199.21.134.191 Open in urlscan Pro
199.21.134.191  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 199.21.134.191/	210 KB 210 KB	514ms 142ms	Document text/html	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Full URL http://199.21.134.191/ Protocol HTTP/1.1 Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 4eb42e68de756f3c98280ac04b8163dc2ccaf432f9305b077d1ff430519ff7f5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host 199.21.134.191 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:26 GMT X-Frame-Options SAMEORIGIN Accept-Ranges bytes P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" X-UA-Compatible IE=edge Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	style.10.css 199.21.134.191/_assets/css/	89 KB 89 KB	609ms 134ms	Stylesheet text/css	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Full URL http://199.21.134.191/_assets/css/style.10.css Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash c006ce5919f0bb3f21c800c31ac7f8331bfca7aa3662d952da2fe16294781eeb Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:26 GMT Last-Modified Thu, 30 May 2019 19:00:07 GMT ETag "16419-58a1f81a13bc0" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=15, max=99 Content-Length 91161 X-UA-Compatible IE=edge
GET		zia0stx.js use.typekit.net/	0 0
GET H/1.1	200 OK	thrivent-logo.svg 199.21.134.191/_assets/icons/	11 KB 11 KB	388ms 132ms	Image image/svg+xml	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/_assets/icons/thrivent-logo.svg Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash e830fc97420a1718eabf55ea37988a3e96890573c8d907a330da8e2dc6265185 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:26 GMT Last-Modified Tue, 08 May 2018 18:45:43 GMT ETag "2aba-56bb63192cdcd" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/svg+xml Keep-Alive timeout=15, max=98 Content-Length 10938 X-UA-Compatible IE=edge
GET H/1.1	200 OK	co-op_logo.png 199.21.134.191/images/	14 KB 14 KB	288ms 131ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/images/co-op_logo.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 5916d09ff3c2790b272ed1d5dc8da9578194c3eb7729eff9a619525facf4ef92 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:14 GMT ETag "36d3-56bb62fd4cc5f" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=96 Content-Length 14035 X-UA-Compatible IE=edge
GET H/1.1	200 OK	equal-housing.png 199.21.134.191/_assets/images/	4 KB 5 KB	384ms 131ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/_assets/images/equal-housing.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 573ed807ce31502d334155c0bf74fd86aace9ad0e11fd53b9c8ba7f5db475e71 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:14 GMT ETag "111b-56bb62fd9a2a6" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=95 Content-Length 4379 X-UA-Compatible IE=edge
GET H/1.1	200 OK	ncua.png 199.21.134.191/_assets/images/	3 KB 4 KB	421ms 132ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/_assets/images/ncua.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash ad4ca88da675594ed079b371cbf394029f24e27262d377df92f9bf1a2771f66d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:43 GMT ETag "de1-56bb6318f532e" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=97 Content-Length 3553 X-UA-Compatible IE=edge
GET H/1.1	200 OK	jquery-3.1.1.min.js Show response 199.21.134.191/_assets/js/	85 KB 85 KB	132ms 131ms	Script application/x-javascript	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Full URL http://199.21.134.191/_assets/js/jquery-3.1.1.min.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=15, max=98 Content-Length 86709 X-UA-Compatible IE=edge
GET H/1.1	200 OK	plugins.js Show response 199.21.134.191/_assets/js/	70 KB 70 KB	503ms 131ms	Script application/x-javascript	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Full URL http://199.21.134.191/_assets/js/plugins.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash a3dbf485229eea89a5e92b07887a4326f301c66c604741350e1e9f60e08b47ad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=15, max=95 X-UA-Compatible IE=edge
GET H/1.1	200 OK	addthis_widget.js Show response s7.addthis.com/js/300/	344 KB 110 KB	303ms 27ms	Script application/javascript	23.210.248.44 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://s7.addthis.com/js/300/addthis_widget.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-44.deploy.static.akamaitechnologies.com Software / Resource Hash 20788a06293ee82af16b16a8030dc6fd7a15fb17b56734f0778e88d6b0c6f2ae Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Content-Encoding gzip Last-Modified Wed, 31 Jul 2019 17:18:47 GMT ETag "5d41cd77-561b5" Vary Accept-Encoding X-Distribution 98 Content-Type application/javascript Cache-Control public, max-age=600 X-Host s7.addthis.com Connection keep-alive Accept-Ranges bytes Content-Length 112481
GET H/1.1	200 OK	1355991 Show response cdnapisec.kaltura.com/p/1355991/sp/135599100/embedIframeJs/uiconf_id/26409621/partner_id/	87 KB 25 KB	385ms 363ms	Script text/javascript	2a02:26f0:10c:38c::123d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdnapisec.kaltura.com/p/1355991/sp/135599100/embedIframeJs/uiconf_id/26409621/partner_id/1355991 Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:10c:38c::123d , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash 51aadda4c20fe81e823bc28659aae64a2e48eaf1e2a8a5e174558d9fc25c88b0 Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Kaltura dumpUrl X-Me ny-front-api1, ny-front-api1 Date Tue, 06 Aug 2019 14:27:27 GMT Content-Encoding gzip Connection keep-alive Content-Length 24680 Pragma Last-Modified Tue, 06 Aug 2019 14:27:27 GMT Server Apache ETag cefa428fd28fd0b3f107d09c3687c934 Vary Accept-Encoding Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=553 X-Kaltura-Session 783276596 Expires Tue, 06 Aug 2019 14:36:40 GMT
GET H/1.1	200 OK	hammer.min.js Show response 199.21.134.191/_assets/js/	20 KB 21 KB	148ms 144ms	Script application/x-javascript	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Full URL http://199.21.134.191/_assets/js/hammer.min.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=15, max=100 Content-Length 20771 X-UA-Compatible IE=edge
GET H/1.1	200 OK	2674928.js Show response js.hs-scripts.com/	2 KB 1 KB	30ms 24ms	Script application/javascript	2606:4700::6811:d4cc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://js.hs-scripts.com/2674928.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ff9963b624e3631da1e92effae8a8d8330be3e457e6324f5613430a078f1078e Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status HIT Age 0 Cf-Polished origSize=2185 Transfer-Encoding chunked Connection keep-alive Cf-Bgj minify Server cloudflare X-Trace 2B0F99F81D7BF57DE4A34742B5F87F8FF0B28C41F4000000000000000000 Access-Control-Max-Age 3600 Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin http://199.21.134.191 Cache-Control public, max-age=60 Access-Control-Allow-Credentials true CF-RAY 5021b10eecf3dfcf-FRA Expires Tue, 06 Aug 2019 14:28:27 GMT
GET		conversion.js www.googleadservices.com/pagead/	0 0
GET DATA	200 OK	truncated /	5 KB 5 KB		Image img/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 58589278b621befe72ed71185f183c2349366d0c977e985908e93b6ec64d4856 Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type img/png
GET H/1.1	200 OK	homepage-hero.png 199.21.134.191/images/	213 KB 213 KB	264ms 133ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/images/homepage-hero.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 9306dc4b67eaceba5a7e3dc9841b4dae2dd728ecd90ad0c605c9f7a310b7979c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/_assets/css/style.10.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:42 GMT ETag "352df-56bb631872187" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=96 Content-Length 217823 X-UA-Compatible IE=edge
GET H/1.1	200 OK	welcome_members_module.png 199.21.134.191/images/	44 KB 44 KB	226ms 133ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/images/welcome_members_module.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash dbda2697d8423f09de4e0bf1177340486637d987c8ff9c9440059052552ae8ed Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/_assets/css/style.10.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:42 GMT ETag "aec4-56bb63186b80f" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=99 Content-Length 44740 X-UA-Compatible IE=edge
GET H/1.1	200 OK	infographic-teaser.png 199.21.134.191/images/	64 KB 64 KB	263ms 131ms	Image image/png	199.21.134.191 Thrivent Financia...
General Check archive.org Show headers Download Go to Show image Full URL http://199.21.134.191/images/infographic-teaser.png Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol HTTP/1.1 Security , , Server 199.21.134.191 , United States, ASN21651 (THRIVENTFINANCIAL - Thrivent Financial for Lutherans, US), Reverse DNS Software / Resource Hash 5d03c21ec2cd5d743abb3397c43fb334fdb4870cc391c056de7abbd00aea9803 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://199.21.134.191/_assets/css/style.10.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Last-Modified Tue, 08 May 2018 18:45:14 GMT ETag "ff79-56bb62fd4e7b7" X-Frame-Options SAMEORIGIN P3P CP="CAO DSP COR ADM DEV PSA IVA CONo OUR SAM PUBi IND UNI" Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=94 Content-Length 65401 X-UA-Compatible IE=edge
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	85 KB 23 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 content-length 22680 x-xss-protection 0 pragma public x-fb-debug jRv428lDCgcnIetTll3FAuBGDM+Xq0FIHXqmzjMedoAqCw0ih+Z5KDWG7fflVM5GKJbZ9GVuEXXxx4wbsgOGJA== x-fb-trip-id 997090344 x-frame-options DENY date Tue, 06 Aug 2019 14:27:27 GMT vary Origin, Accept-Encoding access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET		uwt.js static.ads-twitter.com/	0 0
GET H/1.1	200 OK	2674928.js Show response js.hs-analytics.net/analytics/1565101500000/	73 KB 25 KB	138ms 132ms	Script text/javascript	2606:4700::6811:47b0 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://js.hs-analytics.net/analytics/1565101500000/2674928.js Requested by Host: js.hs-scripts.com URL: http://js.hs-scripts.com/2674928.js Protocol HTTP/1.1 Security , , Server 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 931b9b6f82c642e1ba56833f4d0084e30fd637b2e51557e34d3e793650b6879c Request headers Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 06 Aug 2019 14:27:27 GMT Content-Encoding gzip CF-Cache-Status MISS x-amz-request-id CED47B0CFE194CE4 Transfer-Encoding chunked Connection keep-alive x-amz-id-2 pxxh4a51V7OW1xtjmx6UL/b/S4IzfA6CYSyUJS5G77BnGSCIv5ap+46izeg2HB7OTh7n7YRWU9k= CF-RAY 5021b1108c18dfa5-FRA Last-Modified Fri, 02 Aug 2019 19:34:02 GMT Server cloudflare ETag W/"543a84c051dee117ec36313120c2d070" Vary Accept-Encoding x-amz-version-id null Cache-Control max-age=300, public Access-Control-Allow-Credentials false Content-Type text/javascript Expires Tue, 06 Aug 2019 14:32:27 GMT
GET H2	200	fb.js Show response js.hsadspixel.net/	4 KB 2 KB	39ms 21ms	Script application/javascript	2606:4700::6811:72b0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: http://js.hs-scripts.com/2674928.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e4ecd22884184b8cd4407056cea33b66291e586473a9ec3d0c9f7af055a49706 Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 06 Aug 2019 14:27:27 GMT via 1.1 29e9afe5efcd089dc05c8c157066682e.cloudfront.net (CloudFront) cf-cache-status HIT age 343 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED content-encoding gzip content-type application/javascript; charset=utf-8 last-modified Tue, 25 Jun 2019 11:48:49 GMT server cloudflare etag W/"7c3f64bb0491f9a9343a12e79598c74e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id YJYAGwoTLQMoAp2eXmSReZ4HdLRAHcbA cache-control max-age=600 x-amz-cf-pop IAD89-C2 cf-ray 5021b1109ca9650f-FRA x-amz-cf-id Mc5DBkgt3JyX6L678C7JrkcT30Tq41fJfELGKfsqOlgyYdHVeqv1Gg==
GET H2	200	leadflows.js Show response js.hsleadflows.net/	373 KB 61 KB	175ms 149ms	Script application/javascript	2606:4700::6811:e7cc Cloudflare
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: http://js.hs-scripts.com/2674928.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 442a63a4947b79848b8c57fe659148646d132e2939fb6ba7af944002a0ff6a43 Request headers Sec-Fetch-Mode cors Referer http://199.21.134.191/ Origin http://199.21.134.191 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 06 Aug 2019 14:27:27 GMT via 1.1 91ed69d49df50f5558b0d5ebe4b3af7a.cloudfront.net (CloudFront) vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status MISS x-amz-cf-pop IAD79-C2 cf-ray 5021b110af99bed8-FRA x-cache Miss from cloudfront status 200 x-amz-replication-status COMPLETED content-encoding br last-modified Mon, 13 May 2019 03:13:58 GMT server cloudflare etag W/"47a1f205b496f390c6bc7a1c47139d4a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id ET4X9Gad3zjGhIuhN.Hd1R0kjk1_nK5J access-control-allow-origin * cache-control max-age=600 content-type application/javascript; charset=utf-8 x-amz-cf-id EGfuY9EO892KPDumS3qAelW-m4Zm9t3AWhLN8ISpkdaD_T8lKDHcdw==
GET H2	200	conversations-embed.js Show response js.usemessages.com/	57 KB 14 KB	64ms 31ms	Script application/javascript	2606:4700::6811:efcc Cloudflare
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: http://js.hs-scripts.com/2674928.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 130b1e1c52f7c50087f49bb58b264d198e04db599a0a91a5b69fab49b9597086 Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 06 Aug 2019 14:27:27 GMT via 1.1 a805f3562e8099c23b78cf69c21f7835.cloudfront.net (CloudFront) cf-cache-status HIT age 245 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED content-encoding br content-type application/javascript; charset=utf-8 last-modified Tue, 06 Aug 2019 01:23:05 GMT server cloudflare etag W/"9c97fce397b9610f89c240eb689f6508" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id YIHz1yenSThtjHGyf.2aVjIatHNGC_A1 cache-control max-age=600 x-amz-cf-pop IAD79-C1 cf-ray 5021b110c81297d8-FRA x-amz-cf-id HpEwrmwG4iJlEuUOedAEamXlu8_jMfxN9zFo0zV1Rgvbwq4XbmtPdw==
GET H2	200	1331339106927139 Show response connect.facebook.net/signals/config/	33 KB 10 KB	50ms 49ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1331339106927139?v=2.9.2&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash cdbddccee85ef9afe927c33b982863fdf2d9d196cc1efae5d250bd3d1659562f Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 x-xss-protection 0 pragma public x-fb-debug X7/XCGj/mzmRrqi5qBhiJFchsqubzgGFvtRqam0WB1ZR5rJSJS1Vldr+Fm5/wheXr4VeRjMxc6J4xEVkukWVCg== x-fb-trip-id 997090344 x-frame-options DENY date Tue, 06 Aug 2019 14:27:27 GMT vary Origin, Accept-Encoding access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 324 B	18ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1331339106927139&ev=PageView&dl=http%3A%2F%2F199.21.134.191%2F&rl=&if=false&ts=1565101647510&sw=1600&sh=1200&v=2.9.2&r=stable&ec=0&o=28&it=1565101647454&coo=false&rqm=GET Requested by Host: 199.21.134.191 URL: http://199.21.134.191/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 06 Aug 2019 14:27:27 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Tue, 06 Aug 2019 14:27:27 GMT
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	3 KB 2 KB	141ms 105ms	XHR application/json	2606:4700::6810:fa05 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2674928&currentUrl=http%3A%2F%2F199.21.134.191%2F Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 26eae415a8dad7523a6f2ae34037554d96e9932bc987b716f4508d34f1bb889b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Sec-Fetch-Mode cors Referer http://199.21.134.191/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 06 Aug 2019 14:27:37 GMT content-encoding br vary Accept-Encoding cf-ray 5021b1507cf8c2d1-FRA status 200 strict-transport-security max-age=31536000; includeSubDomains; preload server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin http://199.21.134.191 cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

use.typekit.net

URL

https://use.typekit.net/zia0stx.js

Domain

www.googleadservices.com

URL

http://www.googleadservices.com/pagead/conversion.js

Domain

static.ads-twitter.com

URL

http://static.ads-twitter.com/uwt.js

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| digitalData function| $ function| jQuery function| waitForFinalEvent function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| placeShareBox function| loadAddThis string| logIfInIframe string| MWEMBED_VERSION string| SCRIPT_LOADER_URL object| KWidget object| kWidget function| kIsIOS function| kSupportsHTML5 function| kGetFlashVersion function| kSupportsFlash function| kalturaIframeEmbed function| kOutputFlashObject function| kIsHTML5FallForward function| kIframeWithoutApi function| kDirectDownloadFallback function| kGetKalturaEmbedSettings function| kGetKalturaPlayerList function| kCheckAddScript function| kAddScript function| kPageHasAudioOrVideoTags function| kLoadJsRequestSet function| kOverideJsFlashEmbed function| kDoIframeRewriteList function| kEmbedSettingsToUrl function| kGetAdditionalTargetCss function| kAppendCssUrl function| kAppendScriptUrl function| kFlashVars2Object function| kFlashVarsToUrl function| kFlashVarsToString function| kServiceConfigToUrl function| kRunMwDomReady function| restoreKalturaKDPCallback object| DomReady object| mw object| preMwEmbedReady object| preMwEmbedConfig function| md5 function| jsCallbackReady function| Hammer function| homeMultiCarousel function| homeFeaturesCaoursel function| heroCarousel function| fbq function| _fbq function| twq string| adroll_adv_id string| adroll_pix_id number| google_conversion_id undefined| google_custom_params boolean| google_remarketing_only boolean| PIXELS_RAN object| _hsq object| _paq boolean| _hstc_loaded function| defineProperties object| globalRoot undefined| hns object| leadflows function| hmerge object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnapisec.kaltura.com/p/1355991/sp/135599100/embedIframeJs/uiconf_id/26409621/partner_id/1355991(Line 51) Message: kWidget: Kaltura HTML5 Version: 2.71.5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnapisec.kaltura.com
connect.facebook.net
forms.hubspot.com
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
s7.addthis.com
static.ads-twitter.com
use.typekit.net
www.facebook.com
www.googleadservices.com
static.ads-twitter.com
use.typekit.net
www.googleadservices.com
199.21.134.191
23.210.248.44
2606:4700::6810:fa05
2606:4700::6811:47b0
2606:4700::6811:72b0
2606:4700::6811:d4cc
2606:4700::6811:e7cc
2606:4700::6811:efcc
2a02:26f0:10c:38c::123d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130b1e1c52f7c50087f49bb58b264d198e04db599a0a91a5b69fab49b9597086
20788a06293ee82af16b16a8030dc6fd7a15fb17b56734f0778e88d6b0c6f2ae
26eae415a8dad7523a6f2ae34037554d96e9932bc987b716f4508d34f1bb889b
442a63a4947b79848b8c57fe659148646d132e2939fb6ba7af944002a0ff6a43
4eb42e68de756f3c98280ac04b8163dc2ccaf432f9305b077d1ff430519ff7f5
51aadda4c20fe81e823bc28659aae64a2e48eaf1e2a8a5e174558d9fc25c88b0
573ed807ce31502d334155c0bf74fd86aace9ad0e11fd53b9c8ba7f5db475e71
58589278b621befe72ed71185f183c2349366d0c977e985908e93b6ec64d4856
5916d09ff3c2790b272ed1d5dc8da9578194c3eb7729eff9a619525facf4ef92
5d03c21ec2cd5d743abb3397c43fb334fdb4870cc391c056de7abbd00aea9803
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7
9306dc4b67eaceba5a7e3dc9841b4dae2dd728ecd90ad0c605c9f7a310b7979c
931b9b6f82c642e1ba56833f4d0084e30fd637b2e51557e34d3e793650b6879c
a3dbf485229eea89a5e92b07887a4326f301c66c604741350e1e9f60e08b47ad
ad4ca88da675594ed079b371cbf394029f24e27262d377df92f9bf1a2771f66d
c006ce5919f0bb3f21c800c31ac7f8331bfca7aa3662d952da2fe16294781eeb
c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa
cdbddccee85ef9afe927c33b982863fdf2d9d196cc1efae5d250bd3d1659562f
dbda2697d8423f09de4e0bf1177340486637d987c8ff9c9440059052552ae8ed
e4ecd22884184b8cd4407056cea33b66291e586473a9ec3d0c9f7af055a49706
e830fc97420a1718eabf55ea37988a3e96890573c8d907a330da8e2dc6265185
ff9963b624e3631da1e92effae8a8d8330be3e457e6324f5613430a078f1078e