www.heritagepci.com
Open in
urlscan Pro
141.193.213.20
Public Scan
Effective URL: https://www.heritagepci.com/
Submission: On October 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on September 11th 2022. Valid for: 3 months.
This is the only time www.heritagepci.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.heritagepci.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
gcp-gateway.us.api.mitel.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
44 |
heritagepci.com
1 redirects
www.heritagepci.com |
491 KB |
9 |
mitel.io
webchat.mitel.io — Cisco Umbrella Rank: 149025 director.api.mitel.io — Cisco Umbrella Rank: 158537 gcp-gateway.us.api.mitel.io — Cisco Umbrella Rank: 217153 |
401 KB |
7 |
gstatic.com
fonts.gstatic.com |
249 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118 ajax.googleapis.com — Cisco Umbrella Rank: 485 |
9 KB |
3 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 |
2 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 |
20 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 19 |
565 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129 |
92 KB |
2 |
mimecast.com
2 redirects
protect-us.mimecast.com — Cisco Umbrella Rank: 24198 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154 |
15 KB |
74 | 10 |
Domain | Requested by | |
---|---|---|
44 | www.heritagepci.com |
1 redirects
www.heritagepci.com
|
7 | webchat.mitel.io |
www.heritagepci.com
webchat.mitel.io |
7 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.google-analytics.com |
www.heritagepci.com
www.google-analytics.com |
3 | fonts.googleapis.com |
www.heritagepci.com
ajax.googleapis.com |
2 | www.google.com |
www.heritagepci.com
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
|
2 | www.googletagmanager.com |
www.heritagepci.com
|
2 | protect-us.mimecast.com | 2 redirects |
1 | gcp-gateway.us.api.mitel.io |
webchat.mitel.io
|
1 | director.api.mitel.io |
webchat.mitel.io
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | ajax.googleapis.com |
www.heritagepci.com
|
74 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
heritagepci-idtheft.com |
hrtgagents.com |
investors.heritagepci.com |
workforcenow.adp.com |
www.linkedin.com |
www.facebook.com |
twitter.com |
www.instagram.com |
heritagepci.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.heritagepci.com R3 |
2022-09-11 - 2022-12-10 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
webchat.mitel.io Amazon |
2021-11-01 - 2022-11-29 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.api.mitel.io Amazon |
2022-02-23 - 2023-03-24 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.us.api.mitel.io Amazon |
2022-02-23 - 2023-03-24 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.heritagepci.com/
Frame ID: 015B4D56A02BE1AA53B2BA4131F33BDB
Requests: 68 HTTP requests in this frame
Frame:
https://webchat.mitel.io/?accountid=ZmUyNTFjZWQtOGRjZC00NGEyLTkwN2QtYjM2NmFkZmFhYmFk&chatname=SGVyaXRhZ2UgSW5zdXJhbmNl&chaturl=aHR0cHM6Ly9nY3AtZ2F0ZXdheS51cy5hcGkubWl0ZWwuaW8vMjAxOC0wNS0yNy9tZXNzZW5nZXIvYWNjb3VudHMvZmUyNTFjZWQtOGRjZC00NGEyLTkwN2QtYjM2NmFkZmFhYmFkL2NoYXRzP2NoYXRuYW1lPUhlcml0YWdlIEluc3VyYW5jZQ==
Frame ID: 3747E5E331CA308ADB3C8E53129B698F
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Heritage Property & Casualty Company - HomePage URL History Show full URLs
-
https://protect-us.mimecast.com/s/gXrQCZ6wXZhZVwoQFz4vjx?domain=heritagepci.com
HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVNtu3DYQ_ZWFnndl3i9GEdh1kNZA7SCxgzxkiwXFy65aURJEqq4b-N87ktaJ7aR... HTTP 307
http://www.heritagepci.com/ HTTP 301
https://www.heritagepci.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
- lightbox(?:-plus-jquery)?.{0,32}\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Revslider (Miscellaneous) Expand
Detected patterns
- /revslider/[/\w-]+/js
TrackJs (Analytics) Expand
Detected patterns
- tracker\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
prettyPhoto (JavaScript Libraries) Expand
Detected patterns
- (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
- jquery\.prettyPhoto\.js
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
Title: Identity Theft
Search URL Search Domain Scan URL
Title: Agent Login
Search URL Search Domain Scan URL
Title: Investors
Search URL Search Domain Scan URL
Title: Welcome
Search URL Search Domain Scan URL
Title: News Releases
Search URL Search Domain Scan URL
Title: Financial Information
Search URL Search Domain Scan URL
Title: Events & Webcasts
Search URL Search Domain Scan URL
Title: Corporate Governance
Search URL Search Domain Scan URL
Title: Stock Information
Search URL Search Domain Scan URL
Title: Investor FAQs
Search URL Search Domain Scan URL
Title: Information Request
Search URL Search Domain Scan URL
Title: Career Opportunities
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Agent Login
Search URL Search Domain Scan URL
Title: Investor Presentation
Search URL Search Domain Scan URL
Title: News Releases
Search URL Search Domain Scan URL
Title: Financial Information
Search URL Search Domain Scan URL
Title: Events & Webcasts
Search URL Search Domain Scan URL
Title: Corporate Governance
Search URL Search Domain Scan URL
Title: Stock Information
Search URL Search Domain Scan URL
Title: Investor FAQs
Search URL Search Domain Scan URL
Title: Information Request
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-us.mimecast.com/s/gXrQCZ6wXZhZVwoQFz4vjx?domain=heritagepci.com
HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVNtu3DYQ_ZWFnndl3i9GEdh1kNZA7SCxgzxkiwXFy65aURJEqq4b-N87ktaJ7aR9yguh4Vw4c3TOfC4G2-fitKh8zvel803sBtOcHeLBdqXtYrEums4Wp3hdDN76us-5jh5sITjSnAqBEAIf1CDrwuRs7KFuQwclP2-PdvRtTtvi9BPchLrx1yZ6MLdFHkybYp1S3bWlj822WG-LdDB49oZKW-WDoNpQaq1DyCiPvBGYWWKwRphILAV_zCJcLHmWW-1UEBU2jHHjq4oG6Q1nkmGBHBEBOeNCZYXkSlKJWKiIZ8Y5GZShc73o-FyMS6kkBpfAQTnBoZDl0hDFKFLC2Tl46Lp886MbAJhv7_sFqOhTMnu_PRmCVYRsUh6ryrtl8vqfKWjC4mH9EuGqc_flIcfnyGJFnbeWKY2RAGArEpB2WPEqaIGo0M5TQFq9RFZoz4RBBOZwTCJnJeKVo9xzZJg1QQoX4IJhXLnAJGaIYOQYYwhrAnx5hqzjHnCgWBHjFKqoDxX2mBMsFZLYke8h-2MaeIps9n_n7Qkg1DwFUyuO2cPvD8B-VwPvJ4VctmD1tStOJYihNyCK4uLDzTmj55iCy8xRFwdv__zw_rflAngNd-fWgpmiSQewdKACS8opk07zQAKRFGB3gSAGHsY5FzpwNKW0boCMgx_qDL_fNqaO6ezR7G19VGgaqz-mt7sWFGVzN6zeDGZ0q8u0etuubg9-9b5OHgJzzFfd2MIMxZiyH-LU-LQBvkoWpq37-oli20cuvfbN6mraDuvVz9O2WF3MkPlo6mYh23_skDnMdRDXznFPHAvGPi2wEqE5_H26TP61py8t_HocfXUxQ_Hi_f_H6ZsuvuOu-0UfmpQMlcDEUi88PHQpL0qEx_wA_r3JfgpITZli7o_jLBhfdw5WZIHQBG_dw-ezinAZ034aufgJ0RKTEgvOVSleC_6GUnEWc7OJOfVwGMQ23ZjJqylp2QI5QSJBBKiNBMhHM6IoB_84NBNbcu5Ptyfbk7u7u_JbrviJpfud3fjdmBDeESl2fzk4N5jvvvB5d6yPd3x3ZMoGxtkopDWiEuPpvf04z_DLu7fvLnYfb68vb67q28bny_Fjdwd-C5ld9INd4HgqlsHvF230Q5dBX5sxlZMurUl5bvThX3WH_Q8 HTTP 307
http://www.heritagepci.com/ HTTP 301
https://www.heritagepci.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.heritagepci.com/ Redirect Chain
|
65 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prettyPhoto.css
www.heritagepci.com/wp-content/plugins/wp-video-lightbox/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-video-lightbox.css
www.heritagepci.com/wp-content/plugins/wp-video-lightbox/ |
1 KB 575 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.heritagepci.com/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple-banner.css
www.heritagepci.com/wp-content/plugins/simple-banner/ |
487 B 328 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.heritagepci.com/wp-content/themes/heritage/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.heritagepci.com/wp-content/themes/heritage/css/ |
111 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-theme.min.css
www.heritagepci.com/wp-content/themes/heritage/css/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slicknav.css
www.heritagepci.com/wp-content/themes/heritage/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.heritagepci.com/wp-content/themes/heritage/css/ |
41 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.2.min.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.prettyPhoto.js
www.heritagepci.com/wp-content/plugins/wp-video-lightbox/js/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-lightbox.js
www.heritagepci.com/wp-content/plugins/wp-video-lightbox/js/ |
7 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple-banner.js
www.heritagepci.com/wp-content/plugins/simple-banner/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
35 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.slicknav.min.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframeResizer.min.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr2.8.3.min.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.heritagepci.com/wp-content/themes/heritage/js/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
116 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_heritage_insurance_rgb.png
www.heritagepci.com/wp-content/themes/heritage/images/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-ethics.svg
www.heritagepci.com/wp-content/uploads/2015/01/ |
1 KB 979 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-experience.svg
www.heritagepci.com/wp-content/uploads/2015/01/ |
1 KB 776 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-agents.svg
www.heritagepci.com/wp-content/uploads/2015/01/ |
1 KB 959 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
contractor_fraud.png
www.heritagepci.com/wp-content/uploads/2022/09/ |
17 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heritage-difference.jpg
www.heritagepci.com/wp-content/uploads/2017/05/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
platinum-preferred.jpg
www.heritagepci.com/wp-content/uploads/2019/02/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heritage-insurance-linkedin.png
www.heritagepci.com/wp-content/uploads/2015/01/ |
166 B 444 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heritage-insurance-facebook.png
www.heritagepci.com/wp-content/uploads/2017/11/ |
114 B 391 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heritage-insurance-twitter.png
www.heritagepci.com/wp-content/uploads/2015/01/ |
204 B 481 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_instagram_white.png
www.heritagepci.com/wp-content/uploads/2019/06/ |
462 B 737 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
go-to-top.png
www.heritagepci.com/wp-content/themes/heritage/images/ |
120 B 383 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hrtg-nyse-listed-white.png
www.heritagepci.com/wp-content/uploads/2015/01/ |
522 B 795 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heritage-insurance-logo-black-white.png
www.heritagepci.com/wp-content/uploads/2015/01/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
soliloquy.css
www.heritagepci.com/wp-content/plugins/soliloquy/assets/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rs6.css
www.heritagepci.com/wp-content/plugins/revslider/public/assets/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comment-reply.min.js
www.heritagepci.com/wp-includes/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rbtools.min.js
www.heritagepci.com/wp-content/plugins/revslider/public/assets/js/ |
126 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rs6.min.js
www.heritagepci.com/wp-content/plugins/revslider/public/assets/js/ |
383 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm4wp-form-move-tracker.js
www.heritagepci.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ |
1 KB 550 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
soliloquy-min.js
www.heritagepci.com/wp-content/plugins/soliloquy/assets/js/min/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ |
10 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
118 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
preloader.gif
www.heritagepci.com/wp-content/plugins/soliloquy/assets/css/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
date-bubble.png
www.heritagepci.com/wp-content/themes/heritage/images/ |
440 B 701 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCu6KVjbNBYlgoKej70l0k.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
37 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pillar-glow.png
www.heritagepci.com/wp-content/themes/heritage/images/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ |
10 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrapper.js
webchat.mitel.io/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/882462324/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe251ced-8dcd-44a2-907d-b366adfaabad
director.api.mitel.io/2018-07-01/whereami/ |
150 B 563 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/882462324/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chats
gcp-gateway.us.api.mitel.io/2018-05-27/messenger/accounts/fe251ced-8dcd-44a2-907d-b366adfaabad/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
webchat.mitel.io/ Frame 3747 |
684 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.6edb2458e8198deb03ee.css
webchat.mitel.io/ Frame 3747 |
253 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.268896f4ea6f21b9ce26.js
webchat.mitel.io/ Frame 3747 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.dd0ddce72bb94cac0024.js
webchat.mitel.io/ Frame 3747 |
76 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.e63a15a07e676d04964b.js
webchat.mitel.io/ Frame 3747 |
31 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.ef9f63440db43846747b.js
webchat.mitel.io/ Frame 3747 |
1 MB 316 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery boolean| pp_alreadyInitialized object| vlpp_vars object| jQuery1112034010505066735397 function| iFrameResize string| htmlClassName undefined| imgs undefined| svgExtension function| $$ boolean| didScroll undefined| msViewportStyle object| county_list object| WebFontConfig string| GoogleAnalyticsObject function| ga function| wpvl_paramReplace string| WP_VIDEO_LIGHTBOX_VERSION string| WP_VID_LIGHTBOX_URL object| dataLayer_content function| gtag function| setREVStartSize object| RS_MODULES object| addComment object| soliloquy_ajax function| soliloquyIsMobile function| soliloquyYouTubeVids function| soliloquyYouTubeOnStateChange function| soliloquyVimeoVids function| soliloquyVimeoSliderPause function| soliloquyVimeoSliderStart function| soliloquyWistiaVids function| soliloquyLocalVids function| soliloquyInitManually number| soliloquy_width_1795 object| soliloquy_slider boolean| doresize object| scroll_pos boolean| hashtag object| nodes object| WebFont object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| cacheTime boolean| load6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.heritagepci.com/ | Name: _ga Value: GA1.2.105919513.1665150471 |
|
.heritagepci.com/ | Name: _gid Value: GA1.2.87494745.1665150471 |
|
.heritagepci.com/ | Name: _gat Value: 1 |
|
.heritagepci.com/ | Name: _dc_gtm_UA-165744794-1 Value: 1 |
|
.heritagepci.com/ | Name: _gcl_au Value: 1.1.929299754.1665150471 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
director.api.mitel.io
fonts.googleapis.com
fonts.gstatic.com
gcp-gateway.us.api.mitel.io
googleads.g.doubleclick.net
protect-us.mimecast.com
stats.g.doubleclick.net
webchat.mitel.io
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.heritagepci.com
141.193.213.20
142.250.80.98
205.139.111.117
2600:9000:23cb:c00:1f:5417:2880:93a1
2600:9000:2512:600:9:429c:140:93a1
2600:9000:2512:b800:3:a8ac:1c0:93a1
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2004
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:823::200a
2607:f8b0:4006:823::200e
03e062c8df89efc8bb5788f310d45c12f7f1dbb2329bba5cc127292a14689429
05cda4d5156ef81e8c4783cf57f51db4c973e615ac57e3cc7c6541149a98b898
0757d7cb33a6c2d2a1c2aaae8b9e0bdf0662fb2098c3da4d6e91e6c2f4ac1f78
09e7597051dc1cc7a5bba401e88e19c069540df1ed3e276977f9ba57661614f6
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0c532a75618d46ee6ad3edf455f6705203b676d07f2254cf2c6b3840b7067b12
100a135d8e7d5ebf1fe83b0b16da1d8d8b2321acdc4d5c24a1f9a7df53b23cf1
10b4b73d26d73deea018288ef430f6e877af5562016c3342a92070acb1f42af9
184967fdb47301488540ec812b68f60944d1605d0bb9c12ccfb009262466f7d7
195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a
1d4ef6993f67781729793f88e75b74864b1592ec411364ac93298d625bf72953
1f2352c928e56b8779c3f7882820bc9c2b5057701618f1b33bff6d3fed90acdb
26918e4295cab1eaecebc5d4719c212691f040bfe31daf0c7caf08f7a0de520a
29a15ce48cec440f2745da88f96e6e59174cab6127d9f26e981bda384b8676a0
32d30f6c5572954aec4593b42c3553ffcb1d340ef774cda946fe9f2b71c9825d
334381f9a9f1764f7a06b73ac08823057dead088987fe193577ed96fbe9f2a35
33dd57ede6143cf0975df8b3d48ffd7a4bccdeac9c2872cf53f15440b648d643
39d406975630353cea8647e0d8e6b32eb1802ac9c628606c86a7742764e3e9b8
4bc95a163be301ae1d955b0b299c67014509a4a9d4a1f64f5f3067d476357138
4e423035fcc80b4fbb5d9af05f562bafef2b76cf2067e8bb7e57d37e6538bd67
5b303bf5eb8ec41916e282b6fe480a149cd65b7f427918dae31895fafe005650
5bba7f08bef5f928424ca89aa88d5336814983686882fb20d4b2de07cd2965a6
5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b
5fe92ff714011f9a82e55ca7e03b9990da59cf86e008e8da2ade72110a0ecb7e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6442ce60563758ba06410370c08165a7ba6945b731ebd419bec095a6057f8230
66c2e64128875dffba79474ceef49db75900b194d87de5196a6d6245bfd6e846
674abd71d5c14804b553afdba16c919dc645d651c930a5d04ab708fb2ab41f54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0c489d9ab712d6670a54b4e665a39072926d309b001e179ccd721102b558df
72b469912160f56609e87c6424dc25702905fd7aa88d0ccd9eeb64a8ca4c0e26
767b3d3fd6fc1cb5aba57f3619e604ceb4f003acb8cfa446278184b71e051362
771b935c2868b6d866fcdca2f09c0fefd7fb1e09be699800a52171cf9f5b4d1b
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f168d97769d59290a7abeaa77ebfe63833d85a87d76ca4b01ac7ef9c15ce614
7f23876e19a6b663618c97af88127a1fec27eca9d9c724775034302dbbf7c814
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8401cd481960cf04be264a4f63040ec0d6b2488dcf6fbd4a9a78e3bcd7b3ff9b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
98b42c4a3f82988603b67c8f5971530029fad2c497a9e4074c7cd68845179ac2
9bd3ea6707d0f5c2bbf6dfcf66cf272482b1101cf68f9466bd5950af6256da75
9f9768821826629de08fcdadb6d6c3ad52034be381903f76e9a8bf21fa554741
a144a2debb8f5767c73d17d18081ffb1a4d5e4006a846aed7f2ebcce13655aee
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
aca5f1cf510711d2415a01f32cba305ec5a322fda26287deb1892819db7fd939
ad532aab55918c3152ada6b8a6a14cfc664a6ea1f4df1e81bedd8c69c28a9732
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9e0b099ecada020d86a984c0f2082d8732e049bfe6642f5ef88d88ae2fbdc76
bbf36164018fdfc45f54713e19f31086a0513b3e94192ce69d0c83f9f4e19ce4
c386837da7ff7e333ccf14593c22c0de60c720f6b7f0535d5e43edba79afffa7
c3df3b3736216920765be10622d9684bd9be06e394c68cc79ef2e497476704a2
cab4b18fa040c8cd4549935f6ad1bf3a0941aeb1ba6973412a509ab16aa84f2d
d048af27682e7811ddf8a3be2684b8446f5c16c4fb39141567913ac8aac28fc0
d08dc471a2bab780533f817c6f16a33cd79947c9228fa96c430b1786b4e52183
d4d6733b123bdea37d8d777e4226cfc2816736e14f71ef1e79d3c32961ddc42a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8d8c8d9113694907995cf9f34cd91d259450e77b3027e78aa35876c45a5d146
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e6dc7ce53d1d9c8b99973901ee95ab0aaeeda6791a4ed43ace0858192d1d04d1
e71a3c4673efe1ecf818a578e99aa5469b34309cd5d46eeffbdf01644f273b51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa25e762505208b58076bab4db1dc7cd88b705a08a096e0ec3311cc4352995b
f229fcd4f2c83dbd2ee87ee7be177146e75a954c6ba982e4c29936d2a409cb03
f391031321aa6c31e6bd2fd25f39147386fb8acb1be994088d4274b45a9f0288
f4ba02c2a690c0ec91dcfe19da42dcf9a0034b4f5aab6fb7d15d98d28ae31d4c
f4f426ee60981899d76706a2192f4e507e0b1e56d6d2957374514d0d04adc494
f5dd22e31ee5818e5f5fa44d760c951bc03a20219483045105e3cffe702d5ad9
f8f417a68c735e2dc51768ab5e9eceb24d28a5468a25808babd898e0cd6a237a