urlscan.io logo urlscan.io
SecurityTrails logo

us-west.com Open in urlscan Pro
67.166.38.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://us-west.com/
Effective URL: https://us-west.com/
Submission: On September 14 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 67.166.38.228, located in Boulder, United States and belongs to COMCAST-7922, US. The main domain is us-west.com.
TLS certificate: Issued by R3 on July 30th 2023. Valid for: 3 months.
This is the only time us-west.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 67.166.38.228 7922 (COMCAST-7922)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.26.0.73 13335 (CLOUDFLAR...)
4 4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a04:4e42::347 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
19 6
7    67.166.38.228 (Boulder, United States)

ASN7922 (COMCAST-7922, US)
PTR: c-67-166-38-228.hsd1.co.comcast.net
us-west.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.26.0.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.startbootstrap.com
4    2606:4700:20::681a:41e (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
4    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 picsum.photos
picsum.photos — Cisco Umbrella Rank: 64544
fastly.picsum.photos — Cisco Umbrella Rank: 109661
399 KB
7 us-west.com
us-west.com
775 KB
4 gstatic.com
fonts.gstatic.com
93 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
122 KB
2 startbootstrap.com
cdn.startbootstrap.com — Cisco Umbrella Rank: 415157
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
921 B
19 6
Domain Requested by
7 us-west.com 1 redirects us-west.com
4 fonts.gstatic.com fonts.googleapis.com
4 fastly.picsum.photos us-west.com
4 picsum.photos 4 redirects
3 cdn.jsdelivr.net us-west.com
cdn.jsdelivr.net
2 cdn.startbootstrap.com 1 redirects us-west.com
1 fonts.googleapis.com us-west.com
19 7

This site contains no links.

Subject Issuer Validity Valid
*.us-west.com
R3		 2023-07-30 -
2023-10-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://us-west.com/
Frame ID: 552524BCEE2AD4C03F96C86264B04E9B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OurCompany

Page URL History Show full URLs

  1. http://us-west.com/ HTTP 301
    https://us-west.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

74 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

1392 kB
Transfer

1513 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://us-west.com/ HTTP 301
    https://us-west.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cdn.startbootstrap.com/sb-forms-latest.js HTTP 302
  • https://cdn.startbootstrap.com/sb-forms-0.4.1.js
Request Chain 9
  • https://picsum.photos/1900/1200 HTTP 302
  • https://fastly.picsum.photos/id/141/1900/1200.jpg?hmac=O_V715p0IrnQBLlsM2E7kutLMxZ9lx27WC7k9h7ADJQ
Request Chain 10
  • https://picsum.photos/900/600 HTTP 302
  • https://fastly.picsum.photos/id/569/900/600.jpg?hmac=TKkGrhfYJjRUh_-CSHvK0ZOMQXnJobR4_3QTtN2jIYI
Request Chain 11
  • https://picsum.photos/900/601 HTTP 302
  • https://fastly.picsum.photos/id/254/900/601.jpg?hmac=iBM_AP5CKXWkNnl4fzKNMaMJ7f-zE4IJ_Iu8Es-mjiE
Request Chain 12
  • https://picsum.photos/900/602 HTTP 302
  • https://fastly.picsum.photos/id/433/900/602.jpg?hmac=yHFQeEncvn0eEPm7GRBJXp1PJmVpU3PSrkDFg0D0ouQ

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
us-west.com/
Redirect Chain
  • http://us-west.com/
  • https://us-west.com/
14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash
6dca456b24f80bb55f99c5b749bf267000cb5843c4cf7014179ebff45f1639bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 14 Sep 2023 21:52:40 GMT
etag
W/"61fe04ab-36fc"
last-modified
Sat, 05 Feb 2022 05:01:31 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 14 Sep 2023 21:52:39 GMT
Location
https://us-west.com/
Server
nginx
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11759860
x-jsd-version
1.5.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230101-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6eEgFDGY7F8QfiQSmhX7khu3vqR9umxq3HEomvZN0dJ1BojzjrsPxV9LhcOK10iP5EO%2FGq2R1Utu0pu5L6bDH8uhCVyLhIOrgHO%2FmNmt%2B5tyEs2UAxcZkcyF9EeztX4QTD6JM3yK%2FwmbeDfptA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
806bdbbcac3abbaf-FRA
css
fonts.googleapis.com/ 		4 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 21:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 21:01:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 21:52:40 GMT
styles.css
us-west.com/css/ 		204 KB
204 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-west.com/css/styles.css
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash
02a9804f3c8ef3e1bd754e7a1c0ae5055c74105a19030b645fedb8d2724ce797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
last-modified
Sat, 05 Feb 2022 04:59:51 GMT
server
nginx
accept-ranges
bytes
etag
"61fe0447-32f19"
content-length
208665
content-type
text/css
testimonials-1.jpg
us-west.com/assets/img/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-west.com/assets/img/testimonials-1.jpg
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash
443c856aaeb47ff0248d814a2b61af156cd79131403b1222602d3b033a41fb58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
last-modified
Sat, 05 Feb 2022 05:00:23 GMT
server
nginx
accept-ranges
bytes
etag
"61fe0467-215c1"
content-length
136641
content-type
image/jpeg
testimonials-2.jpg
us-west.com/assets/img/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-west.com/assets/img/testimonials-2.jpg
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash
c3d8611d6957eeebb278504294f31359a1d1fdbdd92f991485902dab0020ab4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
last-modified
Sat, 05 Feb 2022 05:00:23 GMT
server
nginx
accept-ranges
bytes
etag
"61fe0467-2f3e1"
content-length
193505
content-type
image/jpeg
testimonials-3.jpg
us-west.com/assets/img/ 		244 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-west.com/assets/img/testimonials-3.jpg
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash
dd264739495071ee8dd9155c5374a5f5e0369b6844788f9fe221d354e4c4fb94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
last-modified
Sat, 05 Feb 2022 05:00:23 GMT
server
nginx
accept-ranges
bytes
etag
"61fe0467-3d194"
content-length
250260
content-type
image/jpeg
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15979183
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230075-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qJzL6H7kcQWdhnr%2BlfJijbFa1oQ7frWR7VTiaGkgG%2BCSObZevAJXwJttZRhajn6DVlyUyNRRUhcgQhVpE%2Bup1e7on1ZiBB0xoX0tjcvlKxD8uC40y3fkVHth3h%2F7JpQB%2Bwp%2FanY5pAdm3QtFmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
806bdbbcac3cbbaf-FRA
scripts.js
us-west.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://us-west.com/js/scripts.js
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.166.38.228 Boulder, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
c-67-166-38-228.hsd1.co.comcast.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
content-encoding
gzip
server
nginx
content-type
text/html
sb-forms-0.4.1.js
cdn.startbootstrap.com/
Redirect Chain
  • https://cdn.startbootstrap.com/sb-forms-latest.js
  • https://cdn.startbootstrap.com/sb-forms-0.4.1.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.startbootstrap.com/sb-forms-0.4.1.js
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Server
104.26.0.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c961078cfedf024e31ed276b96245dab929c1490256f484eaaee5e3a60c987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2293
x-guploader-uploadid
ADPycduFwkeN8EklVJKHj5Lc1PcXB4lFqwCUX6bC2svVo4Y3QKOWYNyPtFfA7E2lHLkhS_gLuQ0zcxYr4EoblDQzIIwTws9VKzGm
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 14 Jul 2021 12:27:46 GMT
server
cloudflare
etag
W/"396b27944606ab87c159d9f8d7a3a205"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1626265666422588
content-type
text/javascript
x-goog-hash
crc32c=gkvPRw==, md5=OWsnlEYGq4fBWdn416OiBQ==
cache-control
public, max-age=2678400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCgrcvbRCX9eXOlLN%2BvLjjR2z0vjwtBOWhG%2B4iZuhucn0cpFxJ97H%2Bx8r5Ix9H568jobPJFFhwr41siec8z7o4JpaqI1V%2BcdjDn7lxvaQaKTmZYiSuk9A07Ao8Y6mT3fD0Ou4aVnehI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
7089
cf-ray
806bdbbcec8b3645-FRA
expires
Thu, 14 Sep 2023 21:59:47 GMT

Redirect headers

date
Thu, 14 Sep 2023 21:52:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZfCIAtLX8NID2%2B92ISij1qDtZUpAfVOoM1qnSug2RDMGWNPKr9xEh30utPC%2Bcaa9OA5EOh8S%2F9E4fmmopNkOHNdrytpX1rvsWtCzVJBmAbkvs0VivPfrEXsZY8rdSNkw9rXrRtlgWI%3D"}],"group":"cf-nel","max_age":604800}
location
https://cdn.startbootstrap.com/sb-forms-0.4.1.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
806bdbbcdc783645-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
1200.jpg
fastly.picsum.photos/id/141/1900/
Redirect Chain
  • https://picsum.photos/1900/1200
  • https://fastly.picsum.photos/id/141/1900/1200.jpg?hmac=O_V715p0IrnQBLlsM2E7kutLMxZ9lx27WC7k9h7ADJQ
108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/141/1900/1200.jpg?hmac=O_V715p0IrnQBLlsM2E7kutLMxZ9lx27WC7k9h7ADJQ
Requested by
Host: us-west.com
URL: https://us-west.com/css/styles.css
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b5d7cbd7ba8df3a12602ffaf6ecc6997698fb9e8746f83c387bf0fc44a63a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 14 Sep 2023 21:52:41 GMT
via
1.1 varnish
picsum-id
141
age
0
x-timer
S1694728361.270158,VS0,VE389
vary
Origin
x-cache
MISS
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="141-1900x1200.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
110436
x-served-by
cache-fra-etou8220059-FRA

Redirect headers

date
Thu, 14 Sep 2023 21:52:41 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvHwTzDMarcgSjpQak8hs%2FZkeBJxLnx0j378sNWHRc0EenqMXZjCV6LAWQvX%2FHZ%2BlSvb4NZSxXNO07cQ6jNfprZRk67h3MTGHNLWl%2Fs2Hqurkg2j8F%2FPmiBwOymQQbRaagOpUdPHAkXY%2Fb4%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/141/1900/1200.jpg?hmac=O_V715p0IrnQBLlsM2E7kutLMxZ9lx27WC7k9h7ADJQ
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
806bdbc17bfe9188-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
600.jpg
fastly.picsum.photos/id/569/900/
Redirect Chain
  • https://picsum.photos/900/600
  • https://fastly.picsum.photos/id/569/900/600.jpg?hmac=TKkGrhfYJjRUh_-CSHvK0ZOMQXnJobR4_3QTtN2jIYI
90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/569/900/600.jpg?hmac=TKkGrhfYJjRUh_-CSHvK0ZOMQXnJobR4_3QTtN2jIYI
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4916fce8fd60ce123695f0aa4a3f8a611bba1c7141b2ca72c18930c78a32c393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 14 Sep 2023 21:52:41 GMT
via
1.1 varnish
picsum-id
569
age
569249
x-timer
S1694728361.294914,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="569-900x600.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
92478
x-served-by
cache-fra-etou8220059-FRA

Redirect headers

date
Thu, 14 Sep 2023 21:52:41 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz%2B98AWmPjmPsWW5kYeph%2FI29PMLceEbH6OyoKTGEtmzAV7RMEUciMrztrS4SDiDXShp5Y8%2Fczt5iO3qZU%2BAqpEjPL5NdfrDwx%2FNC3td92DrRwEGJRl8JnfjJp34pXc5fr2BLfxUY3uOf44%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/569/900/600.jpg?hmac=TKkGrhfYJjRUh_-CSHvK0ZOMQXnJobR4_3QTtN2jIYI
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
806bdbc17c029188-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
601.jpg
fastly.picsum.photos/id/254/900/
Redirect Chain
  • https://picsum.photos/900/601
  • https://fastly.picsum.photos/id/254/900/601.jpg?hmac=iBM_AP5CKXWkNnl4fzKNMaMJ7f-zE4IJ_Iu8Es-mjiE
131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/254/900/601.jpg?hmac=iBM_AP5CKXWkNnl4fzKNMaMJ7f-zE4IJ_Iu8Es-mjiE
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6436994ac4d874426ac9d2bb55dbdbde115a03779cd87408f558da03d860950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 14 Sep 2023 21:52:41 GMT
via
1.1 varnish
picsum-id
254
age
474035
x-timer
S1694728361.270316,VS0,VE2
vary
Origin
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="254-900x601.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
133879
x-served-by
cache-fra-etou8220059-FRA

Redirect headers

date
Thu, 14 Sep 2023 21:52:41 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa4TxZcABRdtL2zdcjQjE1tOxteJR5VGB3qsMScysVwYn%2BE%2Fq1eg9pLgp0%2BMbwIbvYtN6BNVFD1RfHtiIBkRUqF6%2F63OB1avlsPSXFi2GKeoznfQlj7KLvTyBdcZG2b%2Fk8KariIHmun3zvg%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/254/900/601.jpg?hmac=iBM_AP5CKXWkNnl4fzKNMaMJ7f-zE4IJ_Iu8Es-mjiE
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
806bdbc18c039188-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
602.jpg
fastly.picsum.photos/id/433/900/
Redirect Chain
  • https://picsum.photos/900/602
  • https://fastly.picsum.photos/id/433/900/602.jpg?hmac=yHFQeEncvn0eEPm7GRBJXp1PJmVpU3PSrkDFg0D0ouQ
67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/433/900/602.jpg?hmac=yHFQeEncvn0eEPm7GRBJXp1PJmVpU3PSrkDFg0D0ouQ
Requested by
Host: us-west.com
URL: https://us-west.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f94280b65cbff994f8a5e7b5fa7fd69bf294a18714a6716a10c9c376c842b975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-west.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 14 Sep 2023 21:52:41 GMT
via
1.1 varnish
picsum-id
433
age
0
x-timer
S1694728361.270297,VS0,VE220
vary
Origin
x-cache
MISS
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="433-900x602.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
69103
x-served-by
cache-fra-etou8220059-FRA

Redirect headers

date
Thu, 14 Sep 2023 21:52:41 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ivht53B2IZ1nHSlb8WKI2viYH938Ira6j1pPYnF6NOnem1oSawZGFYl6ZKGBSunMA8cEwewBmIMmukxvyPvcbKrDchMS6W5nOrO4X3MbXe41gwr2RoQ278e5NbHE%2FbAL%2BvkDHGOVT7%2FGTM%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/433/900/602.jpg?hmac=yHFQeEncvn0eEPm7GRBJXp1PJmVpU3PSrkDFg0D0ouQ
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
806bdbc18c049188-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us-west.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:23:50 GMT
x-content-type-options
nosniff
age
433731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 21:23:50 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us-west.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:18:33 GMT
x-content-type-options
nosniff
age
434048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 21:18:33 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Origin
https://us-west.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:52:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17673533
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90528
x-served-by
cache-fra19135-FRA, cache-jnb7020-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOWr3gUlTxJhRuQU%2B%2BHCQ7qtENg%2BDme84XyGWW5KNTgT%2Fin4QnqrwBc7qXq0PmLdmz71NHM65sewIRhT1xu5fSK8FTvQrwNvsP7F1nZyjbuPDDQZ4foljLyqGt8ozAjSWmHSj4cPIXMGAKpBP4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
806bdbc15b0a03f8-FRA
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us-west.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:55:38 GMT
x-content-type-options
nosniff
age
482223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 07:55:38 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us-west.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:10:46 GMT
x-content-type-options
nosniff
age
488515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 06:10:46 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| uidEvent object| bootstrap object| sbForms

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://us-west.com/js/scripts.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.startbootstrap.com
fastly.picsum.photos
fonts.googleapis.com
fonts.gstatic.com
picsum.photos
us-west.com
104.26.0.73
2606:4700:20::681a:41e
2606:4700::6810:5514
2a00:1450:4001:80e::200a
2a00:1450:4001:831::2003
2a04:4e42::347
67.166.38.228
02a9804f3c8ef3e1bd754e7a1c0ae5055c74105a19030b645fedb8d2724ce797
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
443c856aaeb47ff0248d814a2b61af156cd79131403b1222602d3b033a41fb58
4916fce8fd60ce123695f0aa4a3f8a611bba1c7141b2ca72c18930c78a32c393
59c961078cfedf024e31ed276b96245dab929c1490256f484eaaee5e3a60c987
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
6dca456b24f80bb55f99c5b749bf267000cb5843c4cf7014179ebff45f1639bb
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9b5d7cbd7ba8df3a12602ffaf6ecc6997698fb9e8746f83c387bf0fc44a63a2e
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c3d8611d6957eeebb278504294f31359a1d1fdbdd92f991485902dab0020ab4b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6436994ac4d874426ac9d2bb55dbdbde115a03779cd87408f558da03d860950
dd264739495071ee8dd9155c5374a5f5e0369b6844788f9fe221d354e4c4fb94
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f94280b65cbff994f8a5e7b5fa7fd69bf294a18714a6716a10c9c376c842b975