urlscan.io logo urlscan.io
SecurityTrails logo

www.khirfanfinancial.com Open in urlscan Pro
2606:4700::6810:42c5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.email01.fmgsuite.com/c/eJxNj81OwzAQhJ8muSBHu_5NDj5ARQWH8g5rZ92sSNIqMerrEwQHpLmMRppP3xgpecC2yLbXD1o4vsnTRfLE88yNPrWZlj...
Effective URL: https://www.khirfanfinancial.com/
Submission: On October 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6810:42c5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.khirfanfinancial.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 2nd 2019. Valid for: a year.
This is the only time www.khirfanfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.71.65.129 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 2600:9000:21f... 16509 (AMAZON-02)
1 52.216.227.120 16509 (AMAZON-02)
1 147.75.84.99 54825 (PACKET)
1 147.75.84.117 54825 (PACKET)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 52.85.183.207 16509 (AMAZON-02)
1 147.75.32.75 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.217.8.139 16509 (AMAZON-02)
28 11
1    52.71.65.129 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-71-65-129.compute-1.amazonaws.com
email.email01.fmgsuite.com
1    2606:4700::6810:42c5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.khirfanfinancial.com
18    2600:9000:21f3:b200:11:ad6d:cf00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.fmgsuite.com
1    52.216.227.120 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
fmg-websites-custom.s3.amazonaws.com
1    147.75.84.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
static.hotjar.com
1    147.75.84.117 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
script.hotjar.com
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    52.85.183.207 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-207.fra50.r.cloudfront.net
static.site24x7rum.com
1    147.75.32.75 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1
vars.hotjar.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    34.217.8.139 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-217-8-139.us-west-2.compute.amazonaws.com
col.site24x7rum.com
Domain Requested by
18 static.fmgsuite.com www.khirfanfinancial.com
static.fmgsuite.com
3 ssl.google-analytics.com 2 redirects www.khirfanfinancial.com
2 stats.g.doubleclick.net 1 redirects www.khirfanfinancial.com
1 col.site24x7rum.com static.site24x7rum.com
1 www.google.de www.khirfanfinancial.com
1 www.google.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 static.site24x7rum.com www.khirfanfinancial.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.khirfanfinancial.com
1 fmg-websites-custom.s3.amazonaws.com www.khirfanfinancial.com
1 www.khirfanfinancial.com
1 email.email01.fmgsuite.com 1 redirects
28 13
Subject Issuer Validity Valid
www.khirfanfinancial.com
CloudFlare Inc ECC CA-2		 2019-07-02 -
2020-07-01		 a year crt.sh
*.fmgsuite.com
DigiCert SHA2 Secure Server CA		 2018-09-18 -
2020-11-25		 2 years crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-11-07 -
2020-02-07		 a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.site24x7rum.com
Amazon		 2018-11-22 -
2019-12-22		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.khirfanfinancial.com/
Frame ID: CEACC8D4138F62AFD1B35BDEC41D59C6
Requests: 27 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-74dcf4e32eff343c96838bf3a780ac1d.html
Frame ID: AB76AF21FA5558525590A84125544805
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://email.email01.fmgsuite.com/c/eJxNj81OwzAQhJ8muSBHu_5NDj5ARQWH8g5rZ92sSNIqMerrEwQHpLmMRppP3xgpecC2yLbXD1... HTTP 302
    https://www.khirfanfinancial.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

28
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

7120 kB
Transfer

7926 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.email01.fmgsuite.com/c/eJxNj81OwzAQhJ8muSBHu_5NDj5ARQWH8g5rZ92sSNIqMerrEwQHpLmMRppP3xgpecC2yLbXD1o4vsnTRfLE88yNPrWZljvJdb3wvtOV30deqxThLfYQGMrAyo7FK3s0lQJYlZLxyYF2llIrUQMOCBrRoQXTYQd4ti9w6hFe_cnZ0FjghWQG7Mpy3b-kcpdvSzvFEYlSrx2D7wOEPJI2SNklHgAG8u0cp1rve2OeG30-8ng8us9JtkJrkZXWLDT_fB1Tu8XlT6tLN-GDeqd8mORZyi8w39ZKuf5TTKizscYpjRQUD4iKhqJVAQ7JWfDGh290TGMm HTTP 302
    https://www.khirfanfinancial.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1296796506&utmhn=www.khirfanfinancial.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Khirfan%20Financial&utmhid=1564204649&utmr=-&utmp=%2F&utmht=1571671622624&utmac=UA-119243947-1&utmcc=__utma%3D208643016.1738182423.1571671623.1571671623.1571671623.1%3B%2B__utmz%3D208643016.1571671623.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1028619039&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119243947-1&cid=1738182423.1571671623&jid=1028619039&_v=5.7.2&z=1296796506
Request Chain 25
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013914715&utmhn=www.khirfanfinancial.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Khirfan%20Financial&utmhid=1564204649&utmr=-&utmp=%2F&utmht=1571671622629&utmac=UA-24680519-10&utmcc=__utma%3D1.750322979.1571671623.1571671623.1571671623.1%3B%2B__utmz%3D1.1571671623.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=905928889&utmredir=1&utmmt=1&utmu=qBAgAAAAAAAAAAAAAAAAAAgE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715&slf_rd=1&random=4261328895

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.khirfanfinancial.com/
Redirect Chain
  • http://email.email01.fmgsuite.com/c/eJxNj81OwzAQhJ8muSBHu_5NDj5ARQWH8g5rZ92sSNIqMerrEwQHpLmMRppP3xgpecC2yLbXD1o4vsnTRfLE88yNPrWZljvJdb3wvtOV30deqxThLfYQGMrAyo7FK3s0lQJYlZLxyYF2llIrUQMOCBrRoQXTYQd4t...
  • https://www.khirfanfinancial.com/
49 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:42c5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0c19e07fc93f93001480ca2ececbfd0b8000467057c58464558675348441eb52

Request headers

:method
GET
:authority
www.khirfanfinancial.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 21 Oct 2019 15:27:01 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d552d82178bea058d7434bf816ee172b51571671620; expires=Tue, 20-Oct-20 15:27:00 GMT; path=/; domain=.www.khirfanfinancial.com; HttpOnly __cf_bm=b676b56ede6891e05e591b25391b5dd8653662ff-1571671621-1800-ATI7P+xrUlvVyx0aiuhrFlqGgZQ9w9srq5WDdnjUk/VoYYHdECIbUvRTzwpo8jJ6mMgj9vcur0NRgHcO1E7+47E=; path=/; expires=Mon, 21-Oct-19 15:57:01 GMT; domain=.www.khirfanfinancial.com; HttpOnly
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
4.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
529440cf2e0a59d6-VIE
content-encoding
gzip

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 21 Oct 2019 15:27:00 GMT
Location
https://www.khirfanfinancial.com/
Server
nginx
Content-Length
273
Connection
keep-alive
7ac.css
static.fmgsuite.com/site/templates/007/dist/ 		234 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.18.37744
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e525f6f39a026a55584d516c2341cf36fa64a2702adfaabb4b45bfb53354d6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 20 Oct 2019 16:13:21 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 16:46:45 GMT
server
AmazonS3
age
83622
x-amz-meta-cb-modifiedtime
Thu, 03 Oct 2019 16:44:55 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
QGhB0imk3tfpXDJTQElWCSX4EPXPdf25
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
5uu07gIxPmbxxEcGC4SFaiC3RiOCYqRGTeXv7nOETUPE1zsbPvW3nA==
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
dev-theme-fix.css
fmg-websites-custom.s3.amazonaws.com/ian/dev_theme_fixes/ 		129 B
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fmg-websites-custom.s3.amazonaws.com/ian/dev_theme_fixes/dev-theme-fix.css
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.216.227.120 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6f59f5594120229ea70553b740f138569b24f3dc356a294b2a925f9ec418b3c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 21 Oct 2019 15:27:03 GMT
Last-Modified
Wed, 22 May 2019 22:13:17 GMT
Server
AmazonS3
x-amz-request-id
7776DE1E23F58134
ETag
"77955e7e132d615f1720f345878f9add"
Content-Type
text/css
x-amz-version-id
8Zj61t0jY6.LyHCjT3AAGS_UrB_Z3oyI
Accept-Ranges
bytes
Content-Length
129
x-amz-id-2
AFOz5/8zzXijmOiDnbanZnfDK45ZRTc69tCcU7dcpKKbzOVAkW/0JkXnhpJGt4MdDG7yKukesbk=
brokerCheck-bar-logo.png
static.fmgsuite.com/site/templates/global/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/site/templates/global/img/brokerCheck-bar-logo.png
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
cQ0x4VGRjAKNvqRf4cK88z.qdgksM6Qd
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
etag
"0a702e6adbbb9c114979785ab0055ff7"
age
83621
x-amz-meta-cb-modifiedtime
Wed, 22 Aug 2018 15:02:32 GMT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
6131
last-modified
Mon, 03 Dec 2018 17:20:16 GMT
server
AmazonS3
date
Sun, 20 Oct 2019 16:13:22 GMT
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
zKeGKcHIrbyxP-xhj5cBMbrujRybdWYhhlLMMPlm-C8PU_vFwGi87g==
cf65926a-692a-4c43-9284-fe26d9ac2b03.png
static.fmgsuite.com/media/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/cf65926a-692a-4c43-9284-fe26d9ac2b03.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02daf8c93be3e2f891a73c4ccdef291dfb683f19307103fef1c80081925abd6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2019 23:37:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"fafe348bd15784ae609b97fa4934bb3b"
x-cache
Miss from cloudfront
x-amz-version-id
2hOE5wIJmAvuJJ6aiiWsdrVcFfnk1Efh
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
23690
x-amz-cf-id
WuIhQgPYciIhxX_ptxIKW-rQgEKFE50m6-iVZMAgCb9Oi46d5nS2Gw==
ad895b65-b815-40fb-9584-09ddeb7662de.png
static.fmgsuite.com/media/images/ 		465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/ad895b65-b815-40fb-9584-09ddeb7662de.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24068128b96cae44c971d7c4593d86a0b3cff0f4b6f985c48037de89101f42d0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 23:33:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"259e7d90214d6818d7fd04f8136ce154"
x-cache
Miss from cloudfront
x-amz-version-id
4X0suuc23FT_5ew47tBqC4w3rQHBeM22
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
475920
x-amz-cf-id
9VvAOQxDHNoSV0eFjZOlzL24vJgu2hOjiNV3ClJvHMafC4K7cJgJBA==
7645502c-9ab4-4913-bbbd-b65d0d957526.png
static.fmgsuite.com/media/images/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/7645502c-9ab4-4913-bbbd-b65d0d957526.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28e9656237c78e9b153004e12dfc2383588ea2f3d4ad46769cf33ac9cdaeb354

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 23:33:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"4b661f8cb289e6454d5c6b41f90ab84f"
x-cache
Miss from cloudfront
x-amz-version-id
KyqjSx22.rhe.OO9JkHip3JSbBe0hUV7
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
298478
x-amz-cf-id
aUpeCG7gPTlU6HvqptF3asx4IOP2d4x-6uOiu8vUk-STMTH5J5eQUA==
4f5e49a5-951e-42df-8d5e-68b82d078be4.png
static.fmgsuite.com/media/images/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/4f5e49a5-951e-42df-8d5e-68b82d078be4.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d80fd2bdd26cb16b1af0957dd7933eb1eb3d0f260ef9640e11258c21dbd412a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 23:33:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"2ea1e9349b57a1292fb2f4bfdc502057"
x-cache
Miss from cloudfront
x-amz-version-id
6tXQl3_RvgVXcJ2UOdnuYiNSWV0AoS1R
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
209039
x-amz-cf-id
E1S1RLsJjZPbdOvTz2VklcNBdQc-JneAAJbg_CIX9jEBP5CPIp36Zw==
d6d579a7-3abe-4ca8-8766-d8a96625a94c.png
static.fmgsuite.com/media/images/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/d6d579a7-3abe-4ca8-8766-d8a96625a94c.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b18be66fe8194f1314689941789f7478910ceadd500a636c60088234b9406d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 23:33:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"229e61f74885cfcfaa4cb7c4314af7c5"
x-cache
Miss from cloudfront
x-amz-version-id
9FTTmveNwGEmjb3Bhej1Uf_nfWcb55D7
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
175788
x-amz-cf-id
glRf8bwnTj5yD4gKjI7Ffg9fisbe-361_39L2GpxY_5rYIVpkGcdgw==
33a2bfec-d6cb-488d-9fb3-ac7d5dc69914.png
static.fmgsuite.com/media/images/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/33a2bfec-d6cb-488d-9fb3-ac7d5dc69914.png?v=1
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7d565529b7337d8670405ab4137c7d8e469f0230ff5da01e253682d22229c8c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 23:33:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"29e6e4ee4c20e0e2c06a299d25493f76"
x-cache
Miss from cloudfront
x-amz-version-id
frHcWjUfdfNBNeSYc0gzbexD4Bt4HD9N
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
129014
x-amz-cf-id
-WXHJPKy0ZFg1QS3A_t5zph4-al7GMNvTB3UuKKpR6CWKc6Uu5lLeA==
scripts.js
static.fmgsuite.com/site/templates/007/dist/ 		281 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0ab0f42cfe5cfac1f23f9b809de273eb67066fbd5dd8149f13a98e0002d409d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 20:21:11 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 16:46:46 GMT
server
AmazonS3
age
59849
x-amz-meta-cb-modifiedtime
Thu, 03 Oct 2019 16:44:55 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mG3F08w5tybWjcjVVBelbf2RsXUidNrw
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
hmxGMrPx12aJN83uxAS6IgsLhaay4wk4mMR2jnt2YLELnFOSC3d9Ow==
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
hotjar-36513.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-36513.js?sv=4
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
a294176ba8b1af3bae3ff25bc967182657e97e3e65ea911795238856381ca205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
23
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1581
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/5fa5f77cc8cfa7393967ea6a6580724e
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.082
section-io-id
d4eacaaf073f845947efc84982ad9ced
accept-ranges
bytes
content-type
application/javascript
modules.9c427faaa7393368f30c.js
script.hotjar.com/ 		433 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9c427faaa7393368f30c.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-36513.js?sv=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.117 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
/
Resource Hash
8f98d1e3eefb7d26d9a1fbe17b046769afb0335b4dccd5a0861fc77d7833db70

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:02 GMT
content-encoding
br
last-modified
Mon, 21 Oct 2019 09:50:58 GMT
status
200
etag
"1dbb6c845721a7274de1e15b07fb79e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
f2f12b329f497e4baaf04571d2923e77
content-length
74442
img-background-R.jpg
static.fmgsuite.com/site/templates/global/img/assets/ebooks/5-things-you-need-to-know-about-tax-reform/images/ 		307 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/site/templates/global/img/assets/ebooks/5-things-you-need-to-know-about-tax-reform/images/img-background-R.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da77ebd54c808c51c7c8d3065fbe06502236e2b6613b90c88fd999290c6d60f3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 03 Dec 2018 16:20:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d78511a9dbe014d5ecfde8cd2f78dcf4"
x-cache
Miss from cloudfront
x-amz-version-id
UGhOCfZVtAxJcT0JTzWy4vkok_CvHTP2
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
314300
x-amz-cf-id
aSanT1jZfz4Nw7x_83qSdDZio3NJ0Ao84caM1wO3u9uzilhkkn1OOA==
8db76a0e-92a2-4fab-9aa3-f3ecf792672d.jpg
static.fmgsuite.com/media/images/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/8db76a0e-92a2-4fab-9aa3-f3ecf792672d.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
483acc91fc0f2ea277cf8a93f06e309d9d961b6c54a42330af720648c2572a09

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jun 2019 21:09:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d78121419fd757216a1c3238e659f33c"
x-cache
Miss from cloudfront
x-amz-version-id
THNAEwaqqhFjSeqlq0dyVdi6rky7t5ZJ
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
201464
x-amz-cf-id
Grea_FkmrFDNjB2akvowsiFqIJO-XjNu4cPnI_0kVcsqtnSNvPX23w==
mailing-list-background.png
static.fmgsuite.com/site/templates/global/img/popups/ 		567 KB
568 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/site/templates/global/img/popups/mailing-list-background.png
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
469d3ce19921fad524e528f52353b19ba8bef80528c6c19909f09d38080dcc56

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Tue, 30 Oct 2018 21:02:28 GMT
date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 11 Dec 2018 15:31:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"ba55de28940edbf3ee1c60d493814bd2"
x-cache
Miss from cloudfront
x-amz-version-id
EMNP.M83ii7jGnHIVmCYzesohT1JRINH
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
580098
x-amz-cf-id
LgsdehCSObcq_zgDXGhJDUR_Lwvyi431e_LYYTmGYaBSLPQQO1ud5A==
fontawesome-webfont.woff2
static.fmgsuite.com/site/templates/007/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.18.37744
Origin
https://www.khirfanfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-amz-meta-cb-modifiedtime
Fri, 27 Apr 2018 16:17:07 GMT
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
77160
last-modified
Tue, 11 Dec 2018 15:36:25 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
jcBRoP9jZmqZEej150fx4mY4qU3dR1sc
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
e-q9oldQeNpjZLQp2SBimSdkLnV4SACb1qJ8Wr4M12CGuxkE95ujMw==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1333
date
Mon, 21 Oct 2019 15:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Mon, 21 Oct 2019 17:04:49 GMT
site24x7rum-min.js
static.site24x7rum.com/beacon/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.183.207 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-183-207.fra50.r.cloudfront.net
Software
ZGS /
Resource Hash
34b9b3507ebb033e002d2177b306a35a98efec45826e2c81ccec31b80a2d3c92

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 21 Oct 2019 14:28:02 GMT
Via
1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront)
Server
ZGS
X-Amz-Cf-Pop
FRA50
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Amz-Cf-Id
b4VNuxLNu51ce7Jiaz7ypqu-41fFMSrckSuvpHhMtcEtqhCY_gmQnQ==
174-hero-section.jpg
static.fmgsuite.com/site/templates/global/img/assets/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/site/templates/global/img/assets/174-hero-section.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec9e6f951f93fc982f0df055558b72b060f2f3e547079a554794099eca1cb1e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Mon, 03 Dec 2018 16:07:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"572a8dd187db699b323e909851df721b"
x-cache
Miss from cloudfront
x-amz-version-id
u6FQq7Axpsf7lUCo_zgAMpr3tbnH2azu
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
2830319
x-amz-cf-id
t7a6MgqsCY3ATSTfihq82V-t9A5GEQG5Q8wEX8IJES88srLyy0szUw==
e3318bd8-6222-4514-a50a-ba5988c5d7f2.jpg
static.fmgsuite.com/media/images/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/e3318bd8-6222-4514-a50a-ba5988c5d7f2.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fa70c5546d4f0c602f1ac22812c01cbbc9db6991eb08b2fcc207c334b252400

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2019 15:40:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"14072ad84299d73294bbf6d58d7f2094"
x-cache
Miss from cloudfront
x-amz-version-id
tRugxGpBa51bAIL7I_d8c22BHQz4pxoJ
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
203004
x-amz-cf-id
qguKO0JF4bZzZ5Hvr6mVV-sSaHQAwzgRTlgjMimLOvf0nvxso-FMJA==
370564b5-69d6-4d88-9812-18f1ee3a168b.jpg
static.fmgsuite.com/media/images/ 		784 KB
786 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/370564b5-69d6-4d88-9812-18f1ee3a168b.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd20084d19e808ae5460fa483a031d7b4f758c9291b7346ec5b8c600e1f261b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jul 2019 16:13:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"552e7190e01b2bcf00a98ce2966bdb21"
x-cache
Miss from cloudfront
x-amz-version-id
.icMpzObPq4DDAIvUfae1YxJqtyphhzN
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
802953
x-amz-cf-id
FUpv4P9lvhvPdCL2h6lyrkeSy6LuljF0eei4sZLQWf8Ygj7HZj70Ig==
129bf015-446f-4a51-80da-7c2260c87425.jpg
static.fmgsuite.com/media/images/ 		337 KB
338 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/129bf015-446f-4a51-80da-7c2260c87425.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0ffff045bb736b7d42522799cf50af252d55664aa1c66760f032f7277bf20f4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2019 15:32:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"6d7d7fa5dede8ddce51a6c49b7ea9920"
x-cache
Miss from cloudfront
x-amz-version-id
r0MIfENpg44X1c0vfrI9iQ9iwTDg2cpm
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
345509
x-amz-cf-id
y-mks1SWKm5xP7MExjUg3RSZ5kbFIHfKyL00atT7tpqqqUBnZ1bkWg==
36ccbf85-ce4d-4a9a-8c5b-432e33eaf59e.jpg
static.fmgsuite.com/media/images/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fmgsuite.com/media/images/36ccbf85-ce4d-4a9a-8c5b-432e33eaf59e.jpg
Requested by
Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b200:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
184e1e6c29cb0f59520589845918cb2bf7f9d93a64cc78f64facd1477bcfc1b6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 15:27:03 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2019 15:32:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"712c06e50bf6a5f0c635cb38e94b1448"
x-cache
Miss from cloudfront
x-amz-version-id
hlfMS4P5hD99ZtRgmPkjHF03JFZmSjpJ
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
326526
x-amz-cf-id
IOGpXk7B3_CI_cOtn-nlv-i_hzgo1Zw_hQaJlV5gdbcvdUYXyd7kHg==
box-74dcf4e32eff343c96838bf3a780ac1d.html
vars.hotjar.com/ Frame AB76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-74dcf4e32eff343c96838bf3a780ac1d.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-36513.js?sv=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-1
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-74dcf4e32eff343c96838bf3a780ac1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.khirfanfinancial.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.khirfanfinancial.com/

Response headers

status
200
date
Mon, 21 Oct 2019 15:27:02 GMT
content-type
text/html
content-length
808
cache-control
max-age=31536000
content-encoding
br
last-modified
Thu, 17 Oct 2019 10:26:51 GMT
etag
"e97b43816dfbff056689db51ae5cdfc7"
section-io-origin-status
200
section-io-origin-time-seconds
0.053
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
2640bfb9a8da9b76b90397f303d8b8cb
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1296796506&utmhn=www.khirfanfinancial.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119243947-1&cid=1738182423.1571671623&jid=1028619039&_v=5.7.2&z=1296796506
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119243947-1&cid=1738182423.1571671623&jid=1028619039&_v=5.7.2&z=1296796506
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 Oct 2019 15:27:02 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Oct 2019 15:27:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119243947-1&cid=1738182423.1571671623&jid=1028619039&_v=5.7.2&z=1296796506
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
372
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013914715&utmhn=www.khirfanfinancial.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715&slf_rd=1&random=4261328895
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715&slf_rd=1&random=4261328895
Requested by
Host: www.khirfanfinancial.com
URL: https://www.khirfanfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Oct 2019 15:27:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Oct 2019 15:27:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24680519-10&cid=750322979.1571671623&jid=905928889&_v=5.7.2&z=1013914715&slf_rd=1&random=4261328895
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
col.site24x7rum.com/rum/ 		19 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.site24x7rum.com/rum/data
Requested by
Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.8.139 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-217-8-139.us-west-2.compute.amazonaws.com
Software
ZGS /
Resource Hash
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.khirfanfinancial.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 21 Oct 2019 15:27:26 GMT
X-Content-Type-Options
nosniff
Server
ZGS
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
19
X-XSS-Protection
1

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| MatterPage object| PresentationLoad object| Video function| $ function| jQuery function| Stellar object| Modernizr object| html5 function| yepnope object| Global function| Awesomplete object| FMG object| _gaq string| rumMOKey object| _gat object| gaGlobal object| s247RUM object| insightTMRUM object| insightRUM function| initInsightEvent object| site24x7rum string| pDomain

11 Cookies

Domain/Path Name / Value
www.khirfanfinancial.com/ Name: __utmt_g
Value: 1
www.khirfanfinancial.com/ Name: __utmz
Value: 1.1571671623.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
www.khirfanfinancial.com/ Name: __utmb
Value: 1.1.10.1571671623
www.khirfanfinancial.com/ Name: __utmc
Value: 1
www.khirfanfinancial.com/ Name: site24x7rumID
Value: 7256385518767800.1571671623583
www.khirfanfinancial.com/ Name: __utma
Value: 1.750322979.1571671623.1571671623.1571671623.1
.khirfanfinancial.com/ Name: __utmb
Value: 208643016.1.10.1571671623
.khirfanfinancial.com/ Name: __utmt
Value: 1
.khirfanfinancial.com/ Name: __utmz
Value: 208643016.1571671623.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.khirfanfinancial.com/ Name: __utmc
Value: 208643016
.khirfanfinancial.com/ Name: __utma
Value: 208643016.1738182423.1571671623.1571671623.1571671623.1

7 Console Messages

Source Level URL
Text
console-api log URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api warning URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
JQMIGRATE: jQuery.fn.offset() requires a valid DOM element
console-api log URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
console.trace
console-api warning URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api log URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
console.trace
console-api warning URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api log URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.18.37744(Line 1)
Message:
console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

col.site24x7rum.com
email.email01.fmgsuite.com
fmg-websites-custom.s3.amazonaws.com
script.hotjar.com
ssl.google-analytics.com
static.fmgsuite.com
static.hotjar.com
static.site24x7rum.com
stats.g.doubleclick.net
vars.hotjar.com
www.google.com
www.google.de
www.khirfanfinancial.com
147.75.32.75
147.75.84.117
147.75.84.99
2600:9000:21f3:b200:11:ad6d:cf00:93a1
2606:4700::6810:42c5
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9d
34.217.8.139
52.216.227.120
52.71.65.129
52.85.183.207
02daf8c93be3e2f891a73c4ccdef291dfb683f19307103fef1c80081925abd6f
0c19e07fc93f93001480ca2ececbfd0b8000467057c58464558675348441eb52
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
184e1e6c29cb0f59520589845918cb2bf7f9d93a64cc78f64facd1477bcfc1b6
1d80fd2bdd26cb16b1af0957dd7933eb1eb3d0f260ef9640e11258c21dbd412a
24068128b96cae44c971d7c4593d86a0b3cff0f4b6f985c48037de89101f42d0
270a370311bb246a1b54005d05dbb6d51b4f20ac2c3dc19d98e68c20633eeecd
28e9656237c78e9b153004e12dfc2383588ea2f3d4ad46769cf33ac9cdaeb354
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34b9b3507ebb033e002d2177b306a35a98efec45826e2c81ccec31b80a2d3c92
36e525f6f39a026a55584d516c2341cf36fa64a2702adfaabb4b45bfb53354d6
469d3ce19921fad524e528f52353b19ba8bef80528c6c19909f09d38080dcc56
483acc91fc0f2ea277cf8a93f06e309d9d961b6c54a42330af720648c2572a09
5b18be66fe8194f1314689941789f7478910ceadd500a636c60088234b9406d5
7fa70c5546d4f0c602f1ac22812c01cbbc9db6991eb08b2fcc207c334b252400
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f98d1e3eefb7d26d9a1fbe17b046769afb0335b4dccd5a0861fc77d7833db70
a0ffff045bb736b7d42522799cf50af252d55664aa1c66760f032f7277bf20f4
a294176ba8b1af3bae3ff25bc967182657e97e3e65ea911795238856381ca205
c0ab0f42cfe5cfac1f23f9b809de273eb67066fbd5dd8149f13a98e0002d409d
cec9e6f951f93fc982f0df055558b72b060f2f3e547079a554794099eca1cb1e
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
d6f59f5594120229ea70553b740f138569b24f3dc356a294b2a925f9ec418b3c
da77ebd54c808c51c7c8d3065fbe06502236e2b6613b90c88fd999290c6d60f3
dd20084d19e808ae5460fa483a031d7b4f758c9291b7346ec5b8c600e1f261b4
e7d565529b7337d8670405ab4137c7d8e469f0230ff5da01e253682d22229c8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629