urlscan.io logo urlscan.io
SecurityTrails logo

gamesfreaks.org Open in urlscan Pro
209.126.103.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hello.nutter.com/e/590181/-estate-planning-election-year/gmmf6/864898351?h=FLHCYA6dSL40Tcit2EO-0CKyO2w8fUyRARXK5q...
Effective URL: http://gamesfreaks.org/
Submission Tags: falconsandbox
Submission: On October 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 15 domains to perform 44 HTTP transactions. The main IP is 209.126.103.139, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is gamesfreaks.org.
This is the only time gamesfreaks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 35.174.78.146 14618 (AMAZON-AES)
2 27 216.157.108.97 13768 (COGECO-PEER1)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 2 37.252.172.249 29990 (ASN-APPNEX)
1 99.86.2.74 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 209.126.127.231 30083 (AS-30083-...)
1 147.135.1.203 16276 (OVH)
1 209.126.103.139 30083 (AS-30083-...)
44 12
4    35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
hello.nutter.com
pi.pardot.com
27    216.157.108.97 (Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: d89d6c61.client-ipv4.firmseek.net
www.nutter.com
1    68.67.153.60 (United States)

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net
s.ml-attr.com
2    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    99.86.2.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-74.fra6.r.cloudfront.net
attr.ml-api.io
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    209.126.127.231 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor2543.startdedicated.com
pipardot.com
mars.cdncontentdelivery.com
1    147.135.1.203 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns100218.ip-147-135-1.us
securecontentssl.com
1    209.126.103.139 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor2710.startdedicated.com
gamesfreaks.org
Domain Requested by
27 www.nutter.com 2 redirects www.nutter.com
2 pi.pardot.com www.nutter.com
pi.pardot.com
2 www.facebook.com www.nutter.com
connect.facebook.net
2 px.ads.linkedin.com 1 redirects www.nutter.com
2 snap.licdn.com www.nutter.com
snap.licdn.com
2 www.google-analytics.com www.nutter.com
www.google-analytics.com
2 connect.facebook.net www.nutter.com
connect.facebook.net
2 secure.adnxs.com 2 redirects
2 hello.nutter.com 1 redirects pi.pardot.com
1 gamesfreaks.org
1 securecontentssl.com pipardot.com
1 mars.cdncontentdelivery.com pipardot.com
1 pipardot.com www.nutter.com
1 www.linkedin.com 1 redirects
1 attr.ml-api.io www.nutter.com
1 s.ml-attr.com 1 redirects
0 defiy.io Failed
44 17

This site contains no links.

Subject Issuer Validity Valid
*.nutter.com
DigiCert SHA2 Secure Server CA		 2019-12-18 -
2022-01-10		 2 years crt.sh
*.ml-api.io
Amazon		 2020-02-06 -
2021-03-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA		 2019-12-26 -
2020-12-26		 a year crt.sh
pipardot.com
Let's Encrypt Authority X3		 2020-09-04 -
2020-12-03		 3 months crt.sh
mars.cdncontentdelivery.com
Let's Encrypt Authority X3		 2020-10-09 -
2021-01-07		 3 months crt.sh
hello.nutter.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
securecontentssl.com
Let's Encrypt Authority X3		 2020-10-09 -
2021-01-07		 3 months crt.sh

This page contains 1 frames:

Frame: http://defiy.io/?clickid=37ac704e-133e-11eb-89f0-12211193a695
Frame ID: 24AC6EB79B0F544D47FF77B529E0A7CD
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hello.nutter.com/e/590181/-estate-planning-election-year/gmmf6/864898351?h=FLHCYA6dSL40Tcit2E... HTTP 301
    https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year Page URL
  2. https://securecontentssl.com/?s=Tvc%2FHk8C8FTAnbqPRV3hyxAKkgk%2Fdxom7ohPWsw09Ux1aROQWpOxWD6YyW4jAuTvu12dN... Page URL
  3. http://gamesfreaks.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

44
Requests

93 %
HTTPS

43 %
IPv6

15
Domains

17
Subdomains

12
IPs

5
Countries

495 kB
Transfer

1183 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hello.nutter.com/e/590181/-estate-planning-election-year/gmmf6/864898351?h=FLHCYA6dSL40Tcit2EO-0CKyO2w8fUyRARXK5qtKxEk HTTP 301
    https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year Page URL
  2. https://securecontentssl.com/?s=Tvc%2FHk8C8FTAnbqPRV3hyxAKkgk%2Fdxom7ohPWsw09Ux1aROQWpOxWD6YyW4jAuTvu12dNq89JvSQ%2Bvoqo6csyQ%3D%3D&src=bnV0dGVyLmNvbQ%3D%3D Page URL
  3. http://gamesfreaks.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hello.nutter.com/e/590181/-estate-planning-election-year/gmmf6/864898351?h=FLHCYA6dSL40Tcit2EO-0CKyO2w8fUyRARXK5qtKxEk HTTP 301
  • https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Request Chain 18
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dnutter.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dnutter.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dnutter.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=nutter.com&pId=5774148820364258403
Request Chain 34
  • https://www.nutter.com/cookie-popup.html?force=false HTTP 301
  • https://www.nutter.com/cookie-popup?force=false
Request Chain 35
  • https://www.nutter.com/footer-banner.html HTTP 301
  • https://www.nutter.com/footer-banner
Request Chain 38
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D205674%26time%3D1603244348053%26url%3Dhttps%253A%252F%252Fwww.nutter.com%252Ftrending-newsroom-publications-estate-planning-election-year%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&liSync=true
Request Chain 47
  • http://ortrun-adi.com/gamesfreaks.org?adTagId=a40262c0-49a6-11ea-8c7f-0a71705c5345&fallbackUrl=http://defiy.io HTTP 302
  • http://defiy.io/?clickid=37ac704e-133e-11eb-89f0-12211193a695

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
trending-newsroom-publications-estate-planning-election-year
www.nutter.com/
Redirect Chain
  • https://hello.nutter.com/e/590181/-estate-planning-election-year/gmmf6/864898351?h=FLHCYA6dSL40Tcit2EO-0CKyO2w8fUyRARXK5qtKxEk
  • https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
d20d02e622dc3ca9b53198dd94931f77c607932b58c07f9e8f66241afea72f95

Request headers

Host
www.nutter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:07 GMT
Server
Apache
Vary
X-Forwarded-Proto
Last-Modified
Wed, 21 Oct 2020 00:18:55 GMT
ETag
"18aa-5b2234afb912c"
Accept-Ranges
bytes
Content-Length
6314
Content-Encoding
gzip
Pragma
X-UA-Compatible
IE=Edge
Content-Type
text/html

Redirect headers

Date
Wed, 21 Oct 2020 01:39:06 GMT
Set-Cookie
pardot=o5jhcoqt4knk3j4316a6vblm83; path=/ visitor_id590181=183800545; expires=Sat, 19-Oct-2030 01:39:06 GMT; Max-Age=315360000; path=/; SameSite=None; secure visitor_id590181-hash=2b20c275df3d3688ef9bb6ba59104a771bb134541a999bdfd38a0e3de05215e4d9d1f579ec1676409fbe5d7e250bd26dbf70178f; expires=Sat, 19-Oct-2030 01:39:06 GMT; Max-Age=315360000; path=/; SameSite=None; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
136
Content-Type
text/html; charset=UTF-8
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
Server
PardotServer
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Connection
keep-alive
jwplayer.7.0.0.min.js
www.nutter.com/sp_class/assets-t1603222070/js/ 		256 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/sp_class/assets-t1603222070/js/jwplayer.7.0.0.min.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
7d2f683954e3bf3c7d9b2bf6b05babab134d9dfe17fbcd1e8f8b6ce16aa232db

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2015 15:34:44 GMT
Server
Apache
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Thu, 21 Oct 2021 01:39:07 GMT
screen-style.css
www.nutter.com/css-t1603222070/ 		124 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/css-t1603222070/screen-style.css
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
5b0f90fb540c922497422590ebfae0be4ec2a422a2e502ae40598ea624351a78

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date
Wed, 21 Oct 2020 01:39:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 19:27:51 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
text/css
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
32183
Expires
Thu, 21 Oct 2021 01:39:07 GMT
logo.svgz
www.nutter.com/i-t1603222070/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/i-t1603222070/logo.svgz
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
0ee5909bd74835e6b15bd658adb032767e5b6b1a653567c255c0e982d1308485

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Apr 2017 23:05:51 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3557
Expires
Thu, 21 Oct 2021 01:39:08 GMT
107_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/107_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
b5b8bc1103ca693cbf5a2f3c5dd8e9214474a413aa3da1d1b20d91227c289a85

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Mon, 22 May 2017 20:29:37 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10660
Expires
Thu, 21 Oct 2021 01:39:08 GMT
136_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/136_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
df144d96de430f71ec2b4f9b37e423119da3ddf216f3a957147d7cd9be09f253

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Mon, 22 May 2017 21:40:59 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
12620
Expires
Thu, 21 Oct 2021 01:39:08 GMT
144_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/144_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
4d7eb4abe105e145a1af0098f7b29ce7e0c920dbb2a1e163d5e636e3b4c85a25

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Mon, 22 May 2017 21:44:19 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10721
Expires
Thu, 21 Oct 2021 01:39:08 GMT
189_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/189_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
23e0fae906ca14ac0aae1926f82231c7ea6ecb52f88390d53680b2633055864c

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Tue, 23 May 2017 18:00:23 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
12647
Expires
Thu, 21 Oct 2021 01:39:08 GMT
230_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/230_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
6cd47074652aeea6665856b5cc7cd474d9eddc5a4a63cff40e4e2fac25bebe0f

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 16:27:28 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10255
Expires
Thu, 21 Oct 2021 01:39:08 GMT
244_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/244_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
a4630b11b464bb925c91fd1cbeb6c6e241ad6ccd4f551d78dda1c83814dc7cdb

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 16:35:16 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10986
Expires
Thu, 21 Oct 2021 01:39:08 GMT
278_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/278_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
706350feca4b03e2404c77633902057363338ea50e5823e58ea440ac7efed30c

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 16:51:08 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
13270
Expires
Thu, 21 Oct 2021 01:39:08 GMT
286_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/286_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
2727406a29dec41017269a76b1b8b7ed35e7df4bef17429996fbc618ba470401

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 16:58:37 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11132
Expires
Thu, 21 Oct 2021 01:39:08 GMT
296_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/296_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
9585788b26c6a1b6d60700c5eb0591db671a2d8c5c5a3001d3d40ee7dd2c9951

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 17:09:59 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11497
Expires
Thu, 21 Oct 2021 01:39:08 GMT
331_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/331_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
fff41fa22b7b54f9b355bf9f228e2447f7e1b2c6655560b54367e259de8fafea

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 18:13:00 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
9747
Expires
Thu, 21 Oct 2021 01:39:08 GMT
339_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/339_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
3137a57c174c495e97db7962bed46b948cbeeeefd1756358dc9c2d9acc9401ac

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 18:15:45 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11193
Expires
Thu, 21 Oct 2021 01:39:08 GMT
341_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/341_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
6016dba5b70db246cbfa8404087433f50c6322b8dfd4d0b428d5be89b71cbc39

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 18:16:22 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11134
Expires
Thu, 21 Oct 2021 01:39:08 GMT
371_areacontact.jpeg
www.nutter.com/assets/images-t1603222070/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/assets/images-t1603222070/371_areacontact.jpeg
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
6e1b7ce48f0161efdb107cb94765db4dd19afbeb44d2bcebbd9857b741fb703d

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Thu, 25 May 2017 18:33:40 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10476
Expires
Thu, 21 Oct 2021 01:39:08 GMT
blank.png
www.nutter.com/i-t1603222070/ 		95 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/i-t1603222070/blank.png
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Tue, 18 Apr 2017 23:05:51 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
95
Expires
Thu, 21 Oct 2021 01:39:08 GMT
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dnutter.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dnutter.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dnutter.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=nutter.com&pId=5774148820364258403
4 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attr.ml-api.io/?domain=nutter.com&pId=5774148820364258403
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-74.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
x-amzn-RequestId
407b55c4-92b7-4d1c-8a0e-d7a13bdca523
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
X-Amzn-Trace-Id
Root=1-5f8f913c-0894d76f1fa333e152964c01;Sampled=0
Connection
keep-alive
x-amz-apigw-id
UvOhfFtnoAMF2Fw=
Content-Length
4
X-Amz-Cf-Id
HxWEvTk-btWm5RfqsHUd1N9bawU9lhPO5T0HOzwTvV3djjS9ff4TwQ==

Redirect headers

Pragma
no-cache
Date
Wed, 21 Oct 2020 01:39:08 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.236:80
AN-X-Request-Uuid
a084b6d5-f50c-4281-8764-76dcd6a4b5f0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://attr.ml-api.io/?domain=nutter.com&pId=5774148820364258403
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
combined.js
www.nutter.com/js-t1603222070/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/js-t1603222070/combined.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
f6ac8cfb47be57f23ff805de8659b40770293aa9beb8ed0e21f8df5b0de4f2e4

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date
Wed, 21 Oct 2020 01:39:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 19:27:51 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
text/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
64662
Expires
Thu, 21 Oct 2021 01:39:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
Y9ISDv5VhO89lmAL2t9xZpbCUSUhg5Lf5/etYsFHPjkDj7dPXHmH9tEr3+apnT1ZlkA4wsNlsnA9rs9ZYQzQoQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 21 Oct 2020 01:39:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires
Sat, 01 Jan 2000 00:00:00 GMT
icon-search-panelform.svgz
www.nutter.com/i-t1603222069/ 		775 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nutter.com/i-t1603222069/icon-search-panelform.svgz
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/css-t1603222070/screen-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
f54ee59db9b4450d8a9b6d259066acf70564b0bc149f7682a7a0a73daa22ecc8

Request headers

Referer
https://www.nutter.com/css-t1603222070/screen-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Apr 2017 23:06:18 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
521
Expires
Thu, 21 Oct 2021 01:39:08 GMT
truncated
/ 		531 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c89c2cdbe0e6c1b53b667888be8e7152b98d83c3d06fa8b93d0fd5f2ed79243

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7430febb0034def6d766d6f83eb5ad350808c8e0feb92694f42daf34cd9e312

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		312 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40c72c139071370725a6ca348f044d0d022863dcee792baedfd63aaf2e65be81

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		310 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb5b214a30354f6b7118ee551f5f96a9102f96a89505775e7cf73f700b6d188

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		272 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71e65d6b7317e925f79445be09f9350035de74e0743541fdfacebcce6c580543

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		356 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918917327745035bb32d83088fe940fd370fc6a5fc3280caef8d3ce132f1ebb7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Regular-webfont.woff2
www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/Roboto-Regular-webfont.woff2
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/css-t1603222070/screen-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68

Request headers

Origin
https://www.nutter.com
Referer
https://www.nutter.com/css-t1603222070/screen-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Tue, 29 Sep 2015 16:31:31 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
application/font-woff2
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
14584
Expires
Thu, 21 Oct 2021 01:39:08 GMT
Roboto-Bold-webfont.woff2
www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/Roboto-Bold-webfont.woff2
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/css-t1603222070/screen-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
413a32337b13f4db78efa8d6842a3769d28166c156d9d053bf70b472e4a1e41f

Request headers

Origin
https://www.nutter.com
Referer
https://www.nutter.com/css-t1603222070/screen-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Tue, 29 Sep 2015 16:31:31 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
application/font-woff2
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
14552
Expires
Thu, 21 Oct 2021 01:39:08 GMT
Roboto-Italic-webfont.woff2
www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/sp_class/assets-t1603222069/fonts/roboto/Roboto-Italic-webfont.woff2
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/css-t1603222070/screen-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
4bdf94f8f23e72d24f755d5a7e1f46f1b6326f72e9439f277a07598328008519

Request headers

Origin
https://www.nutter.com
Referer
https://www.nutter.com/css-t1603222070/screen-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Last-Modified
Tue, 29 Sep 2015 16:31:31 GMT
Server
Apache
Vary
X-Forwarded-Proto
Content-Type
application/font-woff2
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
15736
Expires
Thu, 21 Oct 2021 01:39:08 GMT
202720650501241
connect.facebook.net/signals/config/ 		234 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/202720650501241?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d871540568d022d94ae498f71a1d8ed2f525d924d8a37c9ded7897eaabf6ea9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
C0tVB2QZdLMJZM3xvC0rrx3i3Zdh24XuvSs/S82SVIs1j1X2QEdetVDv54GXMkTCjaM+6wc3yPO6Yc1vmfAkUw==
x-fb-trip-id
664085054
date
Wed, 21 Oct 2020 01:39:08 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1399
date
Wed, 21 Oct 2020 01:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 21 Oct 2020 03:15:49 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=78358
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
cookie-popup
www.nutter.com/
Redirect Chain
  • https://www.nutter.com/cookie-popup.html?force=false
  • https://www.nutter.com/cookie-popup?force=false
158 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/cookie-popup?force=false
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
5d534431641d92ccfcf99197e7041341d7e4f08494a4c4d2204c7e75d4e0b17f

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Server
Apache
Content-Length
134
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.nutter.com/cookie-popup?force=false
Date
Wed, 21 Oct 2020 01:39:08 GMT
Server
Apache
Content-Length
255
Content-Type
text/html; charset=iso-8859-1
footer-banner
www.nutter.com/
Redirect Chain
  • https://www.nutter.com/footer-banner.html
  • https://www.nutter.com/footer-banner
224 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nutter.com/footer-banner
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.157.108.97 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
d89d6c61.client-ipv4.firmseek.net
Software
Apache /
Resource Hash
7e36bb1152372f2ad57452ebba7a244940f5e5fc354db4cc6a1549567776c24a

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Server
Apache
Content-Length
189
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.nutter.com/footer-banner
Date
Wed, 21 Oct 2020 01:39:08 GMT
Server
Apache
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=74512
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
collect
www.google-analytics.com/j/ 		2 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=480194667&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&ul=en-us&de=UTF-8&dt=Estate%20Planning%20in%20an%20Election%20Year%3A%20Should%20You%20Make%20Significant%20Gifts%20Before%20Year%E2%80%99s%20End%3F%3A%20Nutter%20McClennen%20%26%20Fish%20Law%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=938870638&gjid=2119759529&cid=1002689858.1603244348&tid=UA-35522067-4&_gid=314889402.1603244348&_r=1&_slc=1&z=1785706385
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 01:39:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.nutter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D205674%26time%3D1603244348053%26url%3Dhttps%253A%252F%252Fwww.nutter.com%252Ftren...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&liSync=true
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 01:39:08 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
Sywflj3ePxbQc6sw3ioAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
hX4yjz3ePxawWiU1sioAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 440158D470D6490495471577821DF67A Ref B: FRAEDGE0714 Ref C: 2020-10-21T01:39:08Z
x-frame-options
sameorigin
date
Wed, 21 Oct 2020 01:39:07 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=205674&time=1603244348053&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=202720650501241&ev=PageView&dl=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&rl=&if=false&ts=1603244348079&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603244348078.628115959&it=1603244347987&coo=false&rqm=GET
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 01:39:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 21 Oct 2020 01:39:08 GMT
/
www.facebook.com/tr/ 		0
82 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryh8Uyg1lMU4OEFEPQ

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 21 Oct 2020 01:39:08 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.nutter.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:09 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified
Fri, 13 Mar 2020 19:44:53 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Fri, 21 Oct 2022 01:39:09 GMT
pd.js
pipardot.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pipardot.com/pd.js
Requested by
Host: www.nutter.com
URL: https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.126.127.231 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
condor2543.startdedicated.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aa3dcf58e14a640a8b78582d2c7ff53cbe1040a6ca870b30a47974fc54c8821a

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:09 GMT
Content-Encoding
gzip
Server
Apache/2.4.18 (Ubuntu)
Connection
close
Content-Length
1253
Vary
Accept-Encoding
Content-Type
application/javascript
stats.php
mars.cdncontentdelivery.com/f/ 		155 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars.cdncontentdelivery.com/f/stats.php
Requested by
Host: pipardot.com
URL: https://pipardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.126.127.231 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
condor2543.startdedicated.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 21 Oct 2020 01:39:09 GMT
Content-Encoding
gzip
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
162
analytics
pi.pardot.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=108209&account_id=591181&title=Estate%20Planning%20in%20an%20Election%20Year%3A%20Should%20You%20Make%20Significant%20Gifts%20Before%20Year%E2%80%99s%20End%3F%3A%20Nutter%20McClennen%20%26%20Fish%20Law%20Firm&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
34be227a14a49dc838a097a0386de062c2c8e7ff0c7791e2f88b67400ee0fcc7

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Oct 2020 01:39:09 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/124/112
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
855
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
hello.nutter.com/ 		52 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.nutter.com/analytics?conly=true&visitor_id=183800551&visitor_id_sign=ff1f8ecf96a0dd8b5ee67c4b59e7c252fa6ee42cc7e0e38d4c65442b50e66e0be39c128c871c3326cb8887884ef57cc30d5696fb&pi_opt_in=&campaign_id=108209&account_id=591181&title=Estate%20Planning%20in%20an%20Election%20Year%3A%20Should%20You%20Make%20Significant%20Gifts%20Before%20Year%E2%80%99s%20End%3F%3A%20Nutter%20McClennen%20%26%20Fish%20Law%20Firm&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=108209&account_id=591181&title=Estate%20Planning%20in%20an%20Election%20Year%3A%20Should%20You%20Make%20Significant%20Gifts%20Before%20Year%E2%80%99s%20End%3F%3A%20Nutter%20McClennen%20%26%20Fish%20Law%20Firm&url=https%3A%2F%2Fwww.nutter.com%2Ftrending-newsroom-publications-estate-planning-election-year&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash

Request headers

Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Oct 2020 01:39:09 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/18/57
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
52
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
securecontentssl.com/ 		108 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://securecontentssl.com/?s=Tvc%2FHk8C8FTAnbqPRV3hyxAKkgk%2Fdxom7ohPWsw09Ux1aROQWpOxWD6YyW4jAuTvu12dNq89JvSQ%2Bvoqo6csyQ%3D%3D&src=bnV0dGVyLmNvbQ%3D%3D
Requested by
Host: pipardot.com
URL: https://pipardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.1.203 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns100218.ip-147-135-1.us
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
272a44e90c1fe44018d27036cb40b34d1635dc382531c86c347eb14378415473

Request headers

Host
securecontentssl.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nutter.com/trending-newsroom-publications-estate-planning-election-year

Response headers

Date
Wed, 21 Oct 2020 01:39:10 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
109
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request /
gamesfreaks.org/ 		196 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
http://gamesfreaks.org/
Protocol
HTTP/1.1
Server
209.126.103.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
condor2710.startdedicated.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b2449ff1794a6e52e34bf8c0f0f0154b6e5acfe216b92757ef2ab4b9ecc340f6

Request headers

Host
gamesfreaks.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 01:39:10 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
177
Connection
close
Content-Type
text/html; charset=UTF-8
/
defiy.io/
Redirect Chain
  • http://ortrun-adi.com/gamesfreaks.org?adTagId=a40262c0-49a6-11ea-8c7f-0a71705c5345&fallbackUrl=http://defiy.io
  • http://defiy.io/?clickid=37ac704e-133e-11eb-89f0-12211193a695
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
defiy.io
URL
http://defiy.io/?clickid=37ac704e-133e-11eb-89f0-12211193a695

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attr.ml-api.io
connect.facebook.net
defiy.io
gamesfreaks.org
hello.nutter.com
mars.cdncontentdelivery.com
pi.pardot.com
pipardot.com
px.ads.linkedin.com
s.ml-attr.com
secure.adnxs.com
securecontentssl.com
snap.licdn.com
www.facebook.com
www.google-analytics.com
www.linkedin.com
www.nutter.com
defiy.io
147.135.1.203
209.126.103.139
209.126.127.231
216.157.108.97
2620:1ec:21::14
2a00:1450:4001:824::200e
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
35.174.78.146
37.252.172.249
68.67.153.60
99.86.2.74
0eb5b214a30354f6b7118ee551f5f96a9102f96a89505775e7cf73f700b6d188
0ee5909bd74835e6b15bd658adb032767e5b6b1a653567c255c0e982d1308485
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
23e0fae906ca14ac0aae1926f82231c7ea6ecb52f88390d53680b2633055864c
2727406a29dec41017269a76b1b8b7ed35e7df4bef17429996fbc618ba470401
272a44e90c1fe44018d27036cb40b34d1635dc382531c86c347eb14378415473
3137a57c174c495e97db7962bed46b948cbeeeefd1756358dc9c2d9acc9401ac
34be227a14a49dc838a097a0386de062c2c8e7ff0c7791e2f88b67400ee0fcc7
40c72c139071370725a6ca348f044d0d022863dcee792baedfd63aaf2e65be81
413a32337b13f4db78efa8d6842a3769d28166c156d9d053bf70b472e4a1e41f
4bdf94f8f23e72d24f755d5a7e1f46f1b6326f72e9439f277a07598328008519
4c89c2cdbe0e6c1b53b667888be8e7152b98d83c3d06fa8b93d0fd5f2ed79243
4d7eb4abe105e145a1af0098f7b29ce7e0c920dbb2a1e163d5e636e3b4c85a25
5b0f90fb540c922497422590ebfae0be4ec2a422a2e502ae40598ea624351a78
5d534431641d92ccfcf99197e7041341d7e4f08494a4c4d2204c7e75d4e0b17f
5d871540568d022d94ae498f71a1d8ed2f525d924d8a37c9ded7897eaabf6ea9
6016dba5b70db246cbfa8404087433f50c6322b8dfd4d0b428d5be89b71cbc39
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6cd47074652aeea6665856b5cc7cd474d9eddc5a4a63cff40e4e2fac25bebe0f
6e1b7ce48f0161efdb107cb94765db4dd19afbeb44d2bcebbd9857b741fb703d
706350feca4b03e2404c77633902057363338ea50e5823e58ea440ac7efed30c
71e65d6b7317e925f79445be09f9350035de74e0743541fdfacebcce6c580543
7d2f683954e3bf3c7d9b2bf6b05babab134d9dfe17fbcd1e8f8b6ce16aa232db
7e36bb1152372f2ad57452ebba7a244940f5e5fc354db4cc6a1549567776c24a
918917327745035bb32d83088fe940fd370fc6a5fc3280caef8d3ce132f1ebb7
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
9585788b26c6a1b6d60700c5eb0591db671a2d8c5c5a3001d3d40ee7dd2c9951
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4630b11b464bb925c91fd1cbeb6c6e241ad6ccd4f551d78dda1c83814dc7cdb
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aa3dcf58e14a640a8b78582d2c7ff53cbe1040a6ca870b30a47974fc54c8821a
b2449ff1794a6e52e34bf8c0f0f0154b6e5acfe216b92757ef2ab4b9ecc340f6
b5b8bc1103ca693cbf5a2f3c5dd8e9214474a413aa3da1d1b20d91227c289a85
b7430febb0034def6d766d6f83eb5ad350808c8e0feb92694f42daf34cd9e312
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef
d20d02e622dc3ca9b53198dd94931f77c607932b58c07f9e8f66241afea72f95
df144d96de430f71ec2b4f9b37e423119da3ddf216f3a957147d7cd9be09f253
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f54ee59db9b4450d8a9b6d259066acf70564b0bc149f7682a7a0a73daa22ecc8
f6ac8cfb47be57f23ff805de8659b40770293aa9beb8ed0e21f8df5b0de4f2e4
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
fff41fa22b7b54f9b355bf9f228e2447f7e1b2c6655560b54367e259de8fafea