savingourplanet.co.uk Open in urlscan Pro
168.138.66.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.savingourplanet.co.uk/
Effective URL:
https://savingourplanet.co.uk/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2024, 8:06:02 am UTC) — Scanned from CA

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 168.138.66.222, located in Montreal, Canada and belongs to ORACLE-BMC-31898, US. The main domain is savingourplanet.co.uk.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.

This is the only time savingourplanet.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 20	168.138.66.222 168.138.66.222		31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	142.251.40.202 142.251.40.202		15169 (GOOGLE) (GOOGLE)
3	142.251.35.163 142.251.35.163		15169 (GOOGLE) (GOOGLE)
25	4

20 168.138.66.222 (Montreal, Canada) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

www.savingourplanet.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
savingourplanet.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.202 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	savingourplanet.co.uk 2 redirects www.savingourplanet.co.uk savingourplanet.co.uk	402 KB
3	gstatic.com fonts.gstatic.com	112 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
25	3

	Domain	Requested by
19	savingourplanet.co.uk	1 redirects savingourplanet.co.uk
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	savingourplanet.co.uk
1	www.savingourplanet.co.uk	1 redirects
25	4

This site contains links to these domains. Also see Links.

Domain
wp-royal-themes.com

Subject Issuer	Validity	Valid
savingourplanet.co.uk R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://savingourplanet.co.uk/
Frame ID: AFE58690AF5ABE81C470C0FB9FADB102
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Saving Our Planet

Page URL History Show full URLs

https://www.savingourplanet.co.uk/ HTTP 301
https://savingourplanet.co.uk/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

517 kB
Transfer

1002 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wp-royal-themes.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.savingourplanet.co.uk/ HTTP 301
https://savingourplanet.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://savingourplanet.co.uk/favicon.ico HTTP 302
https://savingourplanet.co.uk/wp-includes/images/w-logo-blue-white-bg.png

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
savingourplanet.co.uk/
Redirect Chain

https://www.savingourplanet.co.uk/
https://savingourplanet.co.uk/

37 KB
8 KB

349ms
326ms

Document
text/html

168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: c8bfcf17b30afa3a7e0d0e6db3833a47ff4ad8e977627f551bd0e390bcff2d6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-length: 8204
content-type: text/html; charset=UTF-8
date: Fri, 30 Aug 2024 08:05:50 GMT
link: <https://savingourplanet.co.uk/wp-json/>; rel="https://api.w.org/"
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 30 Aug 2024 08:05:49 GMT
location: https://savingourplanet.co.uk/
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-redirect-by: WordPress

GET
H2 200 style.min.css
savingourplanet.co.uk/wp-includes/css/dist/block-library/ 110 KB
14 KB 74ms
67ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 00:04:19 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "1b723-61df305107508-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 13741

GET
H2 200 style.css
savingourplanet.co.uk/wp-content/themes/bard/ 57 KB
11 KB 35ms
29ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/style.css?ver=1.4.9.8
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 5ce016c41b5e01ec2f4b47faa4fbe57428878040358d4e6089c290a665034e6b

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "e532-61d84612fe4c4-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 10611

GET
H2 200 all.min.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontawesome/ 58 KB
12 KB 43ms
36ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontawesome/all.min.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: ae70aace349f53859b5eaf602f75724b80104e90534289291b2d45f7ff25639d

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "e872-61d84612ea472-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 12406

GET
H2 200 fontello.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/ 1 KB
668 B 39ms
32ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontello.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 3cac5766b62e3fca8117a35db8c11deac3717940420940a15149ece5cab3ddc1

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "491-61d84612ea472-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 390

GET
H2 200 slick.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/ 1 KB
664 B 73ms
67ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/slick.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "537-61d84612ea85a-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 386

GET
H2 200 perfect-scrollbar.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/ 1 KB
582 B 76ms
69ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/perfect-scrollbar.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "582-61d84612ea472-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 304

GET
H2 200 woocommerce.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/ 17 KB
3 KB 75ms
68ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/woocommerce.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: fb8dc082a8843a6d6d21eb2e6dbb58851eefef94f5e4c8eab6fecb7283e90eb3

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "4423-61d84612ea85a-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 2982

GET
H2 200 responsive.css
savingourplanet.co.uk/wp-content/themes/bard/assets/css/ 12 KB
2 KB 75ms
68ms Stylesheet
text/css 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/responsive.css?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 30316bfb7a9e9e538fd571603833a795cea894fc2378329599e67bc7d991ba31

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "2e9a-61d84612ea85a-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 2003

GET
H2 200 css
fonts.googleapis.com/ 17 KB
902 B 148ms
69ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Requested by

Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

73b108ec38c4e63c2fd9315c6feb266ec86dd42de3dbc3c0e80fba68930c8867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 06:37:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 08:05:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 131ms
52ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Requested by

Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 07:03:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 08:05:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
518 B 132ms
53ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arizonia%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Requested by

Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

08660e81fd09ec3741b2d00497c6d7b2c6f337b73454ba8ffde4680cde941552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 08:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 08:05:50 GMT

GET
H2 200 jquery.min.js Show response
savingourplanet.co.uk/wp-includes/js/jquery/ 86 KB
29 KB 98ms
92ms Script
text/javascript 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "15601-603fed35e19c0-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 29769

GET
H2 200 jquery-migrate.min.js Show response
savingourplanet.co.uk/wp-includes/js/jquery/ 13 KB
5 KB 74ms
69ms Script
text/javascript 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "3509-5fdabee5f2100-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 4685

GET
H2 200 custom-plugins.js Show response
savingourplanet.co.uk/wp-content/themes/bard/assets/js/ 141 KB
25 KB 84ms
79ms Script
text/javascript 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/js/custom-plugins.js?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 16d52cfaa0b1ba2dc78a1d48d4eae63634677bb956692be8c2a0e622f2d9f262

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "23500-61d84612fc584-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 25373

GET
H2 200 custom-scripts.js Show response
savingourplanet.co.uk/wp-content/themes/bard/assets/js/ 5 KB
2 KB 74ms
69ms Script
text/javascript 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/js/custom-scripts.js?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: ccc5759705a62f0b8ae7f25fb61f5790dc56d011df518f59d9cc5841037775d8

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "13e9-61d84612fc96c-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 1577

GET 13c99e3c-8c82-4cec-9d8f-1202afa0d4ec
https://savingourplanet.co.uk/ 0
0

GET
H2 200 wp-emoji-release.min.js Show response
savingourplanet.co.uk/wp-includes/js/ 18 KB
5 KB 28ms
28ms Script
text/javascript 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:54:26 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "4926-61525d3852bd3-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 4667

GET
H2 200 header_bg.jpg
savingourplanet.co.uk/wp-content/themes/bard/assets/images/ 199 KB
199 KB 28ms
28ms Image
image/jpeg 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/images/header_bg.jpg
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 61a1f363b8f5324f1bda19873441e5f3b69eed7c7a062bab55b2a392ffac10f6

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "31a1f-61d84612f8ed3"
content-type: image/jpeg
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 203295

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 161ms
85ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingourplanet.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 13:12:06 GMT
x-content-type-options: nosniff
age: 586424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 13:12:06 GMT

GET
H2 200 neIIzCemt4A5qa7mv5WBFqw.woff2
fonts.gstatic.com/s/arizonia/v21/ 32 KB
33 KB 107ms
32ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arizonia/v21/neIIzCemt4A5qa7mv5WBFqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arizonia%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

03755c1b9cdc5ca00766071ba26076a4538cd9b5620c5596c55e5d4ed255f1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingourplanet.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:04:27 GMT
x-content-type-options: nosniff
age: 7283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33024
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:48:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 06:04:27 GMT

GET
H2 200 fa-solid-900.woff2
savingourplanet.co.uk/wp-content/themes/bard/assets/fonts/webfonts/ 76 KB
77 KB 43ms
42ms Font
font/woff2 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/fonts/webfonts/fa-solid-900.woff2
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontawesome/all.min.css?ver=6.6.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontawesome/all.min.css?ver=6.6.1
Origin: https://savingourplanet.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "13174-61d84612f737b"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 78196

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 141ms
66ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingourplanet.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 04:20:13 GMT
x-content-type-options: nosniff
age: 13537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 04:20:13 GMT

GET
H2 200 fontello.woff2
savingourplanet.co.uk/wp-content/themes/bard/assets/fonts/ 3 KB
3 KB 42ms
42ms Font
font/woff2 168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/fonts/fontello.woff2?5381655
Requested by: Host: savingourplanet.co.uk
URL: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontello.css?ver=6.6.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 8f82686881a7e125e2e80836a3d9010f681ec071c64779111dc8fa6c814d0dea

Request headers

Referer: https://savingourplanet.co.uk/wp-content/themes/bard/assets/css/fontello.css?ver=6.6.1
Origin: https://savingourplanet.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:50 GMT
last-modified: Thu, 18 Jul 2024 12:04:23 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "ab0-61d84612eac42"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 2736

GET
H2

200

w-logo-blue-white-bg.png
savingourplanet.co.uk/wp-includes/images/
Redirect Chain

https://savingourplanet.co.uk/favicon.ico
https://savingourplanet.co.uk/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

30ms
29ms

Other
image/png

168.138.66.222
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://savingourplanet.co.uk/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 168.138.66.222 Montreal, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Apache/2.4.38 /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer: https://savingourplanet.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:05:51 GMT
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
etag: "1017-5d0dca9a37e40"
content-type: image/png
accept-ranges: bytes
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 4119

Redirect headers

date: Fri, 30 Aug 2024 08:05:51 GMT
sameorig: X-Frame-Options: SAMEORIGIN
server: Apache/2.4.38
x-redirect-by: WordPress
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://savingourplanet.co.uk/wp-includes/images/w-logo-blue-white-bg.png
link: <https://savingourplanet.co.uk/wp-json/>; rel="https://api.w.org/"
ssl: Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: savingourplanet.co.uk
URL: blob:https://savingourplanet.co.uk/13c99e3c-8c82-4cec-9d8f-1202afa0d4ec

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| $ function| jQuery function| bardPreloader function| bardstickySidebar object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
savingourplanet.co.uk
www.savingourplanet.co.uk
savingourplanet.co.uk
142.251.35.163
142.251.40.202
168.138.66.222
03755c1b9cdc5ca00766071ba26076a4538cd9b5620c5596c55e5d4ed255f1d7
08660e81fd09ec3741b2d00497c6d7b2c6f337b73454ba8ffde4680cde941552
16d52cfaa0b1ba2dc78a1d48d4eae63634677bb956692be8c2a0e622f2d9f262
30316bfb7a9e9e538fd571603833a795cea894fc2378329599e67bc7d991ba31
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cac5766b62e3fca8117a35db8c11deac3717940420940a15149ece5cab3ddc1
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5ce016c41b5e01ec2f4b47faa4fbe57428878040358d4e6089c290a665034e6b
614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354
61a1f363b8f5324f1bda19873441e5f3b69eed7c7a062bab55b2a392ffac10f6
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
73b108ec38c4e63c2fd9315c6feb266ec86dd42de3dbc3c0e80fba68930c8867
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8f82686881a7e125e2e80836a3d9010f681ec071c64779111dc8fa6c814d0dea
ae70aace349f53859b5eaf602f75724b80104e90534289291b2d45f7ff25639d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8bfcf17b30afa3a7e0d0e6db3833a47ff4ad8e977627f551bd0e390bcff2d6c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccc5759705a62f0b8ae7f25fb61f5790dc56d011df518f59d9cc5841037775d8
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
fb8dc082a8843a6d6d21eb2e6dbb58851eefef94f5e4c8eab6fecb7283e90eb3