www.aatravellersupport.co.nz Open in urlscan Pro
13.225.103.23  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.aatravellersupport.co.nz/	5 KB 2 KB	1427ms 842ms	Document text/html	13.225.103.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.aatravellersupport.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-23.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash 0c1f8511fff6eadfd10aeb2e97fdc06f4f78628192bd5206c6f5b35cb5a24ff1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers content-encoding br content-type text/html date Thu, 23 Feb 2023 17:22:59 GMT etag W/"179da4a9fe30546b51a80032adc3c8f5" last-modified Wed, 04 May 2022 21:33:07 GMT server AmazonS3 vary Accept-Encoding via 1.1 cc33dd399933320d02d25f9284895f9a.cloudfront.net (CloudFront) x-amz-cf-id l4sv19DF8iUea9JtGLK93MUuYQehsRaMRY8SYNSkbjWsZqCr4eoq_A== x-amz-cf-pop HKG60-C1 x-cache Miss from cloudfront
GET H2	200	logo.svg www.aatravellersupport.co.nz/	4 KB 2 KB	939ms 939ms	Image image/svg+xml	13.225.103.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.aatravellersupport.co.nz/logo.svg Requested by Host: www.aatravellersupport.co.nz URL: https://www.aatravellersupport.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-23.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash 9f314cf624b44f8d6c6e45055ac7b89e367ac28d85401b5fd6f071de6229502e Request headers accept-language en-NZ,en;q=0.9 Referer https://www.aatravellersupport.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:00 GMT content-encoding br via 1.1 cc33dd399933320d02d25f9284895f9a.cloudfront.net (CloudFront) last-modified Mon, 02 May 2022 06:34:56 GMT server AmazonS3 x-amz-cf-pop HKG60-C1 etag W/"557cef8adc20c2db2b9b9a92b1dc098b" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id HsTAylyO7XqPCDOrTJLaBZh8DIXC8l8BmxO2_YHu2JZTBdDc_Mt2cQ==
GET		221228029670048 idcare.jotform.com/ Frame 9995	0 0
GET H/1.1	200 OK	221228029670048 Show response idcare.jotform.com/ Frame 9995	129 KB 20 KB	1364ms 1068ms	Document text/html	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Requested by Host: www.aatravellersupport.co.nz URL: https://www.aatravellersupport.co.nz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash b49eeb0f3066a6324ff7c99d21b36eea7dd6ea152d14e760dea9a84cef0093e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://www.aatravellersupport.co.nz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers Cache-Control no-cache Connection close Content-Encoding gzip Content-Security-Policy-Report-Only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php Content-Type text/html; charset=UTF-8 Date Thu, 23 Feb 2023 17:22:59 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Global-Router true Last-Modified Thu, 23 Feb 2023 17:22:58 GMT P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server nginx Strict-Transport-Security max-age=31536000; Transfer-Encoding chunked Vary Accept-Encoding X-Form-Cache MISS-APP
GET H2	200	banner.png www.aatravellersupport.co.nz/	466 KB 467 KB	1017ms 1016ms	Image image/png	13.225.103.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.aatravellersupport.co.nz/banner.png Requested by Host: www.aatravellersupport.co.nz URL: https://www.aatravellersupport.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-23.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash f458171b75594b058fcef7420b7a5c393a4c869b8dc7dc49330528ee7e34898f Request headers accept-language en-NZ,en;q=0.9 Referer https://www.aatravellersupport.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:00 GMT via 1.1 cc33dd399933320d02d25f9284895f9a.cloudfront.net (CloudFront) last-modified Mon, 02 May 2022 06:34:56 GMT server AmazonS3 x-amz-cf-pop HKG60-C1 etag "3e18a737f5897d659334dc0adc7fdeeb" x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 476835 x-amz-cf-id AJyIp_xGnX03TPS_aMJzjIyBNTA5rfSS5NWsCpViNNTZ1knSjPjKNg==
GET H/1.1	200 OK	5e6b428acc8c4e222d1beb91.css idcare.jotform.com/themes/CSS/ Frame 9995	353 KB 50 KB	300ms 300ms	Stylesheet text/css	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/themes/CSS/5e6b428acc8c4e222d1beb91.css? Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash 171468dd6c5d5d866c11d383786aca4ae33939103b3035d095f4049c43a0c786 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Feb 2023 17:22:59 GMT Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Thu, 23 Feb 2023 17:22:59 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type text/css;charset=UTF-8 Cache-Control no-cache Content-Security-Policy-Report-Only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php Connection close X-Form-Cache MISS-APP Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	payment_styles.css idcare.jotform.com/css/styles/payment/ Frame 9995	67 KB 11 KB	434ms 146ms	Stylesheet text/css	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/css/styles/payment/payment_styles.css?3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash b2c9c162d042e02cf2f50070f864f2fb6b5520774a3d9e4713baf4c964b1e53f Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Wed, 25 Jan 2023 11:18:06 GMT Server nginx ETag W/"63d10fee-10b7e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	payment_feature.css idcare.jotform.com/css/styles/payment/ Frame 9995	21 KB 4 KB	433ms 143ms	Stylesheet text/css	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/css/styles/payment/payment_feature.css?3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Thu, 15 Dec 2022 08:00:58 GMT Server nginx ETag W/"639ad43a-55e7" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	prototype.forms.js Show response idcare.jotform.com/static/ Frame 9995	126 KB 33 KB	579ms 289ms	Script application/x-javascript	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/static/prototype.forms.js?3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Thu, 15 Dec 2022 08:01:06 GMT Server nginx ETag W/"639ad442-1f932" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	jotform.forms.js Show response idcare.jotform.com/static/ Frame 9995	551 KB 145 KB	585ms 296ms	Script application/x-javascript	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/static/jotform.forms.js?3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash ca6e5d6ef836b110c73dc17a8d5e1b3adc9b9bb20d64560927e89f7510a01700 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Thu, 23 Feb 2023 08:04:18 GMT Server nginx ETag W/"63f71e02-89de2" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	postMessage.js Show response js.jotform.com/vendor/ Frame 9995	6 KB 2 KB	591ms 343ms	Script application/x-javascript	104.23.134.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.jotform.com/vendor/postMessage.js?3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers expires Thu, 31 Dec 2037 23:55:55 GMT date Thu, 23 Feb 2023 17:23:00 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC last-modified Wed, 02 Feb 2022 10:51:54 GMT server cloudflare etag W/"61fa624a-16bd" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000, public cf-ray 79e1a5961df51c4d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-static 1
GET H2	200	WidgetsServer.js Show response js.jotform.com/ Frame 9995	31 KB 10 KB	658ms 410ms	Script application/x-javascript	104.23.134.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.jotform.com/WidgetsServer.js?v=1677172979525 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd2afef7b5f058e3840be2e536f575ab3c8bc2f41c930d29d021b14d71ca1630 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers expires Thu, 31 Dec 2037 23:55:55 GMT date Thu, 23 Feb 2023 17:23:00 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC last-modified Wed, 23 Nov 2022 15:13:49 GMT server cloudflare etag W/"637e38ad-7a31" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000, public cf-ray 79e1a5961df91c4d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-static 1
GET H2	200	scripts.js Show response widgets.jotform.io/googleanalytics/ Frame 9995	194 B 644 B	584ms 336ms	Script application/x-javascript	104.26.4.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.jotform.io/googleanalytics/scripts.js Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers expires Thu, 31 Dec 2037 23:55:55 GMT date Thu, 23 Feb 2023 17:23:00 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC last-modified Fri, 25 Nov 2022 08:26:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63807c25-c2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXS%2BlbGi4is7KkwzyTykgK01imavyI%2FFo03NomD4Yb%2BvkLLONHGwoLNCtzVFPQ5yorDeXGLn%2F8z5h78UTPwyQbunmnLaupqpQC1FnRBoYlNXdbZdUE1ebUlXPmqr2DNMjXxngg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=315360000, public cf-ray 79e1a5960861ee92-AKL x-static 1
GET H2	200	api.js Show response www.google.com/recaptcha/ Frame 9995	917 B 900 B	715ms 240ms	Script text/javascript	172.253.118.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit&onload=recaptchaLoadedinput_4 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f104.1e100.net Software GSE / Resource Hash 7c214a0a52af8eafe29dcd40c5dd15a436208facef66174f4da3fda0d0e6cbc2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 580 x-xss-protection 1; mode=block expires Thu, 23 Feb 2023 17:23:00 GMT
GET H/1.1	200 OK	smoothscroll.min.js Show response idcare.jotform.com/js/vendor/ Frame 9995	5 KB 2 KB	432ms 144ms	Script application/x-javascript	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/js/vendor/smoothscroll.min.js?v=3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash 49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Thu, 15 Dec 2022 08:01:01 GMT Server nginx ETag W/"639ad43d-13c0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	errorNavigation.js Show response idcare.jotform.com/js/ Frame 9995	6 KB 2 KB	867ms 147ms	Script application/x-javascript	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://idcare.jotform.com/js/errorNavigation.js?v=3.3.39613 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash 22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:00 GMT Content-Encoding gzip Last-Modified Thu, 15 Dec 2022 08:00:58 GMT Server nginx ETag W/"639ad43a-16c2" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-cache, no-store, no-cache, must-revalidate, max-age=0 Connection close Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 9995	49 KB 20 KB	707ms 234ms	Script text/javascript	142.251.12.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f138.1e100.net Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 23 Feb 2023 15:41:51 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 6070 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Thu, 23 Feb 2023 17:41:51 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 9995	405 KB 162 KB	706ms 235ms	Script text/javascript	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=recaptchaLoadedinput_4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://idcare.jotform.com/ Origin https://idcare.jotform.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 20 Feb 2023 21:00:00 GMT content-encoding gzip x-content-type-options nosniff age 246181 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 164853 x-xss-protection 0 last-modified Mon, 13 Feb 2023 05:01:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 20 Feb 2024 21:00:00 GMT
GET H2	200	Inter-SemiBold.woff2 cdn.jotfor.ms/fonts/inter/fonts/ Frame 9995	109 KB 108 KB	734ms 487ms	Font text/html	172.67.7.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/themes/CSS/5e6b428acc8c4e222d1beb91.css? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.7.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50541f133b1c01d8d8eada674b7243eb4996cd9df559f7e47e9abf0a98f7d03e Request headers Referer https://idcare.jotform.com/ Origin https://idcare.jotform.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:01 GMT via 1.1 google content-encoding gzip cf-cache-status MISS last-modified Fri, 09 Dec 2022 09:42:55 GMT server cloudflare vary Accept-Encoding content-type text/html access-control-allow-origin * cache-control public, max-age=315360000 cf-ray 79e1a59bdb841c5c-AKL expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Inter-Bold.woff2 cdn.jotfor.ms/fonts/inter/fonts/ Frame 9995	109 KB 109 KB	588ms 341ms	Font text/html	172.67.7.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff2 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/themes/CSS/5e6b428acc8c4e222d1beb91.css? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.7.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e200501ecfcf50a000092f9e08ee86aece49825d86d7fae3cbe9cbada96b9da5 Request headers Referer https://idcare.jotform.com/ Origin https://idcare.jotform.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:01 GMT via 1.1 google content-encoding gzip cf-cache-status MISS last-modified Fri, 09 Dec 2022 09:42:55 GMT server cloudflare vary Accept-Encoding content-type text/html access-control-allow-origin * cache-control public, max-age=315360000 cf-ray 79e1a59bdb861c5c-AKL expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Inter-Regular.woff2 cdn.jotfor.ms/fonts/inter/fonts/ Frame 9995	101 KB 100 KB	620ms 373ms	Font text/html	172.67.7.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2 Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/themes/CSS/5e6b428acc8c4e222d1beb91.css? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.7.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a338fee285b3fc2499b7d0c35717b08f0a99f1052094b3789cf1de46bf8c6f Request headers Referer https://idcare.jotform.com/ Origin https://idcare.jotform.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 17:23:01 GMT via 1.1 google content-encoding gzip cf-cache-status MISS last-modified Fri, 09 Dec 2022 09:42:55 GMT server cloudflare vary Accept-Encoding content-type text/html access-control-allow-origin * cache-control public, max-age=315360000 cf-ray 79e1a59bdb871c5c-AKL expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	/ Show response prepopulator.jotform.io/ Frame 4A8F	718 B 944 B	1046ms 319ms	Document text/html	35.202.31.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.202.31.6 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 6.31.202.35.bc.googleusercontent.com Software nginx / Resource Hash 30fa27e11e1de5780088db6250098442cff4a2e3c808dab98ca4f5643088054a Request headers Referer https://idcare.jotform.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers Accept-Ranges bytes Connection close Content-Length 718 Content-Type text/html Date Thu, 23 Feb 2023 17:23:01 GMT ETag "6380631e-2ce" Last-Modified Fri, 25 Nov 2022 06:39:26 GMT Server nginx
GET H/1.1	204 No Content	/ idcare.jotform.com/events/form/221228029670048/ Frame 9995	0 245 B	434ms 147ms	Image text/html	35.189.15.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idcare.jotform.com/events/form/221228029670048/?ref=https%253A%252F%252Fwww.aatravellersupport.co.nz%252F&res=1600x1200&eventID=1677172981061_221228029670048_c33tb0T&loc=undefined Requested by Host: idcare.jotform.com URL: https://idcare.jotform.com/221228029670048?isIframeEmbed=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.189.15.155 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS 155.15.189.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://idcare.jotform.com/221228029670048?isIframeEmbed=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Feb 2023 17:23:02 GMT Server nginx Content-Type text/html; charset=UTF-8 Cache-Control no-cache Connection close X-Form-Cache MISS-APP Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	styles.min.css prepopulator.jotform.io/min/ Frame 4A8F	577 B 802 B	321ms 321ms	Stylesheet text/css	35.202.31.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prepopulator.jotform.io/min/styles.min.css?v=dde60af682afaac5ee01d412e9426c75 Requested by Host: prepopulator.jotform.io URL: https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.202.31.6 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 6.31.202.35.bc.googleusercontent.com Software nginx / Resource Hash 9fd749fc3986d608096a7ef4739be0df4ffcb0fcc195e15e8b3b0179fcdcdc08 Request headers accept-language en-NZ,en;q=0.9 Referer https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:02 GMT Last-Modified Tue, 07 Dec 2021 12:05:54 GMT Server nginx ETag "61af4e22-241" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 577
GET H2	200	JotFormCustomWidget.min.js Show response js.jotform.com/ Frame 4A8F	53 KB 20 KB	343ms 342ms	Script application/x-javascript	104.23.134.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.jotform.com/JotFormCustomWidget.min.js Requested by Host: prepopulator.jotform.io URL: https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6f44be07ad4d8f9b2515d51d6030ff12d6d7aa5232b19273c39041f0f377340 Request headers accept-language en-NZ,en;q=0.9 Referer https://prepopulator.jotform.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers expires Thu, 31 Dec 2037 23:55:55 GMT date Thu, 23 Feb 2023 17:23:02 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC last-modified Wed, 23 Nov 2022 15:13:48 GMT server cloudflare etag W/"637e38ac-d20f" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000, public cf-ray 79e1a5a0ff931c4d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-static 1
GET H/1.1	200 OK	scripts.min.js Show response prepopulator.jotform.io/min/ Frame 4A8F	6 KB 2 KB	958ms 319ms	Script application/x-javascript	35.202.31.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prepopulator.jotform.io/min/scripts.min.js?v=dde60af682afaac5ee01d412e9426c75 Requested by Host: prepopulator.jotform.io URL: https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.202.31.6 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 6.31.202.35.bc.googleusercontent.com Software nginx / Resource Hash 37a2c3ef85f2703887370419e4e82db57b150dce0a78cd9f54ee98bb525f0be8 Request headers accept-language en-NZ,en;q=0.9 Referer https://prepopulator.jotform.io/?qid=38&ref=https%3A%2F%2Fidcare.jotform.com&injectCSS=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Thu, 23 Feb 2023 17:23:02 GMT Content-Encoding gzip Last-Modified Fri, 25 Nov 2022 06:39:26 GMT Server nginx ETag W/"6380631e-1670" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Connection close
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 0271	43 KB 23 KB	265ms 264ms	Document text/html	172.253.118.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG3CgUAAAAAGOEEqiYhmrAm6mt3BDRhTrxWCKb&co=aHR0cHM6Ly9pZGNhcmUuam90Zm9ybS5jb206NDQz&hl=en&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&badge=inline&cb=l8d9p0j6o2fm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f104.1e100.net Software GSE / Resource Hash b618cbd1b7189b54bfe1f335da32de822500309426987a285a4ebede4b24073e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MEcB5pfzgS44FLXf-N9SWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://idcare.jotform.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23229 content-security-policy script-src 'report-sample' 'nonce-MEcB5pfzgS44FLXf-N9SWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 23 Feb 2023 17:23:02 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET		styles__ltr.css www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 0271	0 0
GET		recaptcha__en.js www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 0271	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

idcare.jotform.com

URL

https://idcare.jotform.com/221228029670048

Domain

www.gstatic.com

URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Domain

www.gstatic.com

URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| ifr string| src object| iframeParams function| handleIFrameMessage function| isPermitted object| iframe

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jotfor.ms
idcare.jotform.com
js.jotform.com
prepopulator.jotform.io
widgets.jotform.io
www.aatravellersupport.co.nz
www.google-analytics.com
www.google.com
www.gstatic.com
idcare.jotform.com
www.gstatic.com
104.23.134.11
104.26.4.225
13.225.103.23
142.250.4.94
142.251.12.138
172.253.118.104
172.67.7.107
35.189.15.155
35.202.31.6
0c1f8511fff6eadfd10aeb2e97fdc06f4f78628192bd5206c6f5b35cb5a24ff1
0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f
171468dd6c5d5d866c11d383786aca4ae33939103b3035d095f4049c43a0c786
22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd
30fa27e11e1de5780088db6250098442cff4a2e3c808dab98ca4f5643088054a
37a2c3ef85f2703887370419e4e82db57b150dce0a78cd9f54ee98bb525f0be8
49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a
50541f133b1c01d8d8eada674b7243eb4996cd9df559f7e47e9abf0a98f7d03e
56a338fee285b3fc2499b7d0c35717b08f0a99f1052094b3789cf1de46bf8c6f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
7c214a0a52af8eafe29dcd40c5dd15a436208facef66174f4da3fda0d0e6cbc2
9f314cf624b44f8d6c6e45055ac7b89e367ac28d85401b5fd6f071de6229502e
9fd749fc3986d608096a7ef4739be0df4ffcb0fcc195e15e8b3b0179fcdcdc08
a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1
b2c9c162d042e02cf2f50070f864f2fb6b5520774a3d9e4713baf4c964b1e53f
b49eeb0f3066a6324ff7c99d21b36eea7dd6ea152d14e760dea9a84cef0093e3
b618cbd1b7189b54bfe1f335da32de822500309426987a285a4ebede4b24073e
b6f44be07ad4d8f9b2515d51d6030ff12d6d7aa5232b19273c39041f0f377340
bd2afef7b5f058e3840be2e536f575ab3c8bc2f41c930d29d021b14d71ca1630
ca6e5d6ef836b110c73dc17a8d5e1b3adc9b9bb20d64560927e89f7510a01700
e200501ecfcf50a000092f9e08ee86aece49825d86d7fae3cbe9cbada96b9da5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f458171b75594b058fcef7420b7a5c393a4c869b8dc7dc49330528ee7e34898f