offboarding.creativecabana.co Open in urlscan Pro
75.101.134.27  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response offboarding.creativecabana.co/	265 KB 39 KB	511ms 211ms	Document text/html	75.101.134.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-134-27.compute-1.amazonaws.com Software / Resource Hash 5d4d607e4ce86a12869a49c8b804b9aec4c35c5e73428186ebdd643cc711ee1d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 27 Nov 2024 09:20:37 GMT etag W/"1c6ae781511717aae59fa9f90b5affb4" last-modified Thu, 31 Oct 2024 15:43:48 GMT vary Accept-Encoding x-showit hosted
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	450ms 158ms	Stylesheet text/css	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik:regular|Rubik:500|Rubik:600 Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 332e317cf108853aeae57c5fa494300945f104d1716bc407567051f98fa40741 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 27 Nov 2024 09:20:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 27 Nov 2024 09:20:37 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 27 Nov 2024 09:20:37 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/	54 KB 4 KB	202ms 95ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03d2a-d8e2" age 147945 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSVZVhY1vwmf56H7xH0lxMmaff2Y9%2B69vSJgAs9n7LQ%2BmNwsGOAcA8%2FbRnLzm6DnwSgGcwuyK7VAK6dJYuALoE7wuFlCVT%2BV1pA9plVrS72%2Bp4vLrGz7tyoIPaRzuKXmBP3rphXZ"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 17 Nov 2025 09:20:37 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 27 Nov 2024 09:20:37 GMT content-type text/css; charset=utf-8 last-modified Mon, 04 May 2020 16:04:58 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e910b1c7c5eeb2c-SJC accept-ranges bytes access-control-allow-origin * content-length 3203 server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	443ms 144ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers content-encoding gzip age 477902 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 21 Nov 2025 20:35:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 21 Nov 2024 20:35:36 GMT last-modified Fri, 08 May 2020 07:05:03 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31021 x-xss-protection 0 server sffe
GET H2	200	showit-lib.min.js Show response lib.showit.co/engine/2.2.5/	48 KB 16 KB	462ms 162ms	Script application/javascript	18.173.132.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.2.5/showit-lib.min.js Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.132.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-132-14.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash e68f577919c668431ec37b0c816e2a409a1369ab29c9234c7346a187f25d1ea3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers x-amz-cf-pop JFK52-P2 content-encoding gzip etag W/"9b77e09293052d48738eacb7b25926d3" age 563444 via 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 1ee4-3dAt5NgdmuXy5B6AtOt4f6w6d1MICIDrDiwIO5B9c1sPf5_Xg== date Wed, 20 Nov 2024 20:49:55 GMT content-type application/javascript vary accept-encoding server AmazonS3 last-modified Wed, 09 Oct 2024 17:12:23 GMT x-amz-server-side-encryption AES256
GET H2	200	showit.min.js Show response lib.showit.co/engine/2.2.5/	60 KB 21 KB	479ms 180ms	Script application/javascript	18.173.132.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.2.5/showit.min.js Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.132.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-132-14.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash 62ba25c0922a230d0be88da82f2c36a97174015a52b21b456976c6ad3a730495 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers x-amz-cf-pop JFK52-P2 content-encoding gzip etag W/"23e25f227e403d0f97b533cbcf793ca9" age 563444 via 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id sSXaVHZT6ceHvfEgbAV8sLM_ndUkpmvaIy6PkKQSvdyda5ttAyAckw== date Wed, 20 Nov 2024 20:49:55 GMT content-type application/javascript vary accept-encoding server AmazonS3 last-modified Wed, 09 Oct 2024 17:12:23 GMT x-amz-server-side-encryption AES256
GET H2	200	showit.css lib.showit.co/engine/2.2.5/	7 KB 3 KB	439ms 140ms	Stylesheet text/css	18.173.132.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.2.5/showit.css Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.132.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-132-14.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash 837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers x-amz-cf-pop JFK52-P2 content-encoding gzip etag W/"8e74b817a46d3ed438a34b919f7bd280" age 563441 via 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 5LEwfd-4ek21zzNbhJZpNCv6-NMgumJ8d99cfZ48YehFHJyeo79kGw== date Wed, 20 Nov 2024 20:49:58 GMT content-type text/css vary accept-encoding server AmazonS3 last-modified Wed, 09 Oct 2024 17:12:22 GMT x-amz-server-side-encryption AES256
GET H2	200	embed.js Show response embed.typeform.com/next/	61 KB 14 KB	498ms 154ms	Script application/x-javascript	2600:9000:23cb:ba00:2:c605:29c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.typeform.com/next/embed.js Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23cb:ba00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b32ef3d653605e3278a8e50e853fdfe5893a998eb725623ec8cff40960686db4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers content-encoding gzip etag W/"154599af726d32e2fef371db6c019f99" x-amz-version-id R2NKuCK8koy3k1dmq_pDNCQKiQ7Mkp9o age 3 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id rUIA3YtF9ToIiBlY2rv42_ejiGcXZMv4jaqOx2WhT91l49LVdBf5Vg== date Wed, 27 Nov 2024 09:20:36 GMT content-type application/x-javascript vary accept-encoding last-modified Wed, 20 Nov 2024 13:57:57 GMT strict-transport-security max-age=63072000; includeSubDomains cache-control public, max-age=0, must-revalidate via 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ce1682dad23442cebf0b904561849677 www.loom.com/embed/ Frame 4C93	0 0	1062ms 482ms	Document text/html	2600:9000:28b2:3e00:c:cfd4:a580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.loom.com/embed/ce1682dad23442cebf0b904561849677?sid=67894c80-6e49-4c17-ab46-73863421f182 Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:28b2:3e00:c:cfd4:a580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://offboarding.creativecabana.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 content-encoding gzip content-security-policy-report-only default-src 'self' blob: ; script-src 'nonce-nvKIDxSC+cB/Lon5jX0T1iYvmhNwzfoadDFVDaDDdz8Mhib+' 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' blob: https: ; style-src 'unsafe-inline' https://cdn.loom.com https://releases.transloadit.com/uppy/ https://accounts.google.com/gsi/style; img-src 'self' blob: data: chrome-extension: https://*.bing.com https://*.clarity.ms https://*.gstatic.com https://s2.googleusercontent.com https://*.g.doubleclick.net https://*.google.com https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.linkedin.com/px/ https://www.facebook.com https://analytics.tiktok.com/api/ https://analytics.twitter.com/ https://alb.reddit.com/ https://q.quora.com/_/ad/ https://t.co https://*.mutinycdn.com https://cdn.sanity.io/images/ https://perf-na1.hsforms.com https://track.hubspot.com https://*.loom.com https://rs.fullstory.com https://secure.gravatar.com https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net https://*.wp.com/avatar-management--avatars.us-west-2.prod.public.atl-paas.net/initials/ https://cdn.cookielaw.org; font-src 'self' data: chrome-extension: https://cdn.loom.com https://fonts.gstatic.com https://use.typekit.net; base-uri 'self'; connect-src 'self' data: https://bat.bing.com https://*.clarity.ms https://*.mutinyhq.com https://*.mutinyhq.io https://*.mutinycdn.com https://*.google.com https://accounts.google.com/gsi/ https://*.analytics.google.com https://*.google-analytics.com https://*.googletagmanager.com https://*.g.doubleclick.net https://connect.facebook.net https://px.ads.linkedin.com https://pixel-config.reddit.com https://q.quora.com https://analytics.tiktok.com/ https://www.redditstatic.com/ads/ https://api.segment.io https://cdn.segment.com https://*.cohere.so wss://*.cohere.so https://api.sprig.com https://cdn.sprig.com https://api.hubapi.com https://cta-service-cms2.hubspot.com https://js.hs-banner.com https://js.hubspot.com/web-interactives-embed.js https://browser-http-intake.logs.datadoghq.com/ https://logs.browser-intake-datadoghq.com/api/ https://rum.browser-intake-datadoghq.com/api/ https://m.stripe.com https://o398470.ingest.sentry.io https://edge.fullstory.com https://rs.fullstory.com https://loom-media-production.s3.us-west-2.amazonaws.com/uploads/ https://loom-media-production.s3.us-west-2.amazonaws.com/sessions/ https://s3.us-west-2.amazonaws.com/loom-media-production/sessions/ https://s3.us-west-2.amazonaws.com/loom-media-production/images/ https://s3.us-west-2.amazonaws.com/loom-screenshots-production/images/ https://*.loom.com wss://www.loom.com https://*.atlassian.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com https://cookie-cdn.cookiepro.com https://*.atl-paas.net https://calendly.com; media-src 'self' blob: data: https://*.loom.com/ https://cdn.sanity.io ; object-src 'none'; frame-src 'self' https://js.stripe.com https://www.loom.com https://accounts.google.com/gsi/ https://www.google.com/ https://*.doubleclick.net https://calendly.com; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub18c86b072f3b6cefdae2b56c8b60db94&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Acsp%2Cenv%3Aproduction content-type text/html; charset=utf-8 date Wed, 27 Nov 2024 09:20:39 GMT etag W/"5610-0VJXkBITiomc0tf0sBAQ4Fo43Jw" referrer-policy strict-origin-when-cross-origin server-timing cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=124,cdn-upstream-fbl;dur=315,cdn-cache-miss,cdn-pop;desc="JFK52-P8",cdn-rid;desc="EbATXwDUb248CnJJDCHI0vKOsMWc5eShChHwP0qPBrZnjYjc1C9XTA==",cdn-downstream-fbl;dur=338 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 9733ed47722484c4e79e66f9a01f7260.cloudfront.net (CloudFront) x-amz-cf-id EbATXwDUb248CnJJDCHI0vKOsMWc5eShChHwP0qPBrZnjYjc1C9XTA== x-amz-cf-pop JFK52-P8 x-cache Miss from cloudfront x-cdn cloudfront x-content-type-options nosniff
GET H2	200	tayyamas-webfont.woff static.showit.co/file/5iNifBBGQrqpWNEetbuydg/185374/	29 KB 30 KB	851ms 321ms	Font font/woff	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.showit.co/file/5iNifBBGQrqpWNEetbuydg/185374/tayyamas-webfont.woff Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash 518ae045ca853f2aca6f784da4d0884f575d62a17ad5037a5890fd1d0a4d3bb8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://offboarding.creativecabana.co Referer https://offboarding.creativecabana.co/ Response headers etag 19d2fe6b9298c326c345799a5550a034 age 68490 media-server node via 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront) expires Wed, 26 Nov 2025 14:19:08 GMT access-control-allow-origin * x-cache Hit from cloudfront content-length 29928 x-amz-cf-id IBVD_Q_EpNZzBJ6S9qLwF96exjiFMcBPeeNKymJHbp8zdGfU53gbzg== date Tue, 26 Nov 2024 14:19:08 GMT content-type font/woff last-modified Sat, 26 Aug 2023 21:15:34 GMT server nginx x-amz-cf-pop JFK52-P7 vary Accept-Encoding
GET H2	200	nl_tequilasunrise_sans-webfont.woff static.showit.co/file/R9VUwaeDRnWKopGPaibnmQ/185374/	21 KB 21 KB	854ms 324ms	Font font/woff	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.showit.co/file/R9VUwaeDRnWKopGPaibnmQ/185374/nl_tequilasunrise_sans-webfont.woff Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash 9f21da85733a872e6ccb3df865baceb9eb0961ec2214f1385cdc4210cf16e6cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://offboarding.creativecabana.co Referer https://offboarding.creativecabana.co/ Response headers etag 83c507559785a09e5e2d6cb09b028751 age 68490 media-server node via 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront) expires Wed, 26 Nov 2025 14:19:08 GMT access-control-allow-origin * x-cache Hit from cloudfront content-length 21580 x-amz-cf-id YHgjjzI_xQaRFuJy-4sXDIJq1Imu7lxHm0kfXuIWlfhJIHVCBtfnsw== date Tue, 26 Nov 2024 14:19:08 GMT content-type font/woff last-modified Sat, 26 Aug 2023 21:16:06 GMT server nginx x-amz-cf-pop JFK52-P7 vary Accept-Encoding
GET H2	200	nl_tequilasunrise_inky1_slant-webfont.woff static.showit.co/file/2e1-xhEDQkW-xOD_lWYJSQ/185374/	38 KB 38 KB	970ms 440ms	Font font/woff	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.showit.co/file/2e1-xhEDQkW-xOD_lWYJSQ/185374/nl_tequilasunrise_inky1_slant-webfont.woff Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash 5db3370de1628bd7437f77c55d7a9478b5bc8ccb3d492f8becc31898fbf30668 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://offboarding.creativecabana.co Referer https://offboarding.creativecabana.co/ Response headers etag 1cfa36d059184a49b48f2ff7cd70b1bc age 68490 media-server node via 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront) expires Wed, 26 Nov 2025 14:19:08 GMT access-control-allow-origin * x-cache Hit from cloudfront content-length 38656 x-amz-cf-id aF7rWRPQT6uRWDcq04Ubf5fKqOEwlXH2HiEGk-tD-il7eF1HgUjzXA== date Tue, 26 Nov 2024 14:19:08 GMT content-type font/woff last-modified Sat, 26 Aug 2023 21:15:50 GMT server nginx x-amz-cf-pop JFK52-P7
GET H3	200	iJWKBXyIfDnIV7nBrXw.woff2 fonts.gstatic.com/s/rubik/v28/	35 KB 35 KB	664ms 145ms	Font font/woff2	142.251.41.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rubik:regular|Rubik:500|Rubik:600 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f3.1e100.net Software sffe / Resource Hash 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://offboarding.creativecabana.co Referer https://fonts.googleapis.com/ Response headers age 442729 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 22 Nov 2025 06:21:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 22 Nov 2024 06:21:49 GMT last-modified Thu, 29 Jun 2023 16:14:39 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 35448 x-xss-protection 0 server sffe
GET H2	200	01HHHWXPAM34PNEBMAVS0G3RT2 Show response api.typeform.com/single-embed/	263 B 1 KB	678ms 149ms	Fetch text/plain	18.215.50.157 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.typeform.com/single-embed/01HHHWXPAM34PNEBMAVS0G3RT2 Requested by Host: embed.typeform.com URL: https://embed.typeform.com/next/embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.215.50.157 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-215-50-157.compute-1.amazonaws.com Software istio-envoy / Resource Hash 3613216bbde6ebb7f3affed244a97964dfcd04c386266d26791fe34d2c63b564 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag noindex, nofollow access-control-expose-headers Location, X-Request-Id x-envoy-upstream-service-time 5 access-control-allow-methods GET, OPTIONS, POST, PUT, PATCH, DELETE traceparent 00-dafacf402bbf7f000c1aeec8cb523e7c-bfd91a5572844cc9-01 access-control-allow-origin https://offboarding.creativecabana.co content-length 263 date Wed, 27 Nov 2024 09:20:38 GMT content-type text/plain; charset=utf-8 server istio-envoy access-control-allow-headers X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
GET H2	200	pexels-mathilde-langevin-13878010.jpg static.showit.co/1600/zEoflz6HQ4WMIMbcx0OJJA/185374/	873 KB 874 KB	596ms 180ms	Image image/jpeg	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/zEoflz6HQ4WMIMbcx0OJJA/185374/pexels-mathilde-langevin-13878010.jpg Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash a87a208aeea8a9a84f4772c9f61cde4a5e69443146376a359dfd38b4fb228443 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers etag 0988040855f891825bef18e3f6e25e65 age 56481 media-server node via 1.1 2719b1b5cd0af422e4658c2da505a4d6.cloudfront.net (CloudFront) expires Wed, 26 Nov 2025 17:39:17 GMT access-control-allow-origin x-cache Hit from cloudfront content-length 893699 x-amz-cf-id ItpBxKAbqCt5nDm5EPCZp0wgQ796N-TdZLSbNPoVYt6R4YAQBtAbvw== date Tue, 26 Nov 2024 17:39:17 GMT content-type image/jpeg last-modified Sat, 22 Jul 2023 01:44:05 GMT server nginx x-amz-cf-pop JFK52-P7 vary Accept-Encoding
GET H2	200	cabana_line_drawing_-_cream-40.png static.showit.co/200/LGnb2mMdSoap7u2kgSFI_A/185374/	14 KB 14 KB	944ms 929ms	Image image/png	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/200/LGnb2mMdSoap7u2kgSFI_A/185374/cabana_line_drawing_-_cream-40.png Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash 3a32b8f68224d38b05ba99cfaca66a494a901dedfc45caae0fa91f1c5db4205c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers etag 0e6a7686af18502203fa5d063eb68d35 age 52487 media-server node via 1.1 2719b1b5cd0af422e4658c2da505a4d6.cloudfront.net (CloudFront) expires Wed, 26 Nov 2025 18:45:52 GMT access-control-allow-origin x-cache Hit from cloudfront content-length 14151 x-amz-cf-id JJtwADe68x2r0EUU3fEnQLy77a-fTu5940c9bWAB02b8i5MMwqX9Kg== date Tue, 26 Nov 2024 18:45:52 GMT content-type image/png last-modified Tue, 12 Sep 2023 22:06:49 GMT server nginx x-amz-cf-pop JFK52-P7
GET H2	200	the_creative_cabana_-_2.jpg static.showit.co/400/1yfytQFnTpmJmarkO2fvkA/185374/	74 KB 74 KB	945ms 932ms	Image image/jpeg	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/1yfytQFnTpmJmarkO2fvkA/185374/the_creative_cabana_-_2.jpg Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash eafd935ee224c4fb13c75f3b125ff9bba3dbea3522231c2406af9410563b1058 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers etag fc1790a4f9e1a009b66af236e1ee765f media-server node via 1.1 2719b1b5cd0af422e4658c2da505a4d6.cloudfront.net (CloudFront) expires Thu, 27 Nov 2025 09:20:39 GMT access-control-allow-origin x-cache Miss from cloudfront content-length 75442 x-amz-cf-id yzGTAu0RKVlr0QdmNnmJrA3uAs_JtFjUm2ZVTtSduv3BEi6VMmKK9w== date Wed, 27 Nov 2024 09:20:39 GMT content-type image/jpeg last-modified Tue, 12 Dec 2023 17:48:29 GMT server nginx x-amz-cf-pop JFK52-P7
GET		stamp.png static.showit.co/1200/VvalG2xZSquiONznaV0j2g/185374/	0 0
GET H2	206	cheers-creative_cabana.mp4 static.showit.co/file/ukTTq134QLeOqXMj6feJFg/185374/	2 MB 2 MB	792ms 791ms	Media video/mp4	3.168.122.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.showit.co/file/ukTTq134QLeOqXMj6feJFg/185374/cheers-creative_cabana.mp4 Requested by Host: offboarding.creativecabana.co URL: https://offboarding.creativecabana.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-124.jfk52.r.cloudfront.net Software nginx / Resource Hash 98890e5c036e3118d372d58e516caf0a6581f77080e24818588986a011db2594 Request headers Referer https://offboarding.creativecabana.co/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Range bytes=0- Response headers etag c7d990f1a72a3f0502957049d4b00558 Content-Range bytes 0-1675302/1675303 media-server node via 1.1 2719b1b5cd0af422e4658c2da505a4d6.cloudfront.net (CloudFront) expires Thu, 27 Nov 2025 09:20:39 GMT accept-ranges bytes access-control-allow-origin * x-cache Miss from cloudfront Content-Length 1675303 x-amz-cf-id Y1D1vUDuoPgVhm2ZZtUwh05lkPlzBYuykk-dehFXSE5hdq1eq9wg1g== date Wed, 27 Nov 2024 09:20:39 GMT content-type video/mp4 last-modified Fri, 26 Apr 2024 17:27:59 GMT server nginx x-amz-cf-pop JFK52-P7
GET H2	200	widget.css embed.typeform.com/next/css/	1 KB 941 B	165ms 143ms	Stylesheet text/css	2600:9000:23cb:ba00:2:c605:29c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.typeform.com/next/css/widget.css Requested by Host: embed.typeform.com URL: https://embed.typeform.com/next/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23cb:ba00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 592ddb631047ee126a5332be882be5653337fdb601d2be48b149208c189108e3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers content-encoding gzip etag W/"d0293719d2484cd26b5affd35d33c295" x-amz-version-id 8TMBLK406Sfz7_LeZBjto1KElpDJTiLy age 201 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id FAeRZRILOMfT7hLchji084zV-RhYVKBNWaVE2pEKsxU34fROhbjO8Q== date Wed, 27 Nov 2024 09:17:19 GMT content-type text/css vary accept-encoding last-modified Wed, 20 Nov 2024 13:57:57 GMT strict-transport-security max-age=63072000; includeSubDomains cache-control public, max-age=0, must-revalidate via 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	oUe1aT15 form.typeform.com/to/ Frame E062	0 0	1102ms 785ms	Document text/html	52.7.95.66 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://form.typeform.com/to/oUe1aT15?typeform-embed-id=819395617800962&typeform-embed=embed-widget&typeform-source=offboarding.creativecabana.co&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-handles-redirect=1&typeform-embed-no-heading=true Requested by Host: embed.typeform.com URL: https://embed.typeform.com/next/embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.7.95.66 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-7-95-66.compute-1.amazonaws.com Software istio-envoy / 12035279082-7.232.1 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://offboarding.creativecabana.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app access-control-allow-methods GET, OPTIONS, POST, PUT, PATCH, DELETE access-control-expose-headers Location, X-Request-Id age 0 cache-control private, no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy-report-only report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https: content-type text/html; charset=utf-8 date Wed, 27 Nov 2024 09:20:39 GMT pragma no-cache server istio-envoy strict-transport-security max-age=63072000; includeSubDomains traceparent 00-2450c4deac87b0fb54e4dbb8a836b6a0-be34f948f5219437-01 vary Accept-Encoding x-cache MISS x-cache-lookup HIT x-cache-lookup-internal MISS x-envoy-upstream-service-time 61 x-powered-by 12035279082-7.232.1 x-varnish 4755890
GET H2	200	favicon.ico offboarding.creativecabana.co/	198 B 312 B	132ms 131ms	Other application/octet-stream	75.101.134.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://offboarding.creativecabana.co/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-134-27.compute-1.amazonaws.com Software / Resource Hash 9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://offboarding.creativecabana.co/ Response headers accept-ranges bytes content-length 198 date Wed, 27 Nov 2024 09:20:43 GMT etag "66cf5499-c6" content-type text/plain last-modified Wed, 28 Aug 2024 16:47:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

static.showit.co

URL

https://static.showit.co/1200/VvalG2xZSquiONznaV0j2g/185374/stamp.png

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| device object| television function| Waypoint function| lazyload function| showit-lib object| showit function| initPage object| tf object| S5 string| waypointContextKey

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.loom.com/	1970-01-21 10:54:19	Name: loom_anon_comment Value: 3e7363a8df1a493aa76f41b63233f974
			.loom.com/	1970-01-21 10:54:19	Name: ajs_anonymous_id Value: %22a5164e70-9d8a-456e-9891-58ba950835a3%22
			.www.loom.com/	1969-12-31 23:59:59	Name: loom_referral_video Value: ce1682dad23442cebf0b904561849677
			.typeform.com/	1970-01-21 05:41:50	Name: tf_respondent_cc Value: {%22groups%22:[%222%22%2C%223%22%2C%224%22]%2C%22timestamp%22:%222024-11-27T09:20:43.337Z%22%2C%22implicitConsent%22:true}
			.typeform.com/	1970-01-21 10:03:55	Name: attribution_user_id Value: a8be2782-a076-4d0d-b927-11587ab33f8c
			form.typeform.com/	1970-01-21 01:28:24	Name: AWSALBTGCORS Value: O2RyxnRoPdmmyEws9nPqbL6PzPyVn8D2YFbQbuDliFjMS+QlCiMrXOyXo1b6LyheIPj545w8IIDCWgb/7SayHyebNY0kYg+E41vVleOzQ0XCJ8Vf3wqY2rn9q/0ME1LwFCEDqxF8XNWr40mVF2dH4d3yNXNGZ5Nn8VF9Y8WzO5jD

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://offboarding.creativecabana.co/(Line 1385) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://static.showit.co/file/5iNifBBGQrqpWNEetbuydg/185374/tayyamas-webfont.woff
intervention	info	URL: https://offboarding.creativecabana.co/(Line 1385) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://static.showit.co/file/R9VUwaeDRnWKopGPaibnmQ/185374/nl_tequilasunrise_sans-webfont.woff
intervention	info	URL: https://offboarding.creativecabana.co/(Line 1385) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://static.showit.co/file/2e1-xhEDQkW-xOD_lWYJSQ/185374/nl_tequilasunrise_inky1_slant-webfont.woff
intervention	info	URL: https://offboarding.creativecabana.co/(Line 1385) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.typeform.com
cdnjs.cloudflare.com
embed.typeform.com
fonts.googleapis.com
fonts.gstatic.com
form.typeform.com
lib.showit.co
offboarding.creativecabana.co
static.showit.co
www.loom.com
static.showit.co
104.17.25.14
142.251.41.3
18.173.132.14
18.215.50.157
2600:9000:23cb:ba00:2:c605:29c0:93a1
2600:9000:28b2:3e00:c:cfd4:a580:93a1
2607:f8b0:4006:817::200a
3.168.122.124
52.7.95.66
75.101.134.27
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
332e317cf108853aeae57c5fa494300945f104d1716bc407567051f98fa40741
3613216bbde6ebb7f3affed244a97964dfcd04c386266d26791fe34d2c63b564
3a32b8f68224d38b05ba99cfaca66a494a901dedfc45caae0fa91f1c5db4205c
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
518ae045ca853f2aca6f784da4d0884f575d62a17ad5037a5890fd1d0a4d3bb8
592ddb631047ee126a5332be882be5653337fdb601d2be48b149208c189108e3
5d4d607e4ce86a12869a49c8b804b9aec4c35c5e73428186ebdd643cc711ee1d
5db3370de1628bd7437f77c55d7a9478b5bc8ccb3d492f8becc31898fbf30668
62ba25c0922a230d0be88da82f2c36a97174015a52b21b456976c6ad3a730495
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
98890e5c036e3118d372d58e516caf0a6581f77080e24818588986a011db2594
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
9f21da85733a872e6ccb3df865baceb9eb0961ec2214f1385cdc4210cf16e6cc
a87a208aeea8a9a84f4772c9f61cde4a5e69443146376a359dfd38b4fb228443
b32ef3d653605e3278a8e50e853fdfe5893a998eb725623ec8cff40960686db4
e68f577919c668431ec37b0c816e2a409a1369ab29c9234c7346a187f25d1ea3
eafd935ee224c4fb13c75f3b125ff9bba3dbea3522231c2406af9410563b1058
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d