Submitted URL: https://www.hvac-clientsondemand.com/
Effective URL: https://hvac-clientsondemand.com/
Submission: On February 22 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 28 HTTP transactions. The main IP is 34.202.63.170, located in United States and belongs to AMAZON-AES, US. The main domain is hvac-clientsondemand.com.
TLS certificate: Issued by R3 on February 22nd 2021. Valid for: 3 months.
This is the only time hvac-clientsondemand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 static.web-repository.com hvac-clientsondemand.com
static.web-repository.com
4 content.app-sources.com hvac-clientsondemand.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.facebook.com hvac-clientsondemand.com
connect.facebook.net
3 connect.facebook.net hvac-clientsondemand.com
connect.facebook.net
2 hvac-clientsondemand.com static.web-repository.com
1 d319wp1gyy5k3g.cloudfront.net calendly.com
1 calendly.com assets.calendly.com
1 assets.calendly.com hvac-clientsondemand.com
1 fonts.googleapis.com hvac-clientsondemand.com
1 www.hvac-clientsondemand.com 1 redirects
28 11

This site contains no links.

Subject Issuer Validity Valid
hvac-clientsondemand.com
R3
2021-02-22 -
2021-05-23
3 months crt.sh
*.simvoly.com
Amazon
2020-10-16 -
2021-11-14
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.calendly.com
Go Daddy Secure Certificate Authority - G2
2018-01-08 -
2021-04-07
3 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh

This page contains 3 frames:

Primary Page: https://hvac-clientsondemand.com/
Frame ID: 3391CC7FFD369DA6310546B557C896F7
Requests: 24 HTTP requests in this frame

Frame: https://calendly.com/silverleadmarketing/15-minute-discovery-call?embed_domain=hvac-clientsondemand.com&embed_type=Inline&hide_event_type_details=1&text_color=050505&primary_color=23a3ea
Frame ID: 279995301B46AE54521BEB0F0F53438B
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e582f6de55158%26domain%3Dhvac-clientsondemand.com%26origin%3Dhttps%253A%252F%252Fhvac-clientsondemand.com%252Ff2a08b5b9285944%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&logged_out_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&page_id=102615275077122&request_time=1613993062151&sdk=joey&theme_color=%23F37934
Frame ID: 46597F0B7B2A5255F4D362D7F81CC53F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.hvac-clientsondemand.com/ HTTP 301
    https://hvac-clientsondemand.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

28
Requests

96 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

2094 kB
Transfer

3867 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hvac-clientsondemand.com/ HTTP 301
    https://hvac-clientsondemand.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hvac-clientsondemand.com/
Redirect Chain
  • https://www.hvac-clientsondemand.com/
  • https://hvac-clientsondemand.com/
90 KB
17 KB
Document
General
Full URL
https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.202.63.170 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-63-170.compute-1.amazonaws.com
Software
/
Resource Hash
05000350afb5a4b96ace5a5eb1c2381279a19f2aa9860e2fe62424243e2862c1

Request headers

:method
GET
:authority
hvac-clientsondemand.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

set-cookie
INGRESSCOOKIE=073DBE6BEC4720F616085C39954725D8; Path=/; Secure; HttpOnly; SameSite=None
content-type
text/html;charset=UTF-8
content-language
en
date
Mon, 22 Feb 2021 11:24:20 GMT
content-encoding
gzip

Redirect headers

content-length
0
location
https://hvac-clientsondemand.com/
platform.client.min.js
static.web-repository.com/scripts/
735 KB
219 KB
Script
General
Full URL
https://static.web-repository.com/scripts/platform.client.min.js?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04121eb5f622b77db477c84ec3432d9162b7042e93368b64061288ca072f4e2d

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
content-encoding
gzip
last-modified
Sun, 14 Feb 2021 16:12:05 GMT
server
AmazonS3
age
673400
etag
W/"3569e3b2ae0543bb0b27550239463115"
vary
Accept-Encoding
x-amz-meta-sha256
04121eb5f622b77db477c84ec3432d9162b7042e93368b64061288ca072f4e2d
content-type
application/javascript
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
7bLMAhM1TzRuQpWR9c7FOiFGysPh9Px4wmbFgC8xAwiZD_lacYPgsg==
x-amz-meta-s3b-last-modified
20210214T160950Z
trunk.min.css
static.web-repository.com/t/theme25/css/
912 B
1 KB
Stylesheet
General
Full URL
https://static.web-repository.com/t/theme25/css/trunk.min.css?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5195557732c360c66c6080f5c19af75ec714fae2c802566820a124e877144c1

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified
Tue, 14 Jan 2020 10:43:26 GMT
server
AmazonS3
age
673400
etag
"0020b5734074ad0c9f03401cea75021f"
x-amz-meta-sha256
e5195557732c360c66c6080f5c19af75ec714fae2c802566820a124e877144c1
content-type
text/css
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
912
x-amz-cf-id
__hG0A17f4nqHY4z2ib8zAbe7BG0qog1Vx3h-cq5oKztm1x59DA_Rg==
x-amz-meta-s3b-last-modified
20200114T101307Z
css
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d09ee08297675b4a2865ff9d7c36fb8ecb1f1bf355be8d8b05e17ce57caf271f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 11:24:20 GMT
server
ESF
date
Mon, 22 Feb 2021 11:24:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Feb 2021 11:24:20 GMT
platform.client.min.css
static.web-repository.com/styles/
389 KB
76 KB
Stylesheet
General
Full URL
https://static.web-repository.com/styles/platform.client.min.css?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb45cc15c9edd08fba93e672f8a7307c3e511bc7bbb7ed04748eee62123bfe96

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
content-encoding
gzip
last-modified
Sun, 14 Feb 2021 16:13:46 GMT
server
AmazonS3
age
673400
etag
W/"2539fac5d6090243833dcba815ccfb12"
vary
Accept-Encoding
x-amz-meta-sha256
cb45cc15c9edd08fba93e672f8a7307c3e511bc7bbb7ed04748eee62123bfe96
content-type
text/css
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
snkZ1014pTVnGPxjfPhbdVQD3T3IOObIMV3lcCMvrlJgdJYiS3G1Kw==
x-amz-meta-s3b-last-modified
20210214T160909Z
trunk-1024.min.css
static.web-repository.com/t/theme25/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://static.web-repository.com/t/theme25/css/trunk-1024.min.css?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f845554694e90af3f7423dbd0b1fe19017b1e717bd4897acfe0eb55761efdf4

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 14:44:40 GMT
server
AmazonS3
age
673400
etag
W/"a96d864139f5337003de7f13670f01cd"
vary
Accept-Encoding
x-amz-meta-sha256
2f845554694e90af3f7423dbd0b1fe19017b1e717bd4897acfe0eb55761efdf4
content-type
text/css
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
dzf9y5cE_Ssw9fxDlf-4eJhZL_fk9eE7zcNm3puZTFON4ZXggBpdAQ==
x-amz-meta-s3b-last-modified
20200817T104711Z
trunk-768.min.css
static.web-repository.com/t/theme25/css/
41 KB
8 KB
Stylesheet
General
Full URL
https://static.web-repository.com/t/theme25/css/trunk-768.min.css?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
736a589198fa1ea26b5120844bc4a8fa49a3440420acf48fcbe32102341618be

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 17:28:15 GMT
server
AmazonS3
age
673400
etag
W/"c2b89e959e629e29e7bd3d6bd7de209b"
vary
Accept-Encoding
x-amz-meta-sha256
736a589198fa1ea26b5120844bc4a8fa49a3440420acf48fcbe32102341618be
content-type
text/css
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
8OK5Z36qer2-uAHltECaJ7JaVVe331bzL9UjWETkIYdXYxtBR-v7ew==
x-amz-meta-s3b-last-modified
20201123T172531Z
trunk-480.min.css
static.web-repository.com/t/theme25/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://static.web-repository.com/t/theme25/css/trunk-480.min.css?v=743
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd6b9ad70715b09bf76d5254e4a4d6946d755a3c916caf9b1bc8ab810de1d835

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 16:21:01 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 17:32:38 GMT
server
AmazonS3
age
673400
etag
W/"a24bccd7353b1523fb4af9a725643b51"
vary
Accept-Encoding
x-amz-meta-sha256
fd6b9ad70715b09bf76d5254e4a4d6946d755a3c916caf9b1bc8ab810de1d835
content-type
text/css
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
iHtHkDzcpv8XCozy5IQCd9_h_RqsMscMR9BjHBVaOd09POKw8zn73A==
x-amz-meta-s3b-last-modified
20201018T172516Z
widget.js
assets.calendly.com/assets/external/
25 KB
6 KB
Script
General
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6a00:d:1c5c:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
content-length
6026
cf-request-id
086af3f2a800004120db2b7000000001
access-control-allow-origin
*
last-modified
Mon, 22 Feb 2021 10:17:19 GMT
server
cloudflare
date
Mon, 22 Feb 2021 11:24:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
via
1.1 vegur, 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
cf-ray
625822977d774120-PRG
x-amz-cf-id
kcIx4IxjY4MR3aeN_feyck4uUEkccVCnIGAmelmWU6_aRp0FBnytpA==
JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hvac-clientsondemand.com
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 15:39:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:06 GMT
server
sffe
age
243907
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Sat, 19 Feb 2022 15:39:13 GMT
Wnz6HAc5bAfYB2Q7ZjYYiAzcPA.woff2
fonts.gstatic.com/s/caveat/v10/
72 KB
72 KB
Font
General
Full URL
https://fonts.gstatic.com/s/caveat/v10/Wnz6HAc5bAfYB2Q7ZjYYiAzcPA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6504575b8339f10822560c4878c78fe1d3af11a6fcc1e7535f17379688195e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hvac-clientsondemand.com
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 06:36:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:40:16 GMT
server
sffe
age
190071
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73496
x-xss-protection
0
expires
Sun, 20 Feb 2022 06:36:29 GMT
fontawesome-webfont.woff2
static.web-repository.com/fonts/
75 KB
76 KB
Font
General
Full URL
https://static.web-repository.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.web-repository.com
URL: https://static.web-repository.com/styles/platform.client.min.css?v=743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://hvac-clientsondemand.com
Referer
https://static.web-repository.com/styles/platform.client.min.css?v=743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:22 GMT
via
1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
77160
last-modified
Sat, 29 Dec 2018 10:13:16 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bfNISF21HPgU-l8cC-Q2UwNDhnf7Cn2ZDxe438XuLVBPve0p4mY3AQ==
x-amz-meta-s3b-last-modified
20161222T135034Z
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hvac-clientsondemand.com
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:14 GMT
server
sffe
age
274143
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Sat, 19 Feb 2022 07:15:17 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hvac-clientsondemand.com
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans%7CFira+Sans:regular%7CSource+Sans+Pro:regular%7CMontserrat:regular%7CCaveat:regular%7CSource+Sans+Pro:600%7CLato:regular%7COswald:regular%7CMontserrat:800%7CCaveat+Brush:regular%7CCaveat:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 23:19:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
129901
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sun, 20 Feb 2022 23:19:19 GMT
Screen_Shot_2020-12-16_at_8.02.36_pm-removebg-preview-8382096.png
content.app-sources.com/s/32513744132415922/uploads/Images/
45 KB
46 KB
Image
General
Full URL
https://content.app-sources.com/s/32513744132415922/uploads/Images/Screen_Shot_2020-12-16_at_8.02.36_pm-removebg-preview-8382096.png
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a16b7dd89a94122d1bb36ea90b96e324d1e47bd439ce0251cb7f1907790b47a

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:22 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Sat, 19 Dec 2020 12:48:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"2eb3ad27009dbbf4807591db6c8f99b8"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
content-length
46271
x-amz-cf-id
oGnodX014GQ5cvnYhgaVlAr-w3VbOY2q-tGW0monoYZj-Q2sHYosvw==
expires
Thu, 09 Dec 2021 12:48:18 GMT
Untitled_design_5-6880144.png
content.app-sources.com/s/71672926735825521/uploads/Images/
464 KB
465 KB
Image
General
Full URL
https://content.app-sources.com/s/71672926735825521/uploads/Images/Untitled_design_5-6880144.png
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6f7036732d9722628dc566c05752325262521ab8b6268dbd6715d6ff81dcf4e

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:22 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 03:35:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"47fba62ef5b65d27f0c6914c1a0c2b14"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
content-length
474755
x-amz-cf-id
MZxCIGXrybmO1tL0XaM-xWXcWYgK6AoRNplSGyzNe2mVQFPnh0sKvw==
expires
Mon, 22 Nov 2021 03:35:53 GMT
THIS_CLIENT_MADE_7200_WITH_AN_AD_COST_OF_451.22_IN_JUST_2_WEEKS-8463199.png
content.app-sources.com/s/32513744132415922/uploads/Images/
144 KB
145 KB
Image
General
Full URL
https://content.app-sources.com/s/32513744132415922/uploads/Images/THIS_CLIENT_MADE_7200_WITH_AN_AD_COST_OF_451.22_IN_JUST_2_WEEKS-8463199.png
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22c04a8f99174b38f314647674ebbcac6fc40ab62e574e6e52f775f5b99f1a81

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:22 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Sun, 20 Dec 2020 11:20:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"9ade47b853ef6ab82249cae0cd373bdb"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
content-length
147690
x-amz-cf-id
dhA0IK0wPs4zdVVgDqt12DNNAPaSEv5Bq-6TxPWtEynlSYxGUFJ4aw==
expires
Fri, 10 Dec 2021 11:20:02 GMT
AC_Split_install__first_service_half_price-8463100.png
content.app-sources.com/s/32513744132415922/thumbnails/640x480/Images/
111 KB
112 KB
Image
General
Full URL
https://content.app-sources.com/s/32513744132415922/thumbnails/640x480/Images/AC_Split_install__first_service_half_price-8463100.png
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdff49c52e3a8b39b9c060d454b4ff1b0d25b7e7afa4257e8a105efe7a5b4909

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:22 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Sun, 20 Dec 2020 11:18:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"c428e6e5265a7d5b46e995123e2cea01"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
content-length
113967
x-amz-cf-id
iOhVtKQIRN5NLJ6GY4Pe2otdbhnh2ye2swW_AAiBCtUnhSvoADugsQ==
expires
Fri, 10 Dec 2021 11:18:24 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
YVb5pKrG3VWlPLJ8lJrJpHNZLeX/z0B1U17SxvX/3AQVcDRWgQCEeeXDV4bRNWBa1UcdCi3mvEeEGjnKkI3+rg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 22 Feb 2021 11:24:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/
255 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
588ffc576a5b7365caf723c36de68090e2ca3d50b78661a4c193043d8c2fd452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LZDLOVY8UgWLa91W6laG1g==
cross-origin-resource-policy
cross-origin
expires
Mon, 22 Feb 2021 11:29:36 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75300
x-fb-rlafr
0
x-fb-debug
PdKcxWmXAA25CPqwmvMzn8BudE97mbDhEJjvoblfSkWyuwDKJO2yk3LbpL+XiCmMwsCJmtSDzqrFVU/DDtFjvA==
x-fb-trip-id
686109401
x-fb-content-md5
2a73ae8f5ce384151d2344f61209dfc9
date
Mon, 22 Feb 2021 11:24:20 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6ca633d1cdd212aa9e2956a3c45f01ff"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
15-minute-discovery-call
calendly.com/silverleadmarketing/ Frame 2799
1 KB
819 B
Document
General
Full URL
https://calendly.com/silverleadmarketing/15-minute-discovery-call?embed_domain=hvac-clientsondemand.com&embed_type=Inline&hide_event_type_details=1&text_color=050505&primary_color=23a3ea
Requested by
Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79c4cf99ce8df61721edcf33ee3c47c24f9689bf09187e7ca1a80ed1f050b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

:method
GET
:authority
calendly.com
:scheme
https
:path
/silverleadmarketing/15-minute-discovery-call?embed_domain=hvac-clientsondemand.com&embed_type=Inline&hide_event_type_details=1&text_color=050505&primary_color=23a3ea
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hvac-clientsondemand.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hvac-clientsondemand.com/

Response headers

date
Mon, 22 Feb 2021 11:24:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dbd55c85b9d1854ca2939c3e9c793b0801613993060; expires=Wed, 24-Mar-21 11:24:20 GMT; path=/; domain=.calendly.com; HttpOnly; SameSite=Lax
x-request-id
bf4c76c0-9b05-4557-8977-0f1293496839
x-runtime
0.147411
strict-transport-security
max-age=31556952; includeSubDomains; preload
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
086b14c24200004a925a312000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62585716da794a92-FRA
content-encoding
br
hit
hvac-clientsondemand.com/
38 B
307 B
XHR
General
Full URL
https://hvac-clientsondemand.com/hit
Requested by
Host: static.web-repository.com
URL: https://static.web-repository.com/scripts/platform.client.min.js?v=743
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.202.63.170 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-63-170.compute-1.amazonaws.com
Software
/
Resource Hash
c5a4b182d01b3625ea451f24db049e72d2f3c9be2769e1242a798bf29fc3c371

Request headers

Accept
*/*
Referer
https://hvac-clientsondemand.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 22 Feb 2021 11:24:20 GMT
content-length
38
content-type
application/json;charset=UTF-8
788522338689365
connect.facebook.net/signals/config/
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/788522338689365?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5724d2376c13a049461b6c32e2448437fb5d0526bbb3d6f907ef73915010b79
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BHN096CJzNXIxLCx9sjviRWvLqhoOblaxWU7nU6tRksoEhErDxfjsiXdI5pSwgiiy7oDx5Y4Tf//qGonPpu+5A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 22 Feb 2021 11:24:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1971022084
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=788522338689365&ev=PageView&dl=https%3A%2F%2Fhvac-clientsondemand.com%2F&rl=&if=false&ts=1613993061051&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613993061049.390982055&it=1613993060959&coo=false&rqm=GET
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 22 Feb 2021 11:24:21 GMT
error-pages-v3.css
d319wp1gyy5k3g.cloudfront.net/error-page-assets/ Frame 2799
933 KB
550 KB
Stylesheet
General
Full URL
https://d319wp1gyy5k3g.cloudfront.net/error-page-assets/error-pages-v3.css
Requested by
Host: calendly.com
URL: https://calendly.com/silverleadmarketing/15-minute-discovery-call?embed_domain=hvac-clientsondemand.com&embed_type=Inline&hide_event_type_details=1&text_color=050505&primary_color=23a3ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:7600:b:5b57:bf00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98449dc9819f82c7a37abe533e903af9025e070bdd568c36b6a9dfcccbb5d069

Request headers

Referer
https://calendly.com/silverleadmarketing/15-minute-discovery-call?embed_domain=hvac-clientsondemand.com&embed_type=Inline&hide_event_type_details=1&text_color=050505&primary_color=23a3ea
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
K1pS5.oIyyAevyCI2kSv4MmElbdYTIs4
content-encoding
gzip
last-modified
Fri, 08 Jan 2021 15:04:18 GMT
server
AmazonS3
age
37908
etag
W/"3611ec4fae07356c94fa592103ca424a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e7ac510e4ba21d85d8aee7d252b283a9.cloudfront.net (CloudFront)
date
Mon, 22 Feb 2021 00:52:34 GMT
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
XjZ3yIn44CDq1pFZBIu8p4t0C466TS9wicaUrLmqGj3BBXKSKNqn2w==
truncated
/ Frame 2799
28 KB
28 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fa77ac2418e579b95d057412f9e63caaff4dc45c5e4c173fa0b2ccfc7148dd4

Request headers

Origin
https://calendly.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ Frame 2799
33 KB
33 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04fd495689ceaf37fcb32ed9ba9116977caf6d3552e720f30bedc634170ec12a

Request headers

Origin
https://calendly.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ Frame 2799
31 KB
31 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8711aef961652f6f4c4dd213ee0fad0efef7b5b694e7dd984355750a44b67f19

Request headers

Origin
https://calendly.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=788522338689365&ev=Microdata&dl=https%3A%2F%2Fhvac-clientsondemand.com%2F&rl=&if=false&ts=1613993061555&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HVAC%20Clients%20On%20Demand%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fhvac-clientsondemand.com%2F%22%2C%22og%3Asite_name%22%3A%22HVAC%20Clients%20On%20Demand%22%2C%22og%3Atitle%22%3A%22HVAC%20Clients%20On%20Demand%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcontent.app-sources.com%2Fs%2F77821205280770591%2Fuploads%2FImages%2Fcompany-logo-maker-with-a-spheric-shape-illustration-1519k-2585-6927035.png%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%22url%22%3A%22https%3A%2F%2Fhvac-clientsondemand.com%2F%22%2C%22name%22%3A%22HVAC%20Clients%20On%20Demand%22%2C%22description%22%3A%22%22%2C%22image%22%3A%22https%3A%2F%2Fcontent.app-sources.com%2Fs%2F77821205280770591%2Fuploads%2FImages%2Fcompany-logo-maker-with-a-spheric-shape-illustration-1519k-2585-6927035.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613993061049.390982055&it=1613993060959&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: hvac-clientsondemand.com
URL: https://hvac-clientsondemand.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hvac-clientsondemand.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 11:24:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 22 Feb 2021 11:24:21 GMT
customerchat.php
www.facebook.com/v9.0/plugins/ Frame 4659
0
0
Document
General
Full URL
https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e582f6de55158%26domain%3Dhvac-clientsondemand.com%26origin%3Dhttps%253A%252F%252Fhvac-clientsondemand.com%252Ff2a08b5b9285944%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&logged_out_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&page_id=102615275077122&request_time=1613993062151&sdk=joey&theme_color=%23F37934
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.facebook.com; default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e582f6de55158%26domain%3Dhvac-clientsondemand.com%26origin%3Dhttps%253A%252F%252Fhvac-clientsondemand.com%252Ff2a08b5b9285944%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&logged_out_greeting=Thanks%20for%20getting%20in%20touch%20with%20us.%20Please%20send%20us%20any%20questions%20you%20may%20have.&page_id=102615275077122&request_time=1613993062151&sdk=joey&theme_color=%23F37934
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hvac-clientsondemand.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0MJQjL1QNX7gNdT7M..BgM5Rl...1.0.BgM5Rl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hvac-clientsondemand.com/

Response headers

content-security-policy
frame-ancestors https://www.facebook.com; default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v9.0
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
YCoDyW4kr7+FCeDp181CyvfyPHzOfeB09SinlpeyNOALNi18naRCG76Q9Zs0ebBiJHcvdPTxwiG9lNfsXXOwfg==
date
Mon, 22 Feb 2021 11:24:22 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WebPlatform object| Calendly object| bodyScrollLock object| matched object| browser function| Base function| FlipClock function| b64EncodeUnicode function| b64DecodeUnicode function| toggleDisplay object| STORE_PRODUCT_TYPE object| COUNTRY_CODES object| STATES object| STATES_ISO function| dummy function| isUndefined function| isFunction object| Log function| getThumbnailsFromBase function| getFileFromBase function| extend object| $document object| $window number| windowHeight number| windowWidth object| TMDP_SLIDERS string| resources string| locale string| content number| resourcesVersion boolean| recaptchaLoaded function| onRecaptchaLoaded object| ClientTools function| setupMegaMenu object| TmdpLightbox object| inAnimations function| showSimpleLoadingBar function| hideSimpleLoadingBar function| setupThemesDemo function| setupFunnelsDemo function| mergeUnique function| $ function| jQuery function| Cookies object| Modernizr undefined| __customEventPolyfill function| CodeMirror function| nextact object| Simvoly function| fbq function| _fbq function| fbAsyncInit boolean| enableStickyNavRight object| FB

5 Cookies

Domain/Path Name / Value
hvac-clientsondemand.com/ Name: tmdp_stats
Value: 1613993060979
hvac-clientsondemand.com/ Name: wplp
Value: 1%7C1%7C1
hvac-clientsondemand.com/ Name: wpvp1
Value: 1%241
.hvac-clientsondemand.com/ Name: _fbp
Value: fb.1.1613993061049.390982055
hvac-clientsondemand.com/ Name: INGRESSCOOKIE
Value: 073DBE6BEC4720F616085C39954725D8

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.web-repository.com/scripts/platform.client.min.js?v=743(Line 90)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
calendly.com
connect.facebook.net
content.app-sources.com
d319wp1gyy5k3g.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hvac-clientsondemand.com
static.web-repository.com
www.facebook.com
www.hvac-clientsondemand.com
13.32.24.93
2600:9000:20d7:7600:b:5b57:bf00:21
2600:9000:2127:6a00:d:1c5c:fb80:93a1
2606:4700:10::6814:f874
2a00:1450:4001:800::2003
2a00:1450:4001:812::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.202.63.170
65.9.96.67
04121eb5f622b77db477c84ec3432d9162b7042e93368b64061288ca072f4e2d
04fd495689ceaf37fcb32ed9ba9116977caf6d3552e720f30bedc634170ec12a
05000350afb5a4b96ace5a5eb1c2381279a19f2aa9860e2fe62424243e2862c1
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a16b7dd89a94122d1bb36ea90b96e324d1e47bd439ce0251cb7f1907790b47a
22c04a8f99174b38f314647674ebbcac6fc40ab62e574e6e52f775f5b99f1a81
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f845554694e90af3f7423dbd0b1fe19017b1e717bd4897acfe0eb55761efdf4
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
588ffc576a5b7365caf723c36de68090e2ca3d50b78661a4c193043d8c2fd452
736a589198fa1ea26b5120844bc4a8fa49a3440420acf48fcbe32102341618be
8711aef961652f6f4c4dd213ee0fad0efef7b5b694e7dd984355750a44b67f19
8fa77ac2418e579b95d057412f9e63caaff4dc45c5e4c173fa0b2ccfc7148dd4
98449dc9819f82c7a37abe533e903af9025e070bdd568c36b6a9dfcccbb5d069
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a6f7036732d9722628dc566c05752325262521ab8b6268dbd6715d6ff81dcf4e
bdff49c52e3a8b39b9c060d454b4ff1b0d25b7e7afa4257e8a105efe7a5b4909
c5a4b182d01b3625ea451f24db049e72d2f3c9be2769e1242a798bf29fc3c371
c79c4cf99ce8df61721edcf33ee3c47c24f9689bf09187e7ca1a80ed1f050b9f
cb45cc15c9edd08fba93e672f8a7307c3e511bc7bbb7ed04748eee62123bfe96
d09ee08297675b4a2865ff9d7c36fb8ecb1f1bf355be8d8b05e17ce57caf271f
d6504575b8339f10822560c4878c78fe1d3af11a6fcc1e7535f17379688195e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5195557732c360c66c6080f5c19af75ec714fae2c802566820a124e877144c1
f5724d2376c13a049461b6c32e2448437fb5d0526bbb3d6f907ef73915010b79
fd6b9ad70715b09bf76d5254e4a4d6946d755a3c916caf9b1bc8ab810de1d835