urlscan.io logo urlscan.io
SecurityTrails logo

www2.lavi.com Open in urlscan Pro
199.60.103.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www2.lavi.com/
Effective URL: https://www2.lavi.com/
Submission: On February 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 21 domains to perform 45 HTTP transactions. The main IP is 199.60.103.228, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www2.lavi.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 15th 2020. Valid for: a year.
This is the only time www2.lavi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 199.60.103.228 209242 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.60.103.227 209242 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
45 27
9    199.60.103.228 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www2.lavi.com
5    2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2606:4700::6810:b672 (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent40.net
1    199.60.103.227 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
designers.hubspot.com
1    2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:26f0:7100:48a::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleadservices.com
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
9 www2.lavi.com 1 redirects www2.lavi.com
js.usemessages.com
5 cdn2.hubspot.net www2.lavi.com
3 www.google.de
3 www.google.com
2 www.facebook.com
2 px.ads.linkedin.com 1 redirects
2 connect.facebook.net js.hsadspixel.net
connect.facebook.net
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
2 www.googletagmanager.com www2.lavi.com
js.hsadspixel.net
2 www.google-analytics.com www2.lavi.com
www.google-analytics.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com js.hsadspixel.net
1 stats.g.doubleclick.net www.google-analytics.com
1 api.hubapi.com js.hsadspixel.net
1 track.hubspot.com
1 js.usemessages.com www2.lavi.com
1 js.hs-banner.com www2.lavi.com
1 js.hs-analytics.net www2.lavi.com
1 js.hsadspixel.net www2.lavi.com
1 static.hsappstatic.net designers.hubspot.com
1 designers.hubspot.com cdn2.hubspot.net
1 f.hubspotusercontent40.net www2.lavi.com
0 fonts.googleapis.com Failed cdn2.hubspot.net
45 24

This site contains links to these domains. Also see Links.

Domain
www.lavi.com
7098847.hs-sites.com
www.hubspot.com
Subject Issuer Validity Valid
www2.lavi.com
Cloudflare Inc ECC CA-3		 2020-10-15 -
2021-10-14		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-10 -
2021-08-10		 a year crt.sh
designers.hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www2.lavi.com/
Frame ID: D8E0EF3DCA29B6C8E736F67067B050DC
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www2.lavi.com/ HTTP 301
    https://www2.lavi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

45
Requests

96 %
HTTPS

89 %
IPv6

21
Domains

24
Subdomains

27
IPs

3
Countries

419 kB
Transfer

1137 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www2.lavi.com/ HTTP 301
    https://www2.lavi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1844020%26time%3D1613486374893%26url%3Dhttps%253A%252F%252Fwww2.lavi.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F&liSync=true

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www2.lavi.com/
Redirect Chain
  • http://www2.lavi.com/
  • https://www2.lavi.com/
24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa662dc2567811eb1444879b2dc04cd35e2ccf000e5b5a4264c3f01ed5e57b0

Request headers

:method
GET
:authority
www2.lavi.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d0a44521b09c6727770dd75d6104e39651613486372; __cfruid=6190198722b7b7d20923b36fe4500a6ae0feb6d2-1613486372
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
content-type
text/html;charset=utf-8
cf-ray
622804c1d8f4cc5a-ZRH
cache-control
s-maxage=5,max-age=5
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
084ce14d240000cc5a01303000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-reason
No view mapper found to handle request
x-hubspot-notfound
true
x-trace
2B8B7DEBBCD36B638AF2BB7FAC8BF277E9E11554A0000000000000000000
server
cloudflare
content-encoding
br

Redirect headers

Date
Tue, 16 Feb 2021 14:39:32 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=d0a44521b09c6727770dd75d6104e39651613486372; expires=Thu, 18-Mar-21 14:39:32 GMT; path=/; domain=.www2.lavi.com; HttpOnly; SameSite=Lax __cfruid=6190198722b7b7d20923b36fe4500a6ae0feb6d2-1613486372; path=/; domain=.www2.lavi.com; HttpOnly
Location
https://www2.lavi.com/
Cache-Control
s-maxage=3600,max-age=120
X-Hs-Https-Only
worker
cf-request-id
084ce14cc90000cc4634bfc000000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
622804c149fccc46-ZRH
jquery-1.7.1.js
www2.lavi.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
via
1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
1766947
cf-ray
622804c99803cc5a-ZRH
x-cache
Hit from cloudfront
content-encoding
br
cf-request-id
084ce151fb0000cc5a83a7a000000001
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
nJEAn4z9yJGrTaM7trX2GdhwCRlJpXqr09rNcI2nHZTSnNFQc0_Wvw==
expires
Wed, 16 Feb 2022 14:39:33 GMT
module_33877622725_Vast_Back_To_Top_Button.min.css
cdn2.hubspot.net/hub/7098847/hub_generated/module_assets/33877622725/1597875687166/ 		148 B
257 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7098847/hub_generated/module_assets/33877622725/1597875687166/module_33877622725_Vast_Back_To_Top_Button.min.css
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1567fed0023446d72eac7b0c48d6f97979b3739e3102f009876cff1ca05696f7

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
084ce151ee00002bc25696f000000001
last-modified
Wed, 19 Aug 2020 22:21:28 GMT
server
cloudflare
etag
W/"cf0ba3a87ae87185b527431b9d451b53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1597875687166
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
622804c97ac52bc2-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1613485997258/hubspot/hubspot_default/shared/responsive/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1613485997258/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
content-encoding
br
cf-cache-status
HIT
age
73
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
084ce151ee00002bc2b60e2000000001
last-modified
Tue, 16 Feb 2021 14:33:18 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1613485997258
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
622804c97ac62bc2-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
vast-style.min.css
cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877360330/1599694099188/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877360330/1599694099188/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/vast-style.min.css
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c52fd1d7b349ae582cc3d4ccd376d300219216e4461b39d3a2d5fc533427f37

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
084ce151ee00002bc2a8a81000000001
last-modified
Wed, 09 Sep 2020 23:28:20 GMT
server
cloudflare
etag
W/"bc9472eb6b413d21fd245efbb1b47b30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1599694099188
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
622804c97ac72bc2-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
Lavi-Logo-Horizontal-1.png
f.hubspotusercontent40.net/hub/7098847/hubfs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hubspotusercontent40.net/hub/7098847/hubfs/Lavi-Logo-Horizontal-1.png?width=150&name=Lavi-Logo-Horizontal-1.png
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce75617becb2f493640eb6862b181a38bcd10c1a6e47e9a619aa7f648b18a843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34366852709,FD-40891426696,P-7098847,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-length
3027
cf-request-id
084ce1546800004ed92cbe7000000001
last-modified
Mon, 15 Feb 2021 15:30:13 GMT
server
cloudflare
etag
"b56a95d4c7331c147c06f1cafc3fd313"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
622804cd79954ed9-FRA
x-amz-cf-id
s0NrKWIRCaz3tH13WvjgK4tf2MzoYDki2tzMzGwxn7Om9SI05C8WAQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
vast-main.min.js
cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877358141/1597875692657/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877358141/1597875692657/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/vast-main.min.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c5f6b437c260608181a32823e822baafc68a8cbdedd173c289bcc15ccf8a5b

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
084ce1530200002bc27cb84000000001
last-modified
Wed, 19 Aug 2020 22:21:33 GMT
server
cloudflare
etag
W/"0299c305eb68c060fac2ec529e95b559"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1597875692657
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
622804cb3d582bc2-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
project.js
www2.lavi.com/hs/hsstatic/cos-i18n/static-1.27/bundles/ 		1 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
via
1.1 232da8e84bcfefcf0109ecb77a04d60e.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
1695695
x-amz-server-side-encryption
AES256
cf-ray
622804cd1f60cc5a-ZRH
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
084ce154310000cc5ad92ca000000001
last-modified
Wed, 19 Aug 2020 22:31:39 GMT
server
cloudflare
etag
W/"d0cd32f08bf823a0389da03beed61887"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
2tzxWhBqhFrbWNOKYsoHIauxtaBoTuuO
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP64-C3
content-type
application/javascript
x-amz-cf-id
RvNHDJdyLT-URg6cTnBqNOZZmsamrcISlStDyK2EZo61LTCRJ3dVtA==
expires
Wed, 16 Feb 2022 14:39:33 GMT
project.js
www2.lavi.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:33 GMT
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
1681693
x-amz-server-side-encryption
AES256
cf-ray
622804cd4faecc5a-ZRH
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
084ce154510000cc5a0382d000000001
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
PLSoK3UsUHa9hHFZ1eb1t4F6INeq43YNoIRAQutWfTp7AOlX8OLJuA==
expires
Wed, 16 Feb 2022 14:39:33 GMT
module_33877622725_Vast_Back_To_Top_Button.min.js
cdn2.hubspot.net/hub/7098847/hub_generated/module_assets/33877622725/1597875687110/ 		657 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7098847/hub_generated/module_assets/33877622725/1597875687110/module_33877622725_Vast_Back_To_Top_Button.min.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25638321e10a67f6f5a7b95dcdd4c028fe45dcc5da4ce4f8f6d524e72271c006

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
084ce1544700002bc2b6107000000001
last-modified
Wed, 19 Aug 2020 22:21:28 GMT
server
cloudflare
etag
W/"9e0420af3a806e7f6082b21475ca40fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1597875687110
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
622804cd38722bc2-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
7098847.js
www2.lavi.com/hs/scriptloader/ 		2 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/hs/scriptloader/7098847.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f955016a31a6d63c12309d2c7b355a935b99af0949c27c0a119935514d61e8

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2BE0DBEC7D109F6B5484DC14216E9B9DF91A23B10E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
622804cd5fb2cc5a-ZRH
cf-request-id
084ce154530000cc5a8cb00000000001
expires
Tue, 16 Feb 2021 14:40:34 GMT
index.js
www2.lavi.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
1596982
x-amz-server-side-encryption
AES256
cf-ray
622804cd5fb4cc5a-ZRH
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
084ce154540000cc5aa398e000000001
last-modified
Mon, 14 Sep 2020 20:19:23 GMT
server
cloudflare
etag
W/"e669ca94e2fffafc96a88184dda30834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
YhWH-v4SgLzqI6IWY6DlGeWxGs77p8Qz_Xrr_cy0zw-c6tIrvwZeyA==
expires
Wed, 16 Feb 2022 14:39:33 GMT
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
font-awesome.css
designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/font-awesome.css
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877360330/1599694099188/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/vast-style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
93cf0138ab6e21fdf74500a3d9d5d519e726dd3e8cc76efebb5bb183d3558064

Request headers

Referer
https://cdn2.hubspot.net/hub/7098847/hub_generated/template_assets/33877360330/1599694099188/Marketplace/HubSpotSiteSetup/Vast_Site_Setup/Coded_Files/vast-style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 041a4887d523cabe8177e269cc358163.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2178
edge-cache-tag
F-2054199286,P-327485,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
cf-request-id
084ce154910000cc3e7d9d0000000001
last-modified
Tue, 10 Oct 2017 01:13:09 GMT
server
cloudflare
etag
W/"164b5e1e801316562777bb5d25d9d857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=60
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
cf-ray
622804cdb80ecc3e-ZRH
x-amz-cf-id
XuG-e5_E_Vk1_0l_geXLwnZ6x-QTttKxFVmEXqQFroKs3beXTyOWsg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
fontawesome-webfont.woff
static.hsappstatic.net/content_shared_assets/static-1.3779/fonts/ 		82 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content_shared_assets/static-1.3779/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: designers.hubspot.com
URL: https://designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://www2.lavi.com
Referer
https://designers.hubspot.com/hs-fs/hub/327485/file-2054199286-css/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
x-amz-meta-access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83760
cf-request-id
084ce154ca00002b653b347000000001
last-modified
Wed, 24 Sep 2014 02:18:25 GMT
server
cloudflare
etag
"fdf491ce5ff5b2da02708cd0e9864719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NaRFaNOEcyzWrdrT0yjSAhDPS7kJi5tU34Wrte2%2Fyi7ag9U%2B0bfVVXGphXHWDGc7wbbJEOTHYc5juhUNiMlXBqfGSioAtJlpbdsB3vwA7u%2BmoCprBw%2BoZDNtfTwiWX6nkIcD"}],"group":"cf-nel"}
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
622804ce1e4b2b65-FRA
x-amz-cf-id
pj1kWlDmUY3AFH3pyl9Zl6XCpWqY8qsDa3p9NXERPoaFb6nQtSzSKQ==
expires
Wed, 16 Feb 2022 14:39:34 GMT
fb.js
js.hsadspixel.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/hs/scriptloader/7098847.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3399b34b280df0bae72875db0c8920320cc6b8ce3e64413541fdcb7fd53a2a8f

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 23c9ec01b6f4151f654547c0190aeebf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
176
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.222/bundles/pixels-release.js&cfRay=622800817e582175-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
084ce1561400004ac8162fe000000001
last-modified
Fri, 29 Jan 2021 04:30:45 UTC
server
cloudflare
etag
W/"c8d54dcba2e9466890079ae550d834bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
tMGfNCDI8YaArCWxgAwYbahB1RP10YKq
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
622804d029094ac8-FRA
x-amz-cf-id
A8pa0eEjzF_4KhO8swJ9vQeWufthMkiMUALFAK6rdXaCskzijXQ6Dw==
7098847.js
js.hs-analytics.net/analytics/1613486100000/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1613486100000/7098847.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/hs/scriptloader/7098847.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18816cbda0c1b9ade8f4fb1f4cf8e1e43c8821aad6efd136b0f97f392026b6f

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
cf-cache-status
HIT
age
60
x-amz-server-side-encryption
AES256
x-amz-request-id
8E556A679AEDC2A2
x-amz-id-2
gVOeoxdmqPSVv9ZKIfN+U5BYknLEwJJ4tPFOfXaXjt//44KhZKZbA7RXkyly9IJKmAQlr3fgkZQ=
last-modified
Wed, 03 Feb 2021 21:29:10 GMT
server
cloudflare
etag
W/"90569a4b2d006a4beff69850294c0cd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
084ce1561500004ab6149b5000000001
cf-ray
622804d028f84ab6-FRA
expires
Tue, 16 Feb 2021 14:43:34 GMT
7098847.js
js.hs-banner.com/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/7098847.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/hs/scriptloader/7098847.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304baa5b9ea09fbc2adff15aea32ebad5b7cdb1bffbec82ad2881cc9a25d01de

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=ADtv3g==, md5=BACGpOrNamavM1wEQuEmVA==
date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
cf-cache-status
HIT
age
60
x-guploader-uploadid
ABg5-UxLWUxoQ6hqk403ykwvRdL2UD3mtVXs84-U1Z7i5qRmE6m0UhB2PwxefDR8wBkm7IE_VFHjMuQF3glZY9N2qPQ
x-goog-storage-class
STANDARD
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
084ce1561600004db82326e000000001
timing-allow-origin
*
last-modified
Wed, 03 Feb 2021 21:29:09 GMT
server
cloudflare
etag
W/"040086a4eacd6a66af335c0442e12654"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1612387749811095
access-control-allow-origin
https://www.lavi.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
57794
cf-ray
622804d02cb84db8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 16 Feb 2021 14:43:34 GMT
conversations-embed.js
js.usemessages.com/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/hs/scriptloader/7098847.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d96c73d2e0d789c48a193b6c2096e9d12352d0538fd5eb091c64c52eba187af3

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
188
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8309/bundles/project.js&cfRay=62280036794c4e5c-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
084ce1561700000ea711bb3000000001
last-modified
Fri, 12 Feb 2021 03:55:50 UTC
server
cloudflare
etag
W/"e8e28eeda811c662832b195ba2d5aad1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
oa7cIyj2.QhI9ksfQnKyZE3U0yM_OLNQ
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
622804d02d8f0ea7-FRA
x-amz-cf-id
e8l590nKLtczYthiKtUS3BS-jbNjMb553wSmXSAdm_-zDe35smQUWA==
widget
www2.lavi.com/_hcms/livechat/ 		256 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/_hcms/livechat/widget?portalId=7098847&conversations-embed=static-1.8309&mobile=false&messagesUtk=43c5687ae149495a93a18659f8d8a78f&traceId=43c5687ae149495a93a18659f8d8a78f
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f013f9172cc51d319df443bbcabc20f9fb5daf5fdd93aec85ecbbd99fc2c01ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www2.lavi.com/

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B61FE4B69F5E9CA382E341F271C6758DC714C3232000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
622804d07dd4cc5a-ZRH
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-request-id
084ce1564d0000cc5aa525d000000001
__ptq.gif
track.hubspot.com/ 		45 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4220565467&v=1.1&a=7098847&ct=standard-page&ccu=http%3A%2F%2Fwww2.lavi.com%2F404&lvc=en&pu=https%3A%2F%2Fwww2.lavi.com%2F&cts=1613486374736&vi=e6d442fcde790a39227356ae1a2e61aa&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
622804d21f091f19-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
cf-request-id
084ce1575400001f19bca28000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rv3rtseTrPUSSY%2Fq9%2FkUnlcf05bMS42hAcE%2BGPLNmO2%2BqQNXeZ%2F%2BgvNvO7c%2FVbLERs3xqHBnESPRBNr7OwgdPExxhLNI4CQx77PIK652IQFfLXek48snfAGBUnQf1g%3D%3D"}],"max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6738
date
Tue, 16 Feb 2021 12:47:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 16 Feb 2021 14:47:16 GMT
gtm.js
www.googletagmanager.com/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WV6D5JP
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffdf217d9ceb69a4f6e98a58b862ff9d6f760671df84259a89720da269f389b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35219
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Feb 2021 14:39:34 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		206 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7098847
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc17e0dc2f0da953f5ea37e41ab28a3511d5ba42756859abd0c91c065b5800dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
084ce1575800004a687e95c000000001
server
cloudflare
x-trace
2B06B9AF1B87C7AA53617A35760D5EA589A3170CCD000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frVf0L4TCr274mYvsa3798iQZtuxGF5ryq8EjHtVp5UGhrcn60uzr0A9%2F4EF4M1b3IiaU1HaQVBUS%2B%2BLgx6%2BPelVLy%2BekLmgHxXVxpZlKCTki6w3HyAhZYQMBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www2.lavi.com
access-control-allow-credentials
false
cf-ray
622804d22c8a4a68-FRA
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		4 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1306709782&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.lavi.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1511741759&gjid=1688709350&cid=1142647768.1613486375&tid=UA-250535-1&_gid=46913210.1613486375&_r=1&_slc=1&z=1692585381
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.lavi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-250535-1&cid=1142647768.1613486375&jid=1511741759&gjid=1688709350&_gid=46913210.1613486375&_u=IEBAAEAAAAAAAC~&z=1165686519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Feb 2021 14:39:34 GMT
content-type
text/plain
access-control-allow-origin
https://www2.lavi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV6D5JP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
876cfd75830546cc2ba6a38213b34365cc42903e1971862537b1ababd3f77561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12364
x-xss-protection
0
server
cafe
etag
16447433377505682064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 14:39:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-250535-1&cid=1142647768.1613486375&jid=1511741759&_u=IEBAAEAAAAAAAC~&z=1183598286
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-250535-1&cid=1142647768.1613486375&jid=1511741759&_u=IEBAAEAAAAAAAC~&z=1183598286
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/978624886/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978624886/?random=1613486374845&cv=9&fst=1613486374845&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7dd24491e4c87d4b835f976ac528ae1781d0d76b4253fcda09b6ff4b801494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
974
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:48a::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 14:39:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=58023
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-978624886
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca0d8a386496ba52b6b450155f00454ed826f7bdb0f63cbf9589ca88243ff704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39129
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Feb 2021 14:39:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
7eSt6Vdky9M8O7KFAeN6VKEZlCceZDeCYEXez0CgvEHhE4NvOJRhv7PXWCcm3Qe1UiMFYJAqa8ZW1g1sATZucQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Feb 2021 14:39:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/978624886/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/978624886/?random=1613486374845&cv=9&fst=1613484000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&async=1&fmt=3&is_vtc=1&random=2462204127&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/978624886/ 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/978624886/?random=1613486374845&cv=9&fst=1613484000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&async=1&fmt=3&is_vtc=1&random=2462204127&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2378478875793371
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2378478875793371?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c2f2020b53d04e6c83d4e800ca28c6d66c322ef482d0e216d9f2c333f5e23a39
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70529
x-fb-rlafr
0
pragma
public
x-fb-debug
/KRzwpQ898yDhmMM70XNVhd6DzXnvRYiJSS1YAY1wwKaF5ptPdTHeTOb05LbpAvb4Vx0ykXECjX1wWMwmU3JNw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Feb 2021 14:39:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
406573584
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1844020%26time%3D1613486374893%26url%3Dhttps%253A%252F%252Fwww2.lavi.com%252F%26l...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F&liSync=true
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:35 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
uxd+YU9BZBagVNrBsCoAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
z196Vk9BZBbA5w4wJSsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: F957A588B01C4AEA9475C67185570F93 Ref B: FRAEDGE1417 Ref C: 2021-02-16T14:39:35Z
date
Tue, 16 Feb 2021 14:39:34 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1844020&time=1613486374893&url=https%3A%2F%2Fwww2.lavi.com%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-978624886
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
195370021859676167
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 14:39:34 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2378478875793371&ev=PageView&dl=https%3A%2F%2Fwww2.lavi.com%2F&rl=&if=false&ts=1613486374990&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1613486374988.1857800960&it=1613486374891&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Feb 2021 14:39:35 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/978624886/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978624886/?random=1613486375015&cv=9&fst=1613486375015&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84b34087569168237d850ebe50a99873a3f1b8ea370940142409071d43887d1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/978624886/ 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/978624886/?random=1613486375015&cv=9&fst=1613484000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&async=1&fmt=3&is_vtc=1&random=1584410615&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/978624886/ 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/978624886/?random=1613486375015&cv=9&fst=1613484000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.lavi.com%2F&async=1&fmt=3&is_vtc=1&random=1584410615&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 14:39:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2378478875793371&ev=Microdata&dl=https%3A%2F%2Fwww2.lavi.com%2F&rl=&if=false&ts=1613486375494&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww2.lavi.com%2F404%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1613486374988.1857800960&it=1613486374891&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 14:39:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Feb 2021 14:39:35 GMT
perf
www2.lavi.com/_hcms/ 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.lavi.com/_hcms/perf
Requested by
Host: www2.lavi.com
URL: https://www2.lavi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www2.lavi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

cf-ray
622804e4eba3cc5a-ZRH
date
Tue, 16 Feb 2021 14:39:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B210DED2742E799E8CB37573D328486EE50CCD212000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
content-length
2
cf-request-id
084ce163120000cc5a9c260000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato:300,400,300italic,400italic
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Montserrat:700,400

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| hsjQuery object| _hsp function| hsOnReadyGoogleSearch_2602 function| hsOnReadyLoadVastMainJS function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_2501135 function| i18n_getmessage function| i18n_getlanguage object| _hsq object| hsVars boolean| PIXELS_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime string| GoogleAnalyticsObject function| ga object| dataLayer boolean| _hspb_ran object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _linkedin_data_partner_ids function| fbq function| _fbq function| lintrk boolean| _already_called_lintrk

6 Cookies

Domain/Path Name / Value
.lavi.com/ Name: __hssc
Value: 251218201.1.1613486374734
.lavi.com/ Name: __hssrc
Value: 1
.lavi.com/ Name: hubspotutk
Value: e6d442fcde790a39227356ae1a2e61aa
.lavi.com/ Name: __hstc
Value: 251218201.e6d442fcde790a39227356ae1a2e61aa.1613486374733.1613486374733.1613486374733.1
.www2.lavi.com/ Name: __cfruid
Value: 6190198722b7b7d20923b36fe4500a6ae0feb6d2-1613486372
.www2.lavi.com/ Name: __cfduid
Value: d0a44521b09c6727770dd75d6104e39651613486372

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cdn2.hubspot.net
connect.facebook.net
designers.hubspot.com
f.hubspotusercontent40.net
fonts.googleapis.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.usemessages.com
px.ads.linkedin.com
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www2.lavi.com
fonts.googleapis.com
142.250.185.226
199.60.103.227
199.60.103.228
2606:4700::6810:b672
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:9d2
2606:4700::6811:c8cc
2606:4700::6811:eecc
2606:4700::6811:f1cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:400c:c1b::9a
2a02:26f0:7100:48a::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
1567fed0023446d72eac7b0c48d6f97979b3739e3102f009876cff1ca05696f7
1fa662dc2567811eb1444879b2dc04cd35e2ccf000e5b5a4264c3f01ed5e57b0
25638321e10a67f6f5a7b95dcdd4c028fe45dcc5da4ce4f8f6d524e72271c006
2c52fd1d7b349ae582cc3d4ccd376d300219216e4461b39d3a2d5fc533427f37
304baa5b9ea09fbc2adff15aea32ebad5b7cdb1bffbec82ad2881cc9a25d01de
3399b34b280df0bae72875db0c8920320cc6b8ce3e64413541fdcb7fd53a2a8f
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f955016a31a6d63c12309d2c7b355a935b99af0949c27c0a119935514d61e8
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
84b34087569168237d850ebe50a99873a3f1b8ea370940142409071d43887d1e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876cfd75830546cc2ba6a38213b34365cc42903e1971862537b1ababd3f77561
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
93cf0138ab6e21fdf74500a3d9d5d519e726dd3e8cc76efebb5bb183d3558064
98c5f6b437c260608181a32823e822baafc68a8cbdedd173c289bcc15ccf8a5b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba7dd24491e4c87d4b835f976ac528ae1781d0d76b4253fcda09b6ff4b801494
c2f2020b53d04e6c83d4e800ca28c6d66c322ef482d0e216d9f2c333f5e23a39
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
ca0d8a386496ba52b6b450155f00454ed826f7bdb0f63cbf9589ca88243ff704
cc17e0dc2f0da953f5ea37e41ab28a3511d5ba42756859abd0c91c065b5800dc
ce75617becb2f493640eb6862b181a38bcd10c1a6e47e9a619aa7f648b18a843
d96c73d2e0d789c48a193b6c2096e9d12352d0538fd5eb091c64c52eba187af3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f013f9172cc51d319df443bbcabc20f9fb5daf5fdd93aec85ecbbd99fc2c01ca
f18816cbda0c1b9ade8f4fb1f4cf8e1e43c8821aad6efd136b0f97f392026b6f
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
ffdf217d9ceb69a4f6e98a58b862ff9d6f760671df84259a89720da269f389b9