urlscan.io logo urlscan.io
SecurityTrails logo

sub3.itmhgm.xyz Open in urlscan Pro
45.87.173.114  Public Scan

Go To Rescan Add Verdict Report
URL: https://sub3.itmhgm.xyz/
Submission: On February 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 45.87.173.114, located in Bursa, Turkey and belongs to KEYUBU, TR. The main domain is sub3.itmhgm.xyz.
TLS certificate: Issued by R3 on February 20th 2024. Valid for: 3 months.
This is the only time sub3.itmhgm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    45.87.173.114 (Bursa, Turkey)

ASN210538 (KEYUBU, TR)
sub3.itmhgm.xyz
14    66.96.149.1 (United States)

ASN- ()
PTR: 1.149.96.66.static.eigbox.net
www.benedelman.org
1    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
4    2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
cse.google.com
1    2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 benedelman.org
www.benedelman.org
264 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 3353
120 KB
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 22903
c.statcounter.com — Cisco Umbrella Rank: 11369
14 KB
2 itmhgm.xyz
sub3.itmhgm.xyz
91 KB
1 gstatic.com
fonts.gstatic.com
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
24 6
Domain Requested by
14 www.benedelman.org sub3.itmhgm.xyz
4 www.google.com 1 redirects www.google.com
2 sub3.itmhgm.xyz sub3.itmhgm.xyz
1 c.statcounter.com secure.statcounter.com
1 fonts.gstatic.com fonts.googleapis.com
1 cse.google.com sub3.itmhgm.xyz
1 secure.statcounter.com sub3.itmhgm.xyz
1 fonts.googleapis.com sub3.itmhgm.xyz
24 8

This site contains links to these domains. Also see Links.

Domain
www.benedelman.org
twitter.com
wordpress.org
Subject Issuer Validity Valid
sub3.itmhgm.xyz
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
*.benedelman.org
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sub3.itmhgm.xyz/
Frame ID: B43343342B02FBA0C9B078C4154DB1B8
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ben Edelman

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

517 kB
Transfer

792 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0 HTTP 301
  • https://cse.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sub3.itmhgm.xyz/ 		86 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sub3.itmhgm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.87.173.114 Bursa, Turkey, ASN210538 (KEYUBU, TR),
Reverse DNS
Software
nginx/1.24.0 / PHP/7.3.2
Resource Hash
4d5553c6c486e2dfe9d852d468c9fb50bd78c9d52b90448fedcb2f1fc1d18ca7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
0
content-length
87964
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 12:51:13 GMT
link
<https://www.benedelman.org/wp-json/>; rel="https://api.w.org/" <https://www.benedelman.org/>; rel=shortlink
server
nginx/1.24.0
x-powered-by
PHP/7.3.2
wgs2.css
www.benedelman.org/wp-content/plugins/wp-google-search/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/plugins/wp-google-search/wgs2.css?ver=5.1.18
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2656
style.min.css
www.benedelman.org/wp-includes/css/dist/block-library/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/css/dist/block-library/style.min.css?ver=5.1.18
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25245
theme.min.css
www.benedelman.org/wp-includes/css/dist/block-library/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/css/dist/block-library/theme.min.css?ver=5.1.18
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
847f1e29e2676e8dfcbfede5d4ffce35178e79a60f66186cc95e85c25b14cb11
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1031
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0403c5d8ace00ce6f4e2b8f96a9bd1648c0cc12cb2c98b2ac34bb38693dad184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 12:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 12:46:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 12:51:14 GMT
style.css
www.benedelman.org/wp-content/themes/twentyseventeen/ 		86 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/style.css?ver=20190507
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
def1c1b43186434ddf9c00c48950e2f3564adb613771689b49d68dc0d7bb4eff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88334
blocks.css
www.benedelman.org/wp-content/themes/twentyseventeen/assets/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10658
jquery.js
www.benedelman.org/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96873
jquery-migrate.min.js
www.benedelman.org/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10056
wp-emoji-release.min.js
www.benedelman.org/wp-includes/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/js/wp-emoji-release.min.js?ver=5.1.18
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11951
ben-small.jpg
sub3.itmhgm.xyz/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sub3.itmhgm.xyz/ben-small.jpg
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.87.173.114 Bursa, Turkey, ASN210538 (KEYUBU, TR),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c21f22961629cc6e1df117ad7a635512cd7ce0a9c75fe67662e6596a478189ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:51:14 GMT
content-security-policy
upgrade-insecure-requests;
server
nginx/1.24.0
accept-ranges
bytes
age
0
content-length
4267
content-type
image/jpeg
counter.js
secure.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099aff0760e41f4927af85d5efbaff9eb670d15444458992dc05609c8c34517a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2024 11:28:22 GMT
server
cloudflare
age
3287
etag
W/"65d48cd6-8b77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8586e141ef485731-MIA
expires
Tue, 20 Feb 2024 23:56:27 GMT
google_cse_v2.js
www.benedelman.org/wp-content/plugins/wp-google-search/assets/js/ 		468 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
468
skip-link-focus-fix.js
www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/ 		683 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
683
navigation.js
www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3754
global.js
www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7754
jquery.scrollTo.js
www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5836
wp-embed.min.js
www.benedelman.org/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benedelman.org/wp-includes/js/wp-embed.min.js?ver=5.1.18
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.149.1 , United States, ASN (),
Reverse DNS
1.149.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:51:14 GMT
Content-Security-Policy
upgrade-insecure-requests;
Server
Apache/2
Age
0
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1443
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
  • https://cse.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
Requested by
Host: sub3.itmhgm.xyz
URL: https://sub3.itmhgm.xyz/
Protocol
H2
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
d2292c23c1f294a364df03d9610e4360cf0b35926df4802dc080e2c521e44592
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-QSKt7dz_61Tl4wB_r3l4eQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-QSKt7dz_61Tl4wB_r3l4eQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Tue, 20 Feb 2024 12:51:15 GMT
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2450
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

Redirect headers

date
Tue, 20 Feb 2024 12:51:14 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
expires
Tue, 20 Feb 2024 13:21:14 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub3.itmhgm.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 21:56:20 GMT
x-content-type-options
nosniff
age
399294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 21:56:20 GMT
t.php
c.statcounter.com/ 		192 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=296146&u1=9D2B640C63B54F01F18ADF597B9E92B0&java=1&security=&sc_snum=1&sess=0ba1bc&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//sub3.itmhgm.xyz/&t=Ben%20Edelman&invisible=1&sc_rum_e_s=2555&sc_rum_e_e=2560&sc_rum_f_s=0&sc_rum_f_e=2552&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:51:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://sub3.itmhgm.xyz
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8586e1424f865731-MIA
expires
Mon, 26 Jul 1997 05:00:00 GMT
cse_element__en.js
www.google.com/cse/static/element/8435450f13508ca1/ 		318 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108214
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 12:51:15 GMT
default+en.css
www.google.com/cse/static/element/8435450f13508ca1/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 12:51:15 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=002046004314727539767:r3ekqgwirf0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sub3.itmhgm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 20 Feb 2024 13:12:22 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery function| ShowVideoPopup function| ShowVideo function| ShowLocalpagesNBCMsg function| ShowEbatesSite function| WarnLink number| sc_project string| sc_security number| sc_invisible string| scJsHost object| scriptParams object| twentyseventeenScreenReaderText object| twemoji object| wp object| jQuery11240755870323253411 function| _statcounter object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol

2 Cookies

Domain/Path Name / Value
.sub3.itmhgm.xyz/ Name: sc_is_visitor_unique
Value: rx296146.1708433475.9D2B640C63B54F01F18ADF597B9E92B0.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc296146.1708433474.0

1 Console Messages

Source Level URL
Text
other warning URL: https://sub3.itmhgm.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
secure.statcounter.com
sub3.itmhgm.xyz
www.benedelman.org
www.google.com
104.20.95.138
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2004
2607:f8b0:4006:824::200a
45.87.173.114
66.96.149.1
0403c5d8ace00ce6f4e2b8f96a9bd1648c0cc12cb2c98b2ac34bb38693dad184
099aff0760e41f4927af85d5efbaff9eb670d15444458992dc05609c8c34517a
1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d5553c6c486e2dfe9d852d468c9fb50bd78c9d52b90448fedcb2f1fc1d18ca7
847f1e29e2676e8dfcbfede5d4ffce35178e79a60f66186cc95e85c25b14cb11
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
c21f22961629cc6e1df117ad7a635512cd7ce0a9c75fe67662e6596a478189ad
c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
d2292c23c1f294a364df03d9610e4360cf0b35926df4802dc080e2c521e44592
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
def1c1b43186434ddf9c00c48950e2f3564adb613771689b49d68dc0d7bb4eff
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f