urlscan.io logo urlscan.io
SecurityTrails logo

secure.rec1.com Open in urlscan Pro
52.73.189.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rec1.com/
Effective URL: https://secure.rec1.com/account/login
Submission: On March 18 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 34 HTTP transactions. The main IP is 52.73.189.25, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure.rec1.com. The Cisco Umbrella rank of the primary domain is 132967.
TLS certificate: Issued by Amazon on July 2nd 2021. Valid for: a year.
This is the only time secure.rec1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 209.51.167.120 6939 (HURRICANE)
1 22 52.73.189.25 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.17.203.5 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.18.72.113 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
34 9
2    209.51.167.120 (Scarborough, United States)

ASN6939 (HURRICANE, US)
rec1.com
22    52.73.189.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-189-25.compute-1.amazonaws.com
secure.rec1.com
3    2607:f8b0:4006:80a::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    104.17.203.5 (None, )

ASN13335 (CLOUDFLARENET, US)
platform.civicplus.com
2    2607:f8b0:4006:808::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:80b::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 rec1.com
rec1.com — Cisco Umbrella Rank: 124361
secure.rec1.com — Cisco Umbrella Rank: 132967
816 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 243
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
84 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1964
26 KB
2 gstatic.com
fonts.gstatic.com
40 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
430 B
1 civicplus.com
platform.civicplus.com — Cisco Umbrella Rank: 335945
582 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 828
12 KB
34 9
Domain Requested by
22 secure.rec1.com 1 redirects secure.rec1.com
3 fonts.googleapis.com secure.rec1.com
2 ssl.google-analytics.com 1 redirects secure.rec1.com
2 connect.facebook.net secure.rec1.com
connect.facebook.net
2 static.zdassets.com secure.rec1.com
static.zdassets.com
2 fonts.gstatic.com fonts.googleapis.com
2 rec1.com 2 redirects
1 stats.g.doubleclick.net secure.rec1.com
1 platform.civicplus.com secure.rec1.com
1 use.fontawesome.com secure.rec1.com
34 10

This site contains links to these domains. Also see Links.

Domain
rec1.com
Subject Issuer Validity Valid
*.rec1.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.civicplus.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-08 -
2022-10-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-25 -
2022-03-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.rec1.com/account/login
Frame ID: 775BBA5DF0DB9FF2EC1B4EEC1E3974CC
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - CivicRecCivicPlusCivicPlusCivicEngageCivicEngageCivicHRCivicHRCivicReadyCivicReadyCivicRec LogoCivicRec LogoMessagesModules

Page URL History Show full URLs

  1. http://rec1.com/ HTTP 301
    https://rec1.com/ HTTP 301
    https://secure.rec1.com/ HTTP 302
    https://secure.rec1.com/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

34
Requests

97 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

999 kB
Transfer

3089 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rec1.com/ HTTP 301
    https://rec1.com/ HTTP 301
    https://secure.rec1.com/ HTTP 302
    https://secure.rec1.com/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1009469631&utmhn=secure.rec1.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Login%20-%20CivicRec&utmhid=296256961&utmr=-&utmp=%2Faccount%2Flogin&utmht=1647616863026&utmac=UA-18542373-1&utmcc=__utma%3D121432343.376662174.1647616863.1647616863.1647616863.1%3B%2B__utmz%3D121432343.1647616863.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1916014061&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18542373-1&cid=376662174.1647616863&jid=1916014061&_v=5.7.2&z=1009469631

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
secure.rec1.com/account/
Redirect Chain
  • http://rec1.com/
  • https://rec1.com/
  • https://secure.rec1.com/
  • https://secure.rec1.com/account/login
22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
931131f96b22bd13e77d17c347e620fbdf6efd0809067049e3742d5c330fdfa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-type
text/html; charset=UTF-8
content-length
5471
server
Apache/2.4.41 (Ubuntu)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://secure.rec1.com/account/login
server
Apache/2.4.41 (Ubuntu)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,600
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9bdfc045a978ddccb2326740ccdf355472a2d0c9a2d2e9762b4a97269a7feaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:35:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 15:20:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 15:20:59 GMT
css
fonts.googleapis.com/ 		664 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:45:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 15:20:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 15:20:59 GMT
css
fonts.googleapis.com/ 		1023 B
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c8175af60794268f79077d54820231d4f651b8afaaf933f3f904ff60daa2b5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:05:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 15:20:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 15:20:59 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22014813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1ZV1N42HQQTJXNF8
x-amz-id-2
5WXBSchwbgCO55YyNMZevLIP38TwNVhtvJay/H91TQoCGxTk4B/JYi/OIZdDjDUfo6nKGCfQqFs=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2gFfD5xBcwlqliB2H3iptWxabOKVo%2BdyS6uUz6mMbdTkkBvyhNrgXRe2CziwhhQWpnYn2Drp1%2F%2FdSpvBZSiT8Pyz0RuX6pyklWN6x6q57FFxSrrSn3WlMKLWOMupD1lrzZ8g5GHw%2Bjf%2BSp%2BEQivJ8%2FP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6edef49b5e974bd7-YUL
rec1-internalv2.min.css
secure.rec1.com/public/css/ 		376 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/css/rec1-internalv2.min.css?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7198ef4c34df7b0ef39ed4c92da3faf21ec9fa38d12a286924869ace9bb63dfd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
login.css
secure.rec1.com/public/css/account/ 		996 B
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/css/account/login.css?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6a7737c0c7d0a42e2774178224fb8fe1cfbf2765181a8c40ba43dded29110649

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
386
cpToolbarSystem.css
secure.rec1.com/public/css/ 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/css/cpToolbarSystem.css
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8dd5af50a7ab8083c16e48b32696e2e5dc093599a8bdd64d9ef57177c78216e6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
11251
civicrec-placeholder.png
secure.rec1.com/public/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.rec1.com/public/img/civicrec-placeholder.png
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
492e0aa15ff23b45bee302760f3e908ab2a7d52ea80d1f7230458fba6ba10051

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
3404
expires
Sun, 17 Apr 2022 15:20:59 GMT
civicrec-logo2.png
secure.rec1.com/public/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.rec1.com/public/img/civicrec-logo2.png
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
79ec253af0fd798a5432c9567221a07e0b56be132dbb82fe8bc101cfee7dfbeb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
14256
expires
Sun, 17 Apr 2022 15:20:59 GMT
jquery.min.js
secure.rec1.com/public/js/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/jquery/3.5.1/jquery.min.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
30908
jquery-migrate-3.0.0.min.js
secure.rec1.com/public/js/jquery/3.5.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/jquery/3.5.1/jquery-migrate-3.0.0.min.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
2714
jquery-ui.min.js
secure.rec1.com/public/js/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
51952cf0ac6998a90bc09eac1a2f4638f8fef8dc08e7ddffd7d6581603182d95

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
bootstrap.min.js
secure.rec1.com/public/css/bootstrap/3.3.1/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/css/bootstrap/3.3.1/js/bootstrap.min.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
9441
coretoolbar.js
secure.rec1.com/public/js/civicplus/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/civicplus/coretoolbar.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
28a1c63a8eba4eef1b7bd2b37ccd37e9b7433a399172d67102a9ecfa4ebd9d6f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
2102
tinymce.min.js
secure.rec1.com/tiny_mce_new/ 		281 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/tiny_mce_new/tinymce.min.js?1647542295
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dee2001deb21918c5dfb12bdbfdb7b8c363219b9e2c78aa1f98d383cc70466ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:15 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
base.js
secure.rec1.com/public/js/closure-library/closure/goog/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/closure-library/closure/goog/base.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f2fb5d6f52536345c99f9186332a84397888875f3e40e6daae750b6e2dd36469

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
23685
rec1.internal.v2.min.js
secure.rec1.com/public/js/build/ 		622 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/build/rec1.internal.v2.min.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d101d44d9486ab44a3b8316e62c2f9e497327adafda29b614d49dcfb4d3f447b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
rec1.zendesk.js
secure.rec1.com/public/js/zendesk/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/zendesk/rec1.zendesk.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7b1cf9014b5be5e3f7720fe0a8e65e4448540de0e121847ffcc49cad249d07da

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
1207
login.js
secure.rec1.com/public/js/account/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/account/login.js?1647542294
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d3311dcca59e6a95d35bc06aa8ffb037732635e279b0e64dfad8449ba2ccd97c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:20:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
1419
rec1_accept.mp3
secure.rec1.com/rec2_dependencies/audio/ 		15 KB
15 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/rec2_dependencies/audio/rec1_accept.mp3
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b2a57aba22b3c71038e7434b59f289f7497e64a3e40bfdf8332587f6f832b2d7

Request headers

Referer
https://secure.rec1.com/account/login
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-15377/15378
date
Fri, 18 Mar 2022 15:20:59 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
Content-Length
15378
content-type
audio/mpeg
rec1_deny.mp3
secure.rec1.com/rec2_dependencies/audio/ 		14 KB
14 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/rec2_dependencies/audio/rec1_deny.mp3
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7e649e07d8ea2c36df49815bdeea5548439e9946b49853c165d42ccf1e5676fe

Request headers

Referer
https://secure.rec1.com/account/login
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-14591/14592
date
Fri, 18 Mar 2022 15:20:59 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
Content-Length
14592
content-type
audio/mpeg
IconArrow--Down.svg
platform.civicplus.com/assets/Mystique/Shared/Images/ 		401 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.civicplus.com/assets/Mystique/Shared/Images/IconArrow--Down.svg
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/public/css/cpToolbarSystem.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
51b90e1b1bb9ab26774372f6ed47f5121dca3de36074b66a677a2d49fe7eb9b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 15:58:02 GMT
server
cloudflare
age
181
x-powered-by
ASP.NET
etag
W/"061cad5db8ad71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
6edef4b058a153dd-YYZ
flaticon.woff
secure.rec1.com/public/css/flaticon-v2/ 		237 KB
237 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/css/flaticon-v2/flaticon.woff?b7n3m8
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/public/css/rec1-internalv2.min.css?1647542294
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
47e4b3985153da428dc87ab693a27f70fc4db3510dae538f0a80837150d07b6f

Request headers

Referer
https://secure.rec1.com/public/css/rec1-internalv2.min.css?1647542294
Origin
https://secure.rec1.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:02 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
content-length
242352
content-type
font/woff
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.rec1.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:02 GMT
x-content-type-options
nosniff
age
157860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:02 GMT
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v26/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.rec1.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:40:22 GMT
x-content-type-options
nosniff
age
326440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16828
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Mar 2023 20:40:22 GMT
deps.js
secure.rec1.com/public/js/closure-library/closure/goog/ 		437 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rec1.com/public/js/closure-library/closure/goog/deps.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/public/js/closure-library/closure/goog/base.js?1647542294
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
81d3336f145c9c17f07159d6df3258fe7f2a61b786fab18078749427adb73ecf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-length
49374
snippet.js
static.zdassets.com/ekr/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=93633480-dde6-46ee-97f4-ade3d843d4e8
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/public/js/zendesk/rec1.zendesk.js?1647542294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:03 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
VTTQD67QR75Z88HT
x-amz-id-2
6axbUjbRF8rYx0nXLFrduTvgoFCWfoJy448N9k7j010u55YV4uh5JYVfDQYvkuQXdHfB5jZ00UE=
last-modified
Wed, 02 Mar 2022 22:42:26 GMT
server
cloudflare
etag
W/"b687c8c87e4bb1d316102239ec8bdb5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxX7qHcKj721TAnquHM%2BvwXv1eruu6OocJLC5QenNSI%2F8EAQ6UKwVKwWV2EBB2i%2Fwh6EtH3Cf7sUGhLhbp5UbRBRNNcuoYzwmY2m5zFcbr4RmSjN%2BN72mwQf46BhSitEtvGfDEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
_Dpi7A8IulKqwnfX5Ya9rojoN_2lK2xr
cf-ray
6edef4b1b94e3fdf-YYZ
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16c9820609f62ebb8ffb242feae1014ee95655283a70b92168ebd879a6f12eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XUbgi0wUr5uDJNtdGB5e9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
lwrJUDl34kK0xN9fc50QX/dnVfbC2/BXgjDAck8biJWRvCyz/NoBH4QcFXmTmcjRepfyaMs5BSqJQFO9UwXszQ==
x-fb-trip-id
1512268381
x-fb-content-md5
01269b1942e5b172eca21fe753fcfc10
x-frame-options
DENY
date
Fri, 18 Mar 2022 15:21:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d8194eb31d9364210b63b253851bdb29"
timing-allow-origin
*
expires
Fri, 18 Mar 2022 15:37:30 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3117
date
Fri, 18 Mar 2022 14:29:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 18 Mar 2022 16:29:05 GMT
ajax-loader-trans.gif
secure.rec1.com/rec2_dependencies/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.rec1.com/rec2_dependencies/img/ajax-loader-trans.gif
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.189.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-189-25.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:02 GMT
last-modified
Thu, 17 Mar 2022 18:38:14 GMT
server
Apache/2.4.41 (Ubuntu)
content-type
image/gif
cache-control
public
accept-ranges
bytes
content-length
1849
expires
Sun, 17 Apr 2022 15:21:02 GMT
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=fc9454d766aebc15aff4ecf36479c9b7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5415b7c6f3510bdcc435b0633035cf72de1f07af5b108dd079e99565062da012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.rec1.com/
Origin
https://secure.rec1.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1jEtCLdr9J3BptGSBWFBRQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84082
x-fb-rlafr
0
x-fb-debug
Dhd+Cec4x4J/6eJa85+4bbq2PWIQS0XCvUHDK+K2NAukeSX1XDkk6YcWoEixQoNRCqzxwV0PK0UuuP4KlRgUwQ==
x-fb-content-md5
956eef2e9ee7ea8e8db41e225e5ab2ed
x-frame-options
DENY
date
Fri, 18 Mar 2022 15:21:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"960343eb70b49270986afdea79acf5bb"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Mar 2023 14:12:51 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1009469631&utmhn=secure.rec1.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Logi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18542373-1&cid=376662174.1647616863&jid=1916014061&_v=5.7.2&z=1009469631
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18542373-1&cid=376662174.1647616863&jid=1916014061&_v=5.7.2&z=1009469631
Requested by
Host: secure.rec1.com
URL: https://secure.rec1.com/account/login
Protocol
H2
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Mar 2022 15:21:03 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 15:21:03 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18542373-1&cid=376662174.1647616863&jid=1916014061&_v=5.7.2&z=1009469631
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~rollbar.noconflict.umd.min.js
static.zdassets.com/ekr/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/vendors~rollbar.noconflict.umd.min.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=93633480-dde6-46ee-97f4-ade3d843d4e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca27c0d62e5e64716f014b44aaaba33ff2b327a0b6a8457804b252c7285bb75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.rec1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 15:21:03 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
982
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4TMG619QYQJS346B
x-amz-id-2
xyJaMKJzs0PYeUBEvRFg1Z7y+arx3TKV3EeqMWE1rqxPx/VnHhZctDzWTRH+k0k8/4Sis1KXGt8=
last-modified
Wed, 02 Mar 2022 22:42:27 GMT
server
cloudflare
etag
W/"1e04aeb2e619173b7e00df85518bd2d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVFHKpprVO1Wr5wGOkFqJmXVpcMMiDcid%2Fnu8d65%2BJrs4ljxGP7c9j5Up9bXtP0EMLCSpRV9QuHTyrmlp9ZHMowq%2F%2Bm3E4Z%2FymZJj9RN0eU55R63GYA%2ByGkF3oHksKSWrXdBfHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
S64DNrWjRNyk1ZdxJ.kcPNqAzOJ2Z1Sm
cf-ray
6edef4b219eb3fdf-YYZ

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| rec1User string| pageSelector number| layoutVersion boolean| rec1SessionTimer boolean| enableScannerAutoDetect boolean| m2sysFingerveinEnabled boolean| enableZenDesk number| scannerStartSentinel number| scannerEndSentinel boolean| isPublicPage object| CivicPlus number| mce-data-1fuepsai8 object| tinyMCE object| tinymce boolean| COMPILED object| goog object| sessionTimer object| layout object| legacyInterop object| CivicRec function| moment function| daterangepicker object| zdassetsScript object| zESettings object| _gaq object| FB object| _gat object| gaGlobal object| zEWebpackACJsonp function| zE function| zEmbed number| _rollbarStartTime

6 Cookies

Domain/Path Name / Value
secure.rec1.com/ Name: PHPSESSID
Value: 6kju0ggfc900b634346upint1b
.rec1.com/ Name: __utma
Value: 121432343.376662174.1647616863.1647616863.1647616863.1
.rec1.com/ Name: __utmc
Value: 121432343
.rec1.com/ Name: __utmz
Value: 121432343.1647616863.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.rec1.com/ Name: __utmt
Value: 1
.rec1.com/ Name: __utmb
Value: 121432343.1.10.1647616863

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
platform.civicplus.com
rec1.com
secure.rec1.com
ssl.google-analytics.com
static.zdassets.com
stats.g.doubleclick.net
use.fontawesome.com
104.17.203.5
104.18.72.113
209.51.167.120
2606:4700:3032::ac43:a9f7
2607:f8b0:4004:c06::9b
2607:f8b0:4006:808::2003
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2008
2a03:2880:f012:8:face:b00c:0:1
52.73.189.25
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16c9820609f62ebb8ffb242feae1014ee95655283a70b92168ebd879a6f12eec
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
28a1c63a8eba4eef1b7bd2b37ccd37e9b7433a399172d67102a9ecfa4ebd9d6f
2ca27c0d62e5e64716f014b44aaaba33ff2b327a0b6a8457804b252c7285bb75
47e4b3985153da428dc87ab693a27f70fc4db3510dae538f0a80837150d07b6f
492e0aa15ff23b45bee302760f3e908ab2a7d52ea80d1f7230458fba6ba10051
51952cf0ac6998a90bc09eac1a2f4638f8fef8dc08e7ddffd7d6581603182d95
51b90e1b1bb9ab26774372f6ed47f5121dca3de36074b66a677a2d49fe7eb9b4
5415b7c6f3510bdcc435b0633035cf72de1f07af5b108dd079e99565062da012
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6a7737c0c7d0a42e2774178224fb8fe1cfbf2765181a8c40ba43dded29110649
7198ef4c34df7b0ef39ed4c92da3faf21ec9fa38d12a286924869ace9bb63dfd
79ec253af0fd798a5432c9567221a07e0b56be132dbb82fe8bc101cfee7dfbeb
7b1cf9014b5be5e3f7720fe0a8e65e4448540de0e121847ffcc49cad249d07da
7e649e07d8ea2c36df49815bdeea5548439e9946b49853c165d42ccf1e5676fe
81d3336f145c9c17f07159d6df3258fe7f2a61b786fab18078749427adb73ecf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dd5af50a7ab8083c16e48b32696e2e5dc093599a8bdd64d9ef57177c78216e6
8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
931131f96b22bd13e77d17c347e620fbdf6efd0809067049e3742d5c330fdfa5
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
b2a57aba22b3c71038e7434b59f289f7497e64a3e40bfdf8332587f6f832b2d7
c8175af60794268f79077d54820231d4f651b8afaaf933f3f904ff60daa2b5dc
c9bdfc045a978ddccb2326740ccdf355472a2d0c9a2d2e9762b4a97269a7feaa
d101d44d9486ab44a3b8316e62c2f9e497327adafda29b614d49dcfb4d3f447b
d3311dcca59e6a95d35bc06aa8ffb037732635e279b0e64dfad8449ba2ccd97c
dee2001deb21918c5dfb12bdbfdb7b8c363219b9e2c78aa1f98d383cc70466ee
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f2fb5d6f52536345c99f9186332a84397888875f3e40e6daae750b6e2dd36469
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0