urlscan.io logo urlscan.io
SecurityTrails logo

ku.mu Open in urlscan Pro
107.180.1.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.sidekickopen83.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw101?te=W3R5hFj4cm2zw...
Effective URL: https://ku.mu/offerings/
Submission: On December 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 57 HTTP transactions. The main IP is 107.180.1.2, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is ku.mu.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 25th 2020. Valid for: 10 months.
This is the only time ku.mu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
33 107.180.1.2 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
1 18.195.173.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
57 20
1    2606:4700::6812:171c (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen83.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
eventtracking.hubspot.com
track.hubspot.com
app.hubspot.com
33    107.180.1.2 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-1-2.ip.secureserver.net
ku.mu
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2104:0:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
1    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2600:9000:20eb:8200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2104:1200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    18.195.173.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-173-122.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
forms.hubspot.com
1    2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
2    2a02:26f0:eb:39c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
Domain Requested by
33 ku.mu ku.mu
2 px.ads.linkedin.com 1 redirects
2 snap.licdn.com js.hsadspixel.net
snap.licdn.com
2 api.hubspot.com js.usemessages.com
2 fonts.googleapis.com ku.mu
1 app.hubspot.com js.usemessages.com
1 www.linkedin.com 1 redirects
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hubspot.com js.hscollectedforms.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 www.google-analytics.com google-analytics.com
1 l.sharethis.com platform-api.sharethis.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 fonts.gstatic.com fonts.googleapis.com
1 google-analytics.com ku.mu
1 buttons-config.sharethis.com platform-api.sharethis.com
1 js.hs-scripts.com ku.mu
1 platform-api.sharethis.com ku.mu
1 eventtracking.hubspot.com 1 redirects
1 t.sidekickopen83.com 1 redirects
57 25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
Subject Issuer Validity Valid
ku.mu
Go Daddy Secure Certificate Authority - G2		 2020-06-25 -
2021-04-12		 10 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2020-05-05 -
2021-06-05		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://ku.mu/offerings/
Frame ID: 7196BCA8241E32EA653D4B0E467AE181
Requests: 54 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 0C7CA805B9E9402018B1AD1F6CD3E87F
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8489305/threads/utk/0fd79e1226114624aac656ad93d6afeb?uuid=4cf956ce72b34f968ae0915517dcd14d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ku.mu&inApp53=false&messagesUtk=0fd79e1226114624aac656ad93d6afeb&url=https%3A%2F%2Fku.mu%2Fofferings%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 3B76471B0F522A47AF9590B6F81FA64A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.sidekickopen83.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw... HTTP 301
    https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw... HTTP 307
    https://ku.mu/offerings/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[/\w-]+\/js/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[/\w-]+\/js/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[/\w-]+\/js/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[/\w-]+\/js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

100 %
HTTPS

91 %
IPv6

17
Domains

25
Subdomains

20
IPs

4
Countries

1077 kB
Transfer

3219 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen83.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw101?te=W3R5hFj4cm2zwW3Y1dtB4hcG_nW3M1ZkV41S8nh0&si=8000000004966467&pi=151ff1a9-9e7e-41bd-bc1e-7e5c4def893f HTTP 301
    https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw101?te=W3R5hFj4cm2zwW3Y1dtB4hcG_nW3M1ZkV41S8nh0&si=8000000004966467&pi=151ff1a9-9e7e-41bd-bc1e-7e5c4def893f HTTP 307
    https://ku.mu/offerings/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2664380%26url%3Dhttps%253A%252F%252Fku.mu%252Fofferings%252F%26time%3D1607440112951%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951&liSync=true

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ku.mu/offerings/
Redirect Chain
  • https://t.sidekickopen83.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw101?te=W3R5hFj4cm2zwW3Y1dtB4hcG_nW3M1ZkV41S8nh0&si=8000000004966467&pi=151ff1a9-9e7e-41bd-bc...
  • https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8cp38JW58M6tb2zGCwVN8Jbw_8QsRtKVn1xgP3LyKqFW16gGzB3J50bw101?te=W3R5hFj4cm2zwW3Y1dtB4hcG_nW3M1ZkV41S8nh0&si=8000000004966467&pi=151ff1a9-9e7e-41...
  • https://ku.mu/offerings/
41 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache / PHP/7.3.23
Resource Hash
457805fd543ad3666f19378ddabd103b8b92b4bcdeab50acb8af2b6cac4bd392

Request headers

:method
GET
:authority
ku.mu
:scheme
https
:path
/offerings/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
server
Apache
x-powered-by
PHP/7.3.23
vary
Accept-Encoding,Cookie,User-Agent
cache-control
max-age=3, must-revalidate
content-encoding
gzip
content-length
10281
last-modified
Fri, 04 Dec 2020 09:46:53 GMT
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 08 Dec 2020 15:08:29 GMT
set-cookie
__cfduid=df41117710382782558bf2e26484e51a31607440109; expires=Thu, 07-Jan-21 15:08:29 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax _hetc=5725eebc-a765-4e14-af07-e0d6328c6b70|1607440109916|ACOD57cwLAIUL6QNBfAfHQ/KEkUcZfy8e0Wz6LoCFGCiJ+CxRbS01i3Q2hfwzyx9byXL;Version=1;Comment=;Domain=eventtracking.hubspot.com;Path=/;Max-Age=31536000
x-robots-tag
none
link
<https://ku.mu/offerings/>; rel="canonical"
location
https://ku.mu/offerings/
referrer-policy
no-referrer
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-request-id
06e47ea88c00002b4108b91000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5fe766edabd02b41-FRA
style.min.css
ku.mu/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-includes/css/dist/block-library/style.min.css?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Sep 2020 19:53:12 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7907
expires
Thu, 07 Jan 2021 15:08:30 GMT
styles.css
ku.mu/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 17:46:43 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
730
expires
Thu, 07 Jan 2021 15:08:30 GMT
rs6.css
ku.mu/wp-content/plugins/revslider/public/assets/css/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.2
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
7f618063d56febc293240fa3a3d8281433f248faa4045a4e076fe45b8d69e9ec

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12676
expires
Thu, 07 Jan 2021 15:08:30 GMT
master-min.php
ku.mu/wp-content/themes/mexin-wp/css/ 		1 MB
129 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/mexin-wp/css/master-min.php?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache / PHP/7.3.23
Resource Hash
da5075d4703948663321eef625f0ee8e560768ad7867b01c38c4f58a45babf6d

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/7.3.23
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
expires
Thu, 07 Jan 2021 15:08:30 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C900%7CRoboto%7CRoboto+Slab%3A300%2C400&ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6337363e063b7ce40b160d1986b1bdf24777a93e8e325fbf8f274d76ca6436d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 15:08:30 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 08 Dec 2020 15:08:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 08 Dec 2020 15:08:30 GMT
style.css
ku.mu/wp-content/themes/mexin-wp/ 		1 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/mexin-wp/style.css?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
0c40325e4ba55204eb45fb99fdbc6bd283242eb036d5228df5e9a1542567e72d

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Sat, 23 Apr 2016 19:44:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
737
expires
Thu, 07 Jan 2021 15:08:30 GMT
style.css
ku.mu/wp-content/themes/Mexin_child_theme/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/Mexin_child_theme/style.css?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
47a8e53684bbcd47c9e26992e89b5dab8286a377e1bdb8631c64f134e77a9575

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 16:32:33 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7332
expires
Thu, 07 Jan 2021 15:08:30 GMT
fa.css
ku.mu/wp-content/themes/Mexin_child_theme/ 		81 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/Mexin_child_theme/fa.css?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
3c8964f62a5c0d93e31ff17aaa627c884c705ac7117e810917d8ca19852ab8cd

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 19:05:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16487
expires
Thu, 07 Jan 2021 15:08:30 GMT
jquery.js
ku.mu/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Wed, 22 May 2019 07:54:00 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33776
expires
Thu, 07 Jan 2021 15:08:30 GMT
rbtools.min.js
ku.mu/wp-content/plugins/revslider/public/assets/js/ 		119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.2
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
41d764db49ec1705c84b60b85bc505a0997616846bf4a8b52849bfcaf8d21909

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46106
expires
Thu, 07 Jan 2021 15:08:30 GMT
rs6.min.js
ku.mu/wp-content/plugins/revslider/public/assets/js/ 		327 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.2
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
f2fdbf6c120edbed909aa46429db3b1de29096018625219f522db31f2b7b9cfd

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:30 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 07 Jan 2021 15:08:30 GMT
sharethis.js
platform-api.sharethis.com/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:0:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 14:59:59 GMT
content-encoding
gzip
age
511
etag
W/"191a1-f+Ej8FZ9fSI4UoZYvR0ukXG/9to"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
OYzcXMITVETtUmI59Z5SE2YwniRZd1NGctYsfaRR1UAM4i5X1UPt0A==
kumu-wordmark-white.png
ku.mu/wp-content/uploads/2020/09/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/09/kumu-wordmark-white.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
3fafe94898fcef6a09fcddb0c0c089e520580ea43881e633757897cb948ae9b4

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 28 Sep 2020 21:49:35 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25308
expires
Wed, 08 Dec 2021 15:08:32 GMT
blue.png
ku.mu/wp-content/uploads/2020/09/ 		661 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/09/blue.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
14f50070c4bdbd6f9cfcda1687a00cd9c858fde1b1f8f36b4a9bb0de1cc4be33

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Wed, 07 Oct 2020 15:35:34 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
661
expires
Wed, 08 Dec 2021 15:08:32 GMT
t-mobile-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/t-mobile-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
94bec73331d5017232230652b2b624d8865705a54512e9eaabdbcb97aa7cde66

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:31 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26129
expires
Wed, 08 Dec 2021 15:08:32 GMT
lululemon-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/lululemon-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
83b538f5411e8634495e5d477d54386a9e8b81954d1803b1bd352420f76c2292

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20728
expires
Wed, 08 Dec 2021 15:08:32 GMT
telus-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/telus-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
8709aa5127e6deb97e85f99742ee9721f3b712b4139b0ae909751a37bc818ad8

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:21 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20409
expires
Wed, 08 Dec 2021 15:08:32 GMT
bchydro-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/bchydro-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
371e8a578dcb2ea4434ccb4df7bcc5e7e79d4bd57575a4fcb9cfbeb732c2bd55

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:33 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37073
expires
Wed, 08 Dec 2021 15:08:32 GMT
oceanwise-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/oceanwise-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
b8734e77d4441697cd3b55fa69224f88f0d11a90ee850612fa8b6dc65ad627cd

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:26 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50486
expires
Wed, 08 Dec 2021 15:08:32 GMT
chrysalix-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/chrysalix-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
3c55494c8e7e12b54fd60ea4ccebbdd8ee25e7565d3457831302a75bdd8aa012

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:18 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
40235
expires
Wed, 08 Dec 2021 15:08:32 GMT
ens-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/ens-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
8e01602c1ef7586d3e8cef12ff659c5924dc88ad57c7d6e14d643b55775e25e6

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:12 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
53484
expires
Wed, 08 Dec 2021 15:08:32 GMT
nfl-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/nfl-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
1f6aa673915a5afa75faa8d93b5ac2ca27e03738b2bb763bb7bad625cd4f8322

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:23 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28556
expires
Wed, 08 Dec 2021 15:08:32 GMT
theclimaterealityproject-logo-bw.png
ku.mu/wp-content/uploads/2020/10/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/uploads/2020/10/theclimaterealityproject-logo-bw.png
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
d0c133e4b3d0576c4d95ab4c1497631acd42673ca7debbd0085036a57b67d60d

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Mon, 05 Oct 2020 17:06:15 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42563
expires
Wed, 08 Dec 2021 15:08:32 GMT
css
fonts.googleapis.com/ 		2 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 14:18:03 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 08 Dec 2020 15:08:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 08 Dec 2020 15:08:31 GMT
scripts.js
ku.mu/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:31 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 17:46:43 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3951
expires
Thu, 07 Jan 2021 15:08:31 GMT
jquery.plugins.js
ku.mu/wp-content/themes/mexin-wp/js/ 		165 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/mexin-wp/js/jquery.plugins.js
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
480339ff2f16a1415a07ae8aad93edd64710fa89ae7bf11f18c1ff13d917809d

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:31 GMT
content-encoding
gzip
last-modified
Wed, 23 Sep 2020 15:42:08 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
42089
expires
Thu, 07 Jan 2021 15:08:31 GMT
mexin-custom.js
ku.mu/wp-content/themes/mexin-wp/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/mexin-wp/js/mexin-custom.js
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
16d069407783f0d8ae39e9f6131f531118a70e14c03643df29fac480198f9ae6

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:31 GMT
content-encoding
gzip
last-modified
Wed, 23 Sep 2020 15:39:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6142
expires
Thu, 07 Jan 2021 15:08:31 GMT
wp-embed.min.js
ku.mu/wp-includes/js/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-includes/js/wp-embed.min.js?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:31 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 15:41:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
769
expires
Thu, 07 Jan 2021 15:08:31 GMT
js_composer_front.min.js
ku.mu/wp-content/plugins/js_composer/assets/js/dist/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2.1
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:31 GMT
content-encoding
gzip
last-modified
Sat, 16 Apr 2016 00:08:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5581
expires
Thu, 07 Jan 2021 15:08:31 GMT
8489305.js
js.hs-scripts.com/ 		2 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8489305.js
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44273b50b37466bb4c3fbc0bfac971830fb96051f5a4d11e37d34e923d43749a

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-trace
2BA20F30957349430A43F7EEB6F2A58EC42BD40F68000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://ku.mu
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5fe766fdab5d061c-FRA
cf-request-id
06e47eb28e0000061ca5110000000001
expires
Tue, 08 Dec 2020 15:09:32 GMT
wp-emoji-release.min.js
ku.mu/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-includes/js/wp-emoji-release.min.js?ver=8a4023f41274f37e1729071559925102
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 16:35:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4671
expires
Thu, 07 Jan 2021 15:08:32 GMT
5b3c47c7c5ed9600115218aa.js
buttons-config.sharethis.com/js/ 		30 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5b3c47c7c5ed9600115218aa.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:33 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
last-modified
Wed, 04 Jul 2018 04:06:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"e6e1643313740711175f51662a65b42f"
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
Cy3qKQjoHa8NXbwmTqEDbO_PB9FB2KEfeP-6k8J0G1Y-EgdtDCmV4w==
analytics.js
google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: ku.mu
URL: https://ku.mu/offerings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4398
date
Tue, 08 Dec 2020 13:55:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 08 Dec 2020 15:55:14 GMT
bdbg1.png
ku.mu/wp-content/themes/mexin-wp/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/themes/mexin-wp/images/bdbg1.png
Requested by
Host: ku.mu
URL: https://ku.mu/wp-content/themes/mexin-wp/css/master-min.php?ver=8a4023f41274f37e1729071559925102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
71227d09b4572555770e369aeba9ff162fdaa4345d05755164a18552cd52479f

Request headers

Referer
https://ku.mu/wp-content/themes/mexin-wp/css/master-min.php?ver=8a4023f41274f37e1729071559925102
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Wed, 26 Nov 2014 20:45:12 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17460
expires
Wed, 08 Dec 2021 15:08:32 GMT
Regular-Bold.woff
ku.mu/wp-content/themes/Mexin_child_theme/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/Mexin_child_theme/fonts/Regular-Bold.woff
Requested by
Host: ku.mu
URL: https://ku.mu/wp-content/themes/Mexin_child_theme/style.css?ver=8a4023f41274f37e1729071559925102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
34535c4633c75f42189a83b4057da57fedc5c7b5a84c937292aa4778608d7c28

Request headers

Origin
https://ku.mu
Referer
https://ku.mu/wp-content/themes/Mexin_child_theme/style.css?ver=8a4023f41274f37e1729071559925102
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Nov 2015 21:07:28 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
47961
Regular-Regular.woff
ku.mu/wp-content/themes/Mexin_child_theme/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/Mexin_child_theme/fonts/Regular-Regular.woff
Requested by
Host: ku.mu
URL: https://ku.mu/wp-content/themes/Mexin_child_theme/style.css?ver=8a4023f41274f37e1729071559925102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
a42bf26c6f4c60ab40309f94c2a6ce1b5ce8d362360cf9cd5200adb864c6603e

Request headers

Origin
https://ku.mu
Referer
https://ku.mu/wp-content/themes/Mexin_child_theme/style.css?ver=8a4023f41274f37e1729071559925102
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
gzip
last-modified
Mon, 09 Nov 2015 21:07:31 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
46520
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C900%7CRoboto%7CRoboto+Slab%3A300%2C400&ver=8a4023f41274f37e1729071559925102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ku.mu
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C900%7CRoboto%7CRoboto+Slab%3A300%2C400&ver=8a4023f41274f37e1729071559925102
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
496037
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 02 Dec 2021 21:21:15 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 0C7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ku.mu/offerings/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ku.mu/offerings/

Response headers

content-type
text/html; charset=utf-8
accept-ranges
bytes
last-modified
Thu, 19 Nov 2020 18:19:12 GMT
content-encoding
gzip
cache-control
max-age=3600, public
etag
W/"83a-175e1bb5500"
date
Tue, 08 Dec 2020 14:48:14 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
ucGrNuEwJ1huvNVAPhX8Adrn5meiQ4aXaPgB6_XfNahDJHdJYlXmQw==
age
1218
fontawesome-webfont.woff
ku.mu/wp-content/themes/mexin-wp/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ku.mu/wp-content/themes/mexin-wp/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: ku.mu
URL: https://ku.mu/wp-content/themes/mexin-wp/css/master-min.php?ver=8a4023f41274f37e1729071559925102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Origin
https://ku.mu
Referer
https://ku.mu/wp-content/themes/mexin-wp/css/master-min.php?ver=8a4023f41274f37e1729071559925102
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
gzip
last-modified
Wed, 26 Nov 2014 20:45:12 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
65453
loader.gif
ku.mu/wp-content/plugins/revslider/public/assets/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ku.mu/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by
Host: ku.mu
URL: https://ku.mu/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.1.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-1-2.ip.secureserver.net
Software
Apache /
Resource Hash
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

Referer
https://ku.mu/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
last-modified
Thu, 03 Dec 2020 17:05:15 GMT
server
Apache
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2545
expires
Wed, 08 Dec 2021 15:08:32 GMT
pview
l.sharethis.com/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=ku.mu&location=%2Fofferings%2F&product=ga&url=https%3A%2F%2Fku.mu%2Fofferings%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Offerings%20-%20Kumu%20Agency&cms=unknown&publisher=5b3c47c7c5ed9600115218aa&sop=true&bsamesite=true&consent_cookie_duration=212&consent_duration=212&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.173.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-173-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 15:08:32 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://ku.mu
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
collect
www.google-analytics.com/j/ 		2 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=384687076&t=pageview&_s=1&dl=https%3A%2F%2Fku.mu%2Fofferings%2F&ul=en-us&de=UTF-8&dt=Offerings%20-%20Kumu%20Agency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1380640436&gjid=80234625&cid=2004445148.1607440112&tid=UA-40694345-1&_gid=275985832.1607440112&_r=1&_slc=1&z=251233895
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Dec 2020 15:08:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ku.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.js
js.hsadspixel.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8489305.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
via
1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
212
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=5fe761cf6fc92b12-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
06e47eb38f00002c269b12a000000001
last-modified
Wed, 02 Dec 2020 05:20:17 UTC
server
cloudflare
etag
W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
5fe766ff48cc2c26-FRA
x-amz-cf-id
-c-sivpLOrfvtYcQGGXkGYzHzF63x1W2JVt8rgk9keGVbIp3qFrBgA==
conversations-embed.js
js.usemessages.com/ 		79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8489305.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
via
1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
210
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fe761db78f0177e-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
06e47eb3be00002c3e650e6000000001
last-modified
Mon, 07 Dec 2020 03:40:46 UTC
server
cloudflare
etag
W/"084f0064b523664ce082aebef736853e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
5fe766ff9b3e2c3e-FRA
x-amz-cf-id
hOR-_wDAg-ODpqkJ2I52ZoHHnFVt5m5By46skJ-76sUYHgxaOH1vFg==
8489305.js
js.hs-analytics.net/analytics/1607439900000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1607439900000/8489305.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8489305.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63337f7ae52ff45832c4814546a949695ec72d5fdd8752b6362d14c3848e3b15

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
BD7016E109E44E35
x-amz-server-side-encryption
AES256
cf-ray
5fe766ff980dc2db-FRA
x-amz-id-2
5Yg5F5FToAceAkqlcenovesZcx0/nuaIuzIyUEXwpsCVk/oDTaYR/1OKJU7WYwXswGotpVDph6Y=
last-modified
Mon, 07 Dec 2020 22:29:32 GMT
server
cloudflare
etag
W/"5e85174277061010e0162e3d61f22e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
06e47eb3bf0000c2dbb62f1000000001
content-type
text/javascript
expires
Tue, 08 Dec 2020 15:13:32 GMT
collectedforms.js
js.hscollectedforms.net/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8489305.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin
https://ku.mu
Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
via
1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=5fe766ff9ff205b3-IAD
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
06e47eb3c4000005b30dbae000000001
cf-ray
5fe766ff9ff205b3-FRA
last-modified
Wed, 18 Nov 2020 03:17:23 UTC
server
cloudflare
etag
W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
DEDVMgNPTYgH241LrFcdEBSr0ofltJI59I3B9dUSVGc3O0fcOqtSvg==
8489305.js
js.hs-banner.com/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8489305.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8489305.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd21152ea0c9bcb531c55c9effd8f53236711cdcf3e1c6b9f6f6cc242f09bf8

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=VblPBg==, md5=VouT9ieuvGq6G560gOtQLA==
date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ABg5-UwDmo79PK-DQ1FuMIk6vDAFxq5uDvgJc7iL7hZ3MaZ1GobfhX9FdY0OMorn6WeJxwCLGy-63j68PE_-3Uvrq_1bqvQubA
x-goog-storage-class
STANDARD
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
06e47eb3bf0000c2fe3224e000000001
timing-allow-origin
*
last-modified
Mon, 30 Nov 2020 23:55:24 GMT
server
cloudflare
etag
W/"568b93f627aebc6aba1b9eb480eb502c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1606780524113431
access-control-allow-origin
https://ku.mu
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
51435
cf-ray
5fe766ff9fc3c2fe-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 08 Dec 2020 15:13:32 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8489305&conversations-embed=static-1.7966&mobile=false&messagesUtk=0fd79e1226114624aac656ad93d6afeb&traceId=0fd79e1226114624aac656ad93d6afeb
Protocol
H2
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://ku.mu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2B71C27E74327B7CEBFCFCADB1237D381918918322000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
access-control-allow-credentials
false
access-control-allow-origin
https://ku.mu
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status
DYNAMIC
cf-request-id
06e47eb4370000d709e53fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5fe767005abbd709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8489305&conversations-embed=static-1.7966&mobile=false&messagesUtk=0fd79e1226114624aac656ad93d6afeb&traceId=0fd79e1226114624aac656ad93d6afeb
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ac2dd0b21d466f3e2fce867f4831f861303624734e91aa2502b84856c62010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ku.mu/offerings/

Response headers

date
Tue, 08 Dec 2020 15:08:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1436
cf-request-id
06e47eb4c10000d709c29a4000000001
server
cloudflare
x-trace
2BE6B4084BF127E1B6B5E337F9ADB2315EF5287772000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ku.mu
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
5fe767013c5ad709-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8489305&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce9ce07f0e75f38a6677a071eebceb764369b601db4871fb42a626fa2265985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
06e47eb4840000d709ea0f9000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ku.mu
access-control-allow-credentials
false
cf-ray
5fe76700dba6d709-FRA
access-control-allow-headers
*
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		66 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=8489305
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626803fb348f87bf801d08c56e463f684b1b2f5c3ba2c37c4e61837856303b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
06e47eb49c000064bb0ca7b000000001
server
cloudflare
x-trace
2BA842EAC5C69CE334AEE4FC1B37CDA0CC4B2565E1000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ku.mu
access-control-allow-credentials
false
cf-ray
5fe76700f8ac64bb-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=8489305&rcu=https%3A%2F%2Fku.mu%2Fofferings%2F&pu=https%3A%2F%2Fku.mu%2Fofferings%2F&t=Offerings+-+Kumu+Agency&cts=1607440112788&vi=dd9bd44feb7110774aa8f1eb0f186f13&nc=true&u=44745083.dd9bd44feb7110774aa8f1eb0f186f13.1607440112778.1607440112778.1607440112778.1&b=44745083.1.1607440112784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5fe76700fc042b41-FRA
date
Tue, 08 Dec 2020 15:08:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
06e47eb49f00002b413bb3e000000001
x-robots-tag
none
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:39c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 15:08:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=73751
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:39c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 15:08:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=78542
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2664380%26url%3Dhttps%253A%252F%252Fku.mu%252Fofferings%252F%26time%3D16074401129...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ku.mu/offerings/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 15:08:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
ET/4O0TGThaQLfaI0yoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
C9wtMkTGThZg1AqxtyoAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: CC2A41BFC2994551ABF3209EDDA34343 Ref B: FRAEDGE0706 Ref C: 2020-12-08T15:08:33Z
x-frame-options
sameorigin
date
Tue, 08 Dec 2020 15:08:32 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2664380&url=https%3A%2F%2Fku.mu%2Fofferings%2F&time=1607440112951&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
0fd79e1226114624aac656ad93d6afeb
app.hubspot.com/conversations-visitor/8489305/threads/utk/ Frame 3B76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/8489305/threads/utk/0fd79e1226114624aac656ad93d6afeb?uuid=4cf956ce72b34f968ae0915517dcd14d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ku.mu&inApp53=false&messagesUtk=0fd79e1226114624aac656ad93d6afeb&url=https%3A%2F%2Fku.mu%2Fofferings%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/conversations-visitor/8489305/threads/utk/0fd79e1226114624aac656ad93d6afeb?uuid=4cf956ce72b34f968ae0915517dcd14d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ku.mu&inApp53=false&messagesUtk=0fd79e1226114624aac656ad93d6afeb&url=https%3A%2F%2Fku.mu%2Fofferings%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ku.mu/offerings/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ku.mu/offerings/

Response headers

date
Tue, 08 Dec 2020 15:08:33 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d0eb06b6d3cbb89c24dc4ffbb9d3abf001607440113; expires=Thu, 07-Jan-21 15:08:33 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Mon, 07 Dec 2020 07:35:12 UTC
x-amz-server-side-encryption
AES256
x-amz-version-id
SVizFgDwn6CydYXMGKE7LIXL7EBvzCeY
etag
W/"1e984d2ded979afab141455088c0b9a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9c90b41a9e5ac2856624d29ed4da4235.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
7_FDsjaMsrYGOHUpM1FvIvsV3_Dv5WeTspJpRYo3eSTdJPMBeIhxsQ==
age
2126
access-control-allow-credentials
false
cache-control
max-age=600
x-hs-cache-status
MISS
cf-cache-status
DYNAMIC
cf-request-id
06e47eb5b100002b413bb5d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5fe76702b8d22b41-FRA
content-encoding
br

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ string| GoogleAnalyticsObject function| ga function| setREVStartSize object| revapi22 function| tpj function| revinit_revslider221 boolean| once_revslider221 number| RSIW number| RSIH object| rs_init_css function| revslider_showDoubleJqueryError object| wpcf7 boolean| pp_alreadyInitialized object| jQuery1124014299336866300028 object| Modernizr function| SmoothScroll function| Stellar object| wp function| vc_js function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer string| screen_size function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content boolean| doresize object| scroll_pos boolean| hashtag string| RSBrowser boolean| isSafari11 object| T boolean| _rs_firefox13 boolean| _rs_ie boolean| _rs_ie9 boolean| _rs_desktop object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| PIXELS_RAN object| _hsp object| rdF1 object| rdF0 boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq boolean| _hspb_loaded object| twemoji function| bindToWindowOnError function| OutpostErrorReporter object| __hsCollectedFormsDebug object| _paq boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk

7 Cookies

Domain/Path Name / Value
ku.mu/ Name: __hssrc
Value: 1
.ku.mu/ Name: _gid
Value: GA1.2.275985832.1607440112
ku.mu/ Name: hubspotutk
Value: dd9bd44feb7110774aa8f1eb0f186f13
ku.mu/ Name: __hstc
Value: 44745083.dd9bd44feb7110774aa8f1eb0f186f13.1607440112778.1607440112778.1607440112778.1
.ku.mu/ Name: _gat
Value: 1
ku.mu/ Name: __hssc
Value: 44745083.1.1607440112784
.ku.mu/ Name: _ga
Value: GA1.2.2004445148.1607440112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
eventtracking.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
google-analytics.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
ku.mu
l.sharethis.com
platform-api.sharethis.com
px.ads.linkedin.com
snap.licdn.com
t.sidekickopen83.com
track.hubspot.com
www.google-analytics.com
www.linkedin.com
107.180.1.2
18.195.173.122
2600:9000:20eb:8200:c:abe:f440:93a1
2600:9000:2104:0:1c:8a07:5e80:93a1
2600:9000:2104:1200:c:a9b7:ddc0:93a1
2606:4700::6811:44b0
2606:4700::6811:72b0
2606:4700::6811:83ab
2606:4700::6811:cccc
2606:4700::6811:d3cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6812:171c
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:824::2004
2a02:26f0:eb:39c::25ea
2a05:f500:11:101::b93f:9005
0c40325e4ba55204eb45fb99fdbc6bd283242eb036d5228df5e9a1542567e72d
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
14f50070c4bdbd6f9cfcda1687a00cd9c858fde1b1f8f36b4a9bb0de1cc4be33
16d069407783f0d8ae39e9f6131f531118a70e14c03643df29fac480198f9ae6
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f6aa673915a5afa75faa8d93b5ac2ca27e03738b2bb763bb7bad625cd4f8322
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
34535c4633c75f42189a83b4057da57fedc5c7b5a84c937292aa4778608d7c28
371e8a578dcb2ea4434ccb4df7bcc5e7e79d4bd57575a4fcb9cfbeb732c2bd55
3c55494c8e7e12b54fd60ea4ccebbdd8ee25e7565d3457831302a75bdd8aa012
3c8964f62a5c0d93e31ff17aaa627c884c705ac7117e810917d8ca19852ab8cd
3fafe94898fcef6a09fcddb0c0c089e520580ea43881e633757897cb948ae9b4
41d764db49ec1705c84b60b85bc505a0997616846bf4a8b52849bfcaf8d21909
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
44273b50b37466bb4c3fbc0bfac971830fb96051f5a4d11e37d34e923d43749a
457805fd543ad3666f19378ddabd103b8b92b4bcdeab50acb8af2b6cac4bd392
47a8e53684bbcd47c9e26992e89b5dab8286a377e1bdb8631c64f134e77a9575
47ac2dd0b21d466f3e2fce867f4831f861303624734e91aa2502b84856c62010
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f
480339ff2f16a1415a07ae8aad93edd64710fa89ae7bf11f18c1ff13d917809d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
626803fb348f87bf801d08c56e463f684b1b2f5c3ba2c37c4e61837856303b89
63337f7ae52ff45832c4814546a949695ec72d5fdd8752b6362d14c3848e3b15
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71227d09b4572555770e369aeba9ff162fdaa4345d05755164a18552cd52479f
7f618063d56febc293240fa3a3d8281433f248faa4045a4e076fe45b8d69e9ec
83b538f5411e8634495e5d477d54386a9e8b81954d1803b1bd352420f76c2292
8709aa5127e6deb97e85f99742ee9721f3b712b4139b0ae909751a37bc818ad8
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8e01602c1ef7586d3e8cef12ff659c5924dc88ad57c7d6e14d643b55775e25e6
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
94bec73331d5017232230652b2b624d8865705a54512e9eaabdbcb97aa7cde66
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a42bf26c6f4c60ab40309f94c2a6ce1b5ce8d362360cf9cd5200adb864c6603e
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
b6337363e063b7ce40b160d1986b1bdf24777a93e8e325fbf8f274d76ca6436d
b8734e77d4441697cd3b55fa69224f88f0d11a90ee850612fa8b6dc65ad627cd
bfd21152ea0c9bcb531c55c9effd8f53236711cdcf3e1c6b9f6f6cc242f09bf8
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
d0c133e4b3d0576c4d95ab4c1497631acd42673ca7debbd0085036a57b67d60d
da5075d4703948663321eef625f0ee8e560768ad7867b01c38c4f58a45babf6d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dce9ce07f0e75f38a6677a071eebceb764369b601db4871fb42a626fa2265985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f2fdbf6c120edbed909aa46429db3b1de29096018625219f522db31f2b7b9cfd
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427