f15319845fc77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
r_XOpyTg1cpD2GOC1endMf6BTZtN1wX_
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
5c144ea4fd501f2d-FRA
x-amz-cf-id
51uiDKWjwRLo382W1j1dxdU5rzzHARgmphDRDEWhugmZ8V5i-HJRTw==
public
api.hubspot.com/livechat-public/v1/message/ 		332 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=499747&conversations-embed=static-1.7113&mobile=false&messagesUtk=728b90e3124746f0bf1586158a26478e&traceId=728b90e3124746f0bf1586158a26478e
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deacd6c7f27a40a2e5b8a588389e84d32da438eb1e67ae7c086078c725edb6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
X-HubSpot-Messages-Uri
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
251
cf-request-id
04808f7bc7000005d4b71cc200000001
server
cloudflare
x-trace
2B25AB79D217365712B39FD30AD7297DD32F4244BE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://services.totalgp.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
5c144ea6091905d4-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		67 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=499747
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e423fad61242d82137a0262f139ab6a76f7c66c62329a1e1617c6e0e049d31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
04808f7d390000062d8f3bf200000001
server
cloudflare
x-trace
2BF811CE6142CC3425C784029291BC01C65D6B53A7000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://services.totalgp.com
access-control-allow-credentials
false
cf-ray
5c144ea85836062d-FRA
access-control-allow-headers
*
feedback-web-fetcher
app.hubspot.com/ Frame 8589 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/feedback-web-fetcher
Requested by
Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/feedback-web-fetcher
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F

Response headers

status
200
date
Tue, 11 Aug 2020 19:19:16 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9147689f40f721303f96541937585cae1597173556; expires=Thu, 10-Sep-20 19:19:16 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Jul 2020 02:24:34 UTC
x-amz-server-side-encryption
AES256
x-amz-version-id
44ED3.In7sy9RIK_VohX80YpguKzOMlq
etag
W/"e07ae653d5a60b97dd1078022742981f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
IS54ZAoJ4a2oxBJ0xTQKnIXddbnJzs_3ZW23_atnfZq3tm0ha2dZIQ==
age
1187
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-request-id
04808f7d410000dfc78baff200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5c144ea86914dfc7-FRA
content-encoding
br
__ptq.gif
track.hubspot.com/ 		45 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=499747&pu=https%3A%2F%2Fservices.totalgp.com%2Fcas-web%2F%2Flogin%3Fservice%3Dhttps%253A%252F%252Febill.nnsend.net%252Ftota%252Fmain%252F&cts=1597173556520&vi=06095d9efef7a2b42297a4662478974e&nc=true&u=135815598.06095d9efef7a2b42297a4662478974e.1597173556516.1597173556516.1597173556516.1&b=135815598.1.1597173556517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5c144ea88f2e05f1-FRA
date
Tue, 11 Aug 2020 19:19:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
04808f7d51000005f1ad2f7200000001
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=499747&utk=06095d9efef7a2b42297a4662478974e&__hstc=135815598.06095d9efef7a2b42297a4662478974e.1597173556516.1597173556516.1597173556516.1&__hssc=135815598.1.1597173556517&currentUrl=https%3A%2F%2Fservices.totalgp.com%2Fcas-web%2F%2Flogin%3Fservice%3Dhttps%253A%252F%252Febill.nnsend.net%252Ftota%252Fmain%252F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9594427d29899c33b2b35581f8aed515315df4b4ed03a8b44b57c4c2c7096f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
04808f7d4f000005d4b71f1200000001
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://services.totalgp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
5c144ea878e205d4-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-963217713
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dbff1003817bf62494e9b563b3d5b2ba036cf2c5730e5e984ad3f1bd2028430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35698
x-xss-protection
0
last-modified
Tue, 11 Aug 2020 18:08:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Aug 2020 19:19:16 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-963217713
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
server
cafe
etag
5272426352805486351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Aug 2020 19:19:16 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963217713/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963217713/?random=1597173556780&cv=9&fst=1597173556780&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fservices.totalgp.com%2Fcas-web%2F%2Flogin%3Fservice%3Dhttps%253A%252F%252Febill.nnsend.net%252Ftota%252Fmain%252F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c310e57795b662c23f97245f62c77a1f5f37c0b70515b38349c4e94890a23719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Aug 2020 19:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963217713/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963217713/?random=1597173556780&cv=9&fst=1597172400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fservices.totalgp.com%2Fcas-web%2F%2Flogin%3Fservice%3Dhttps%253A%252F%252Febill.nnsend.net%252Ftota%252Fmain%252F&async=1&fmt=3&is_vtc=1&random=2943025272&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Aug 2020 19:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963217713/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963217713/?random=1597173556780&cv=9&fst=1597172400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fservices.totalgp.com%2Fcas-web%2F%2Flogin%3Fservice%3Dhttps%253A%252F%252Febill.nnsend.net%252Ftota%252Fmain%252F&async=1&fmt=3&is_vtc=1&random=2943025272&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://services.totalgp.com/cas-web//login?service=https%3A%2F%2Febill.nnsend.net%2Ftota%2Fmain%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Aug 2020 19:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Shadowbox boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _hsp boolean| _hspb_loaded boolean| PIXELS_RAN object| _paq boolean| _hstc_loaded function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| hsFeedback object| onHsFeedbackReady boolean| hsFeedbackLoaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| dataLayer object| google_tag_manager object| google_tag_data boolean| LEAD_FLOW_DOCUMENT_READY_RAN function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.totalgp.com/ Name: hubspotutk
Value: 06095d9efef7a2b42297a4662478974e
.totalgp.com/ Name: __hssc
Value: 135815598.1.1597173556517
.totalgp.com/ Name: __hssrc
Value: 1
.totalgp.com/ Name: __hstc
Value: 135815598.06095d9efef7a2b42297a4662478974e.1597173556516.1597173556516.1597173556516.1
services.totalgp.com/cas-web Name: JSESSIONID
Value: 0896A82DAB88B13180D65C1CF34E8E7F

1 Console Messages

Source Level URL
Text
console-api log URL: https://services.totalgp.com/cas-web/js/jquery.cycle.all.min.js;jsessionid=0896A82DAB88B13180D65C1CF34E8E7F(Line 16)
Message:
[cycle] terminating; zero elements found by selector

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
ebill.nnsend.net
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspotfeedback.com
js.usemessages.com
services.totalgp.com
track.hubspot.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.18.2
2606:4700::6811:44b0
2606:4700::6811:70a2
2606:4700::6811:71b0
2606:4700::6811:cacc
2606:4700::6811:d5cc
2606:4700::6811:e9cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2004
2a00:1450:4001:814::2002
2a00:1450:4001:815::2008
2a00:1450:4001:821::2003
52.214.129.170
66.155.18.81
09555fbadc3bbb0c9126e1ec84d47a8e0d12bed6926de507861c11ff9481959b
0dd8e3c80fde83e3490dfc7c73960f19a751419aa0ac6d6f96f1d804fe0e5329
32ecb0fb6e8ad825c70b5361752d6debc883ba5eb664003ca811f62b8a7e2001
393ce1d2014ea7651d9e5f7e34f13a442962917b046e64e3814a26b724b98e5a
494cdc8f222e08dd9fc8a20aafc15c493801e670d30091117d3ef162cc4c6373
4c07d660edcb60ec64e2a94922764be4058284b0968c7866a27f6a79040fc3d3
4dbff1003817bf62494e9b563b3d5b2ba036cf2c5730e5e984ad3f1bd2028430
51524b25a5833e2bba8349a71a83b9dfcc26acfca390ed462cd592ef3b4644c4
51e423fad61242d82137a0262f139ab6a76f7c66c62329a1e1617c6e0e049d31
69f04c4512a7571f85b77fef10eb2a35f1c2aa15e0cda4e32e8f65a68e3246e8
7cc891041e7fef776ea684d7d66b138a2e7a68517718ad8c2a5066e9442586c9
874c2d343f7789d981943c54d74c5cd28f512da7088c3177b650a25f35b01b1d
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
9594427d29899c33b2b35581f8aed515315df4b4ed03a8b44b57c4c2c7096f6a
9deacd6c7f27a40a2e5b8a588389e84d32da438eb1e67ae7c086078c725edb6c
a7fd39aeb54d940e8c52f99ef800335573fc7119b8ebd1a673ae9dd490c41120
b3c53bd25028bc21dbf5ee69c8dc671c96ed980ea86f57609983e4106e626363
bbb726271a4cd321e2a9fab4f7c6b22363852ad991489974a55869077103c345
c310e57795b662c23f97245f62c77a1f5f37c0b70515b38349c4e94890a23719
c335affdbf94f05848700bbb0ddfd231044d1fd99faa58e042dce596406e2237
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
d410a6f760f0bfcab1647ab2a543a5c66456100a09f3196d153db1f780d9e7d8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e903a49a7f6e0ff6a5fb205cecca4682528b76234aaea026c1149d9565c3b60e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe279c70782888fcf5dcc930389197427a69396c24172dce0581edd5d448b27e