urlscan.io logo urlscan.io
SecurityTrails logo

bridgetower.dragonforms.com Open in urlscan Pro
204.180.130.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1
Effective URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Submission Tags: falconsandbox
Submission: On January 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 204.180.130.190, located in United States and belongs to QTS-AS, US. The main domain is bridgetower.dragonforms.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 16th 2021. Valid for: a year.
This is the only time bridgetower.dragonforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 207.189.124.61 13649 (ASN-VINS)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 12.181.79.181 7018 (ATT-INTER...)
1 10 204.180.130.190 53866 (QTS-AS)
9 205.162.42.5 53866 (QTS-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.196.180.252 14618 (AMAZON-AES)
30 5
1    207.189.124.61 (United States)

ASN13649 (ASN-VINS, US)
PTR: forpci61.actonsoftware.com
hfd.bridgetowermedia.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    12.181.79.181 (Los Angeles, United States)

ASN7018 (ATT-INTERNET4, US)
www.pubservice.com
10    204.180.130.190 (United States)

ASN53866 (QTS-AS, US)
bridgetower.dragonforms.com
9    205.162.42.5 (United States)

ASN53866 (QTS-AS, US)
PTR: cdn.omeda.com
cdn.omeda.com
hostedcontent.dragonforms.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
10    2606:4700::6812:69 (United States)

ASN13335 (CLOUDFLARENET, US)
cc.hostedpci.com
ccifrm05.hostedpci.com
1    34.196.180.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-180-252.compute-1.amazonaws.com
tlschk1.hostedpci.com
Apex Domain
Subdomains		 Transfer
17 dragonforms.com
bridgetower.dragonforms.com
hostedcontent.dragonforms.com — Cisco Umbrella Rank: 88834
363 KB
11 hostedpci.com
cc.hostedpci.com — Cisco Umbrella Rank: 482318
ccifrm05.hostedpci.com
tlschk1.hostedpci.com — Cisco Umbrella Rank: 351785
97 KB
2 omeda.com
cdn.omeda.com — Cisco Umbrella Rank: 47954
63 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
29 KB
1 pubservice.com
www.pubservice.com — Cisco Umbrella Rank: 106058
574 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4192
376 B
1 bridgetowermedia.com
hfd.bridgetowermedia.com — Cisco Umbrella Rank: 467615
458 B
30 7
Domain Requested by
10 bridgetower.dragonforms.com 1 redirects bridgetower.dragonforms.com
cc.hostedpci.com
7 ccifrm05.hostedpci.com bridgetower.dragonforms.com
ccifrm05.hostedpci.com
7 hostedcontent.dragonforms.com bridgetower.dragonforms.com
3 cc.hostedpci.com bridgetower.dragonforms.com
2 cdn.omeda.com bridgetower.dragonforms.com
1 tlschk1.hostedpci.com ccifrm05.hostedpci.com
1 code.jquery.com bridgetower.dragonforms.com
1 www.pubservice.com 1 redirects
1 bit.ly 1 redirects
1 hfd.bridgetowermedia.com 1 redirects
30 10

This site contains no links.

Subject Issuer Validity Valid
*.omeda.com
SSL.com RSA SSL subCA		 2021-07-16 -
2022-07-21		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-06 -
2022-06-05		 a year crt.sh
*.hostedpci.com
Amazon		 2021-12-20 -
2023-01-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Frame ID: 54394E001E5A5E283E2102EEC055EA4A
Requests: 22 HTTP requests in this frame

Frame: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Frame ID: 0FE2AE839E3FB5B42B102DC4C532FB3E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABTo... HTTP 302
    http://bit.ly/2nY80EQ HTTP 301
    https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
    https://bridgetower.dragonforms.com/furniture_new HTTP 302
    https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new Page URL
  2. https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

5
IPs

2
Countries

552 kB
Transfer

854 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1 HTTP 302
    http://bit.ly/2nY80EQ HTTP 301
    https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
    https://bridgetower.dragonforms.com/furniture_new HTTP 302
    https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new Page URL
  2. https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1 HTTP 302
  • http://bit.ly/2nY80EQ HTTP 301
  • https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
  • https://bridgetower.dragonforms.com/furniture_new HTTP 302
  • https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
init.do
bridgetower.dragonforms.com/
Redirect Chain
  • https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1
  • http://bit.ly/2nY80EQ
  • https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB
  • https://bridgetower.dragonforms.com/furniture_new
  • https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new
274 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
028a86cc196b34f4577fa74cf6b1fbe3c693e586f17846257ff152aed83e3482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 29 Jan 2022 02:48:40 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Location
init.do?omedasite=furniture_new
Content-Length
0
Date
Sat, 29 Jan 2022 02:48:40 GMT
Server
Apache
spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.omeda.com/hosted/images/dragon/generic/spinner.gif
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:41 CET
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 22:45:02 CEST
Server
Apache
ETag
W/"8851-1476132302920"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Primary Request loading.do
bridgetower.dragonforms.com/ 		53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
9474e0583e03f38e9ebfcf99b5f3ecb25dfd3c4ff7524e4a94fc78d82f82ddfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new

Response headers

X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 29 Jan 2022 02:48:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
site_10b_10b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/10/ 		22 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/10/site_10b_10b.css
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
4b8a7c1c8087acf34a95ad9ab66134cbb95b90b43fdc7219bddcb51653db0159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Aug 2021 14:25:45 CEST
Server
Apache
ETag
W/"22909-1628252745937"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://bridgetower.dragonforms.com/
Origin
https://bridgetower.dragonforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 02:48:43 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1643424523.dop016.am5.t,1643424523.cds300.am5.hn,1643424523.cds147.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
conditional.js
bridgetower.dragonforms.com/js/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/js/conditional.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
d7993cf613408050b47ca5417eac7f90986d57213211a6b27f7579894e306389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Sep 2021 16:11:38 GMT
Server
Apache
ETag
W/"31881-1630685498000"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
dragonCampaign.js
bridgetower.dragonforms.com/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/js/dragonCampaign.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
0dbc0190864fe5c6e0bd63e7b5233f94265ee535dc3c3e2031f27a251bbb2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Aug 2021 17:56:04 GMT
Server
Apache
ETag
W/"13235-1630346164000"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
generic.css
bridgetower.dragonforms.com/style/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/style/generic.css
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Jun 2021 15:35:48 GMT
Server
Apache
ETag
W/"2478-1623339348000"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
111.css
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12454/111.css
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
9c256bb1c6e4bf01dff589c538d4e444e11ec05c600aa7a410c2880bc11289ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Nov 2021 16:40:57 CET
Server
Apache
ETag
W/"7325-1636558857003"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
344.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/ 		27 B
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/344.css
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
6f68768bc609d80bc9feb0ddbb4f73edd7240a25daf5df21c6b9fa5cc0879d6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Oct 2020 05:31:55 CEST
Server
Apache
ETag
W/"27-1603337515179"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
398.css
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ 		420 B
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12454/398.css
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
0ae967b9232b6c9201619c55ab09ff3906db8cf559ff0ac09cf4e22f8debd84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 18:10:50 CET
Server
Apache
ETag
W/"420-1635786650060"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
87.js
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12454/87.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
39a61a20716aae99d3b73afeef251bba8ee6d5c2bc81996c7c08e852646211a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Apr 2021 00:55:42 CEST
Server
Apache
ETag
W/"5750-1618872942708"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
393.js
hostedcontent.dragonforms.com/hosted/images/dragon/generic/ 		187 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/393.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
4260e2eb41909a12050f076987d2f15723d475be5b5a8a00b2191ab39727295b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Wed, 08 Sep 2021 21:27:56 CEST
Server
Apache
ETag
W/"187-1631129276997"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
jquery-2.1.3.min.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery-2.1.3.min.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:43 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Sun, 06 Jun 2021 21:25:15 GMT
Server
cloudflare
ETag
"14960-5c41f8f95d08c-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24a6da485c7a-FRA
Content-Length
29524
Expires
Sat, 29 Jan 2022 03:18:43 GMT
jquery.ba-postmessage.2.0.0.min.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ 		1023 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery.ba-postmessage.2.0.0.min.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7eff464c8ab247defc5d202ac39c0a13505d10ba28ced477d0722671fd0a01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:43 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Sun, 06 Jun 2021 21:25:15 GMT
Server
cloudflare
ETag
"3ff-5c41f8f95e02c-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24a6dee4924d-FRA
Content-Length
635
Expires
Sat, 29 Jan 2022 03:18:43 GMT
hpci-cciframe-1.0.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ 		38 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.hostedpci.com/WBSStatic/site60/proxy/js/hpci-cciframe-1.0.js
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3efb4d76272bc005d34a9ada025fb31532b7d32cb6fee46bbab32d08ed45144

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:43 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Tue, 03 Aug 2021 19:57:31 GMT
Server
cloudflare
ETag
"989e-5c8ad18a14ff1-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24a6d8069128-FRA
Content-Length
4360
Expires
Sat, 29 Jan 2022 03:18:43 GMT
88.png
cdn.omeda.com/hosted/images/dragon/12454/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.omeda.com/hosted/images/dragon/12454/88.png
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
b0f1ae631ab07ea523c50623da6ee902989898b1c90ca789e2d3bcff842e8242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:44 CET
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Apr 2021 13:37:55 CEST
Server
Apache
ETag
W/"54342-1618918675366"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
90.jpg
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12454/90.jpg
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
cdn.omeda.com
Software
Apache /
Resource Hash
249c9a90f742880b6aa09e8f3f54e92b79303457cf6ca8fefb198082ac988fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 03:48:43 CET
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Apr 2021 13:38:33 CEST
Server
Apache
ETag
W/"265108-1618918713732"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
showPxyPage!ccFrame.action
ccifrm05.hostedpci.com/iSynSApp/ Frame 0FE2 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Requested by
Host: bridgetower.dragonforms.com
URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1325275d7d918a9d50652552198c9d5e210dc86b299c3dd76f973b12bf1100c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bridgetower.dragonforms.com/

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Language
de-DE
Vary
Accept-Encoding
CF-Cache-Status
EXPIRED
Last-Modified
Fri, 28 Jan 2022 17:15:04 GMT
Expires
Sat, 29 Jan 2022 03:18:44 GMT
Cache-Control
public, max-age=1800
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6d4f24abc9998ffe-FRA
Content-Encoding
gzip
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ 		715 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3?demo24289=&demo24290=&demo24292=&demo24294=&demo24295=&demo24296=&demo24297=996&demo24299=&demo24300=&demo24301=&demo24302=&demo24303=&demo24304=&demo24305=&demo24306=&demo24307=&demo24308=80&demo24309=&demo24310=&demo24311=&demo24315=&demo24316=&demo24317=&demo24318=&demo24319=&demo24320=&demo24320_r1327=&demo24321=&demo24321_r1338=&demo24323=&dragon_pagenumber=1&jsessionid=416567A1D0BF9A2C881F06B1CE253CA3&timestemp=1643424524090
Requested by
Host: cc.hostedpci.com
URL: https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery-2.1.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
75bfafdf39a74edd329cd7cbeff22bd84e145f67dc72700a4ff7ae7e82db57e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ 		715 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3?demo24289=&demo24290=&demo24292=&demo24294=&demo24295=&demo24296=&demo24297=996&demo24299=&demo24300=&demo24301=&demo24302=&demo24303=&demo24304=&demo24305=&demo24306=&demo24307=&demo24308=80&demo24309=&demo24310=&demo24311=&demo24315=&demo24316=&demo24317=&demo24318=&demo24319=&demo24320=&demo24320_r1327=&demo24321=&demo24321_r1338=&demo24323=&dragon_pagenumber=1&jsessionid=416567A1D0BF9A2C881F06B1CE253CA3&timestemp=1643424524102
Requested by
Host: cc.hostedpci.com
URL: https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery-2.1.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
75bfafdf39a74edd329cd7cbeff22bd84e145f67dc72700a4ff7ae7e82db57e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ 		711 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3?demo24289=&demo24290=&demo24292=&demo24294=164&demo24295=&demo24296=&demo24297=996&demo24299=&demo24300=&demo24301=&demo24302=&demo24303=&demo24304=&demo24305=&demo24306=&demo24307=&demo24308=80&demo24309=&demo24310=&demo24311=&demo24315=&demo24316=&demo24317=&demo24318=&demo24319=&demo24320=&demo24320_r1327=&demo24321=&demo24321_r1338=&demo24323=&dragon_pagenumber=1&jsessionid=416567A1D0BF9A2C881F06B1CE253CA3&timestemp=1643424524332
Requested by
Host: cc.hostedpci.com
URL: https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery-2.1.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
0bcd4a5325db84ec119fc0282c68c807f96629ef915b9b764d7d911e7da8679c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
jquery-1.4.1.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/jquery-1.4.1.min.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Wed, 21 Apr 2021 03:57:39 GMT
Server
cloudflare
ETag
"114bb-5c07390601ff0-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24ae5c598ffe-FRA
Content-Length
24049
Expires
Sat, 29 Jan 2022 03:18:44 GMT
jquery.ba-postmessage.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/jquery.ba-postmessage.min.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c8db3417d795bebc0c80bd4448ec92590067a2fa49e6b28af483c7ea691ed2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Wed, 21 Apr 2021 03:57:39 GMT
Server
cloudflare
ETag
"410-5c07390601ff0-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24ae6b905b3e-FRA
Content-Length
648
Expires
Sat, 29 Jan 2022 03:18:44 GMT
jsencrypt.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/jsencrypt.min.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:45 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Wed, 21 Apr 2021 03:58:03 GMT
Server
cloudflare
ETag
"db4e-5c07391cb1446-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24ae6af7912b-FRA
Content-Length
17555
Expires
Sat, 29 Jan 2022 03:18:45 GMT
hpci-tlschk-1.0.js
tlschk1.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 		25 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tlschk1.hostedpci.com/WBSStatic/site60/proxy/js/hpci-tlschk-1.0.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.180.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-180-252.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e087c5a51845b985f4609b1a2cf0a0e5efb9a2fed927f2ab43e23332a552c89d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Last-Modified
Wed, 21 Apr 2021 03:48:35 GMT
Server
Apache
ETag
"19-5c0736ff0f3da"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25
hpci-paramload-1.0.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 		190 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/hpci-paramload-1.0.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd535a0a2bed5f7cd6d31289903a65e34710d531352f64e24e1c070a4dc9658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Mon, 07 Jun 2021 04:08:52 GMT
Server
cloudflare
ETag
"be-5c425330e78da-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6d4f24ae6a099036-FRA
Content-Length
135
Expires
Sat, 29 Jan 2022 03:18:44 GMT
api.js
ccifrm05.hostedpci.com/cdn-cgi/bm/cv/669835187/ Frame 0FE2 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript
cache-control
max-age=604800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6d4f24b13f1e8ffe-FRA
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ 		711 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bridgetower.dragonforms.com/evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3?demo24289=1000&demo24290=&demo24292=&demo24294=164&demo24295=&demo24296=&demo24297=996&demo24299=&demo24300=&demo24301=&demo24302=&demo24303=&demo24304=&demo24305=&demo24306=&demo24307=&demo24308=80&demo24309=&demo24310=&demo24311=&demo24315=&demo24316=&demo24317=&demo24318=&demo24319=&demo24320=&demo24320_r1327=&demo24321=&demo24321_r1338=&demo24323=&dragon_pagenumber=1&jsessionid=416567A1D0BF9A2C881F06B1CE253CA3&timestemp=1643424524611
Requested by
Host: cc.hostedpci.com
URL: https://cc.hostedpci.com/WBSStatic/site60/proxy/js/jquery-2.1.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
0bcd4a5325db84ec119fc0282c68c807f96629ef915b9b764d7d911e7da8679c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 02:48:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
result
ccifrm05.hostedpci.com/cdn-cgi/bm/cv/ Frame 0FE2 		0
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ccifrm05.hostedpci.com/cdn-cgi/bm/cv/result?req_id=6d4f24abc9998ffe
Requested by
Host: ccifrm05.hostedpci.com
URL: https://ccifrm05.hostedpci.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 29 Jan 2022 02:48:45 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
6d4f24b20855912b-FRA
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| AUTO_LOOKUP_MULTIPLE_FOUND string| AUTO_LOOKUP_MULTIPLE_FOUND_WITH_SECONDARY_KEY string| STANDARD_FIELD_PAYMENT_METHOD string| PAYMENT_METHOD_PAY_WITH_CREDIT_CARD string| PAYMENT_METHOD_PAY_WITH_PAYPAL string| totalPrice string| payPalPlanId function| verifyConsole function| hideEmailLookupScrim function| showEmailLookupScrim function| toggleDisplay boolean| keepSubmitDisabled function| disableSubmit function| enableSubmit boolean| initialized boolean| lookupEmailCalled object| conditionalHandlers boolean| conditionalHandlersCalled function| registerConditionalHandler function| callConditionalHandlers function| toggleOther function| genericValidation function| checkConditions function| checkConditionsPart2 function| stopIframePolling function| applyConditionalResponses function| generateRepeatedGroup function| checkOtherFillinCheckbox function| checkOtherFillinRadio function| hideOtherFillin function| getFormData function| lookupByEmail function| lookupFreshAddress function| checkPayment function| clickBehavior function| entriesPolyFill function| httpPostWithFormData boolean| formInitialLoad boolean| formSubmitErrorOccurred function| calculatePaymentMethod function| clearOtherPaidElements string| shippingAddressCountry string| requestedVersionId string| campaignRequestedVersionId string| billMeLaterResponse boolean| campaigElementExists function| campaignPromocodeChanged function| campaignCountryOrRequestedVersionChanged function| getPromoContentAndPrices function| hidePromoPrices function| showDragonPaidContent function| hideDragonPaidContent function| showHidePromoPrices string| hpciCCFrameHost string| hpciCCFrameFullUrl string| hpciCCFrameName function| hpciSiteErrorHandler function| hpciSiteSuccessHandler function| hpci3DSitePINSuccessHandler function| hpci3DSitePINErrorHandler function| hpciInitCompleteSuccessHandler string| hpciStatus string| hpciNoConflict string| hpciNo3DS boolean| hpciLogging function| hpciStatusReset function| hpciPageReset function| hpciDisable3DS function| hpciAllow3DS function| processCCTokenHPCIMsg function| processNonTokenHPCIMsg function| sendHPCIMsg function| sendHPCIFrameMsg function| hpci3DDefaultSitePINSuccessHandler function| hpci3DDefaultSitePINErrorHandler string| receivePINEnabled function| receivePINMsg function| receiveHPCIMsgAfterPageReset function| receiveHPCIMsg function| sendHPCIChangeStyleMsg function| sendHPCIChangeStyleFrameMsg function| sendHPCIChangeClassMsg function| sendHPCIChangeClassFrameMsg function| sendHPCIChangeTextMsg function| sendHPCIChangeTextFrameMsg function| sendHPCISet3DSecParamMsg function| sendHPCISet3DSecParamFrameMsg function| hpciConsoleLog function| hpciDecodeComp function| hpciEncodeComp function| hpciEnableLogging function| hpciDisableLogging function| hpciUrlParam function| hpciUrlParamStr function| hpciUrlParamsAsObject undefined| display

4 Cookies

Domain/Path Name / Value
.bridgetowermedia.com/ Name: wp41765
Value: "XUAZYDs-TTUC:BXHBCDtlnDl-UCKL-VVTUDDDUYAZUVXDgNssDDLFl-UCKL-VVTUFJmUZ_T^UZXWXVXYUC"
.bit.ly/ Name: _bit
Value: m0t2MD-7ef973bb945ba679b8-00E
bridgetower.dragonforms.com/ Name: JSESSIONID
Value: 416567A1D0BF9A2C881F06B1CE253CA3
.hostedpci.com/ Name: __cf_bm
Value: tjjWNUD0kErQ_aKLeNYi6.jxVPWj8z7OMjlYrlugkhY-1643424525-0-AXEKSjV3p+Y9LkfgRxwatEY7joRgfwTHFmxLwrxEXVu7c4JnFQVkLmLx07FoaXgvTMKtNlf909M3EcEmG4Nc53Lgb0TKF7WHvrNmiQm7TOH0FYYTyg7RYb7nn9PYugG+wA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
bridgetower.dragonforms.com
cc.hostedpci.com
ccifrm05.hostedpci.com
cdn.omeda.com
code.jquery.com
hfd.bridgetowermedia.com
hostedcontent.dragonforms.com
tlschk1.hostedpci.com
www.pubservice.com
12.181.79.181
2001:4de0:ac18::1:a:3b
204.180.130.190
205.162.42.5
207.189.124.61
2606:4700::6812:69
34.196.180.252
67.199.248.11
028a86cc196b34f4577fa74cf6b1fbe3c693e586f17846257ff152aed83e3482
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ae967b9232b6c9201619c55ab09ff3906db8cf559ff0ac09cf4e22f8debd84b
0bcd4a5325db84ec119fc0282c68c807f96629ef915b9b764d7d911e7da8679c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0dbc0190864fe5c6e0bd63e7b5233f94265ee535dc3c3e2031f27a251bbb2f60
1325275d7d918a9d50652552198c9d5e210dc86b299c3dd76f973b12bf1100c5
249c9a90f742880b6aa09e8f3f54e92b79303457cf6ca8fefb198082ac988fc9
2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7
39a61a20716aae99d3b73afeef251bba8ee6d5c2bc81996c7c08e852646211a3
4260e2eb41909a12050f076987d2f15723d475be5b5a8a00b2191ab39727295b
4b8a7c1c8087acf34a95ad9ab66134cbb95b90b43fdc7219bddcb51653db0159
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
6f68768bc609d80bc9feb0ddbb4f73edd7240a25daf5df21c6b9fa5cc0879d6f
75bfafdf39a74edd329cd7cbeff22bd84e145f67dc72700a4ff7ae7e82db57e0
8a7eff464c8ab247defc5d202ac39c0a13505d10ba28ced477d0722671fd0a01
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9474e0583e03f38e9ebfcf99b5f3ecb25dfd3c4ff7524e4a94fc78d82f82ddfd
9c256bb1c6e4bf01dff589c538d4e444e11ec05c600aa7a410c2880bc11289ed
a3efb4d76272bc005d34a9ada025fb31532b7d32cb6fee46bbab32d08ed45144
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
b0c8db3417d795bebc0c80bd4448ec92590067a2fa49e6b28af483c7ea691ed2
b0f1ae631ab07ea523c50623da6ee902989898b1c90ca789e2d3bcff842e8242
d7993cf613408050b47ca5417eac7f90986d57213211a6b27f7579894e306389
dfd535a0a2bed5f7cd6d31289903a65e34710d531352f64e24e1c070a4dc9658
e087c5a51845b985f4609b1a2cf0a0e5efb9a2fed927f2ab43e23332a552c89d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855