urlscan.io logo urlscan.io
SecurityTrails logo

flamingoallservice.org Open in urlscan Pro
2606:4700:3032::6815:235e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cdn-1.flamingoallservice.org/
Effective URL: https://flamingoallservice.org/
Submission: On July 04 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3032::6815:235e, located in United States and belongs to CLOUDFLARENET, US. The main domain is flamingoallservice.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.
This is the only time flamingoallservice.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3032::6815:235e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-1.flamingoallservice.org
flamingoallservice.org
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
flamingoallservice.se
3    2606:4700:3036::ac43:d90d (United States)

ASN13335 (CLOUDFLARENET, US)
flamingoallservice.org
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:20eb:1200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
Domain Requested by
7 flamingoallservice.org flamingoallservice.org
4 flamingoallservice.se flamingoallservice.org
1 pixel.quantserve.com flamingoallservice.org
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com flamingoallservice.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com flamingoallservice.org
1 cdn-1.flamingoallservice.org 1 redirects
16 8

This site contains links to these domains. Also see Links.

Domain
linktr.ee
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
flamingoallservice.se
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://flamingoallservice.org/
Frame ID: 7D3781EB9D20AAA49FD7982977600E6A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cdn-1.flamingoallservice.org/ HTTP 301
    https://flamingoallservice.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

16
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

126 kB
Transfer

370 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdn-1.flamingoallservice.org/ HTTP 301
    https://flamingoallservice.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
flamingoallservice.org/
Redirect Chain
  • https://cdn-1.flamingoallservice.org/
  • https://flamingoallservice.org/
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:235e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96fb14e03d292a9f527990a79c050fe32cf38ffe7e9c91cd23fe29f33e1e33f5

Request headers

:method
GET
:authority
flamingoallservice.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, no-cache, no-store
display
orig_site_sol
expires
Sat, 03 Jul 2021 15:01:15 GMT
pagespeed
off
response
200
retry-after
86400
set-cookie
ezoadgid_269125=-1; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 15:31:15 UTC ezoref_269125=; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 17:01:15 UTC ezoab_269125=mod1; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 17:01:15 UTC lp_269125=https://flamingoallservice.org/; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 15:31:15 UTC ezovuuidtime_269125=1625410875; Path=/; Domain=flamingoallservice.org; Expires=Tue, 06 Jul 2021 15:01:15 UTC ezovuuid_269125=cb3b2535-3e2e-4f88-588c-048c477a6310; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 15:31:15 UTC ezopvc_269125=1; Path=/; Domain=flamingoallservice.org; Expires=Sun, 04 Jul 2021 15:31:15 UTC ezCMPCCS=true; Path=/; Domain=flamingoallservice.org; Expires=Mon, 04 Jul 2022 15:01:15 GMT
vary
Accept-Encoding Accept-Encoding,User-Agent
x-ezoic-cdn
Hit ds;mm;3b81051a8cd5b581cebfdcd2c7cb693a;2-269125-5;aa059129-fe58-4dcf-4fa3-1705c6e57a86
x-middleton-display
orig_site_sol
x-middleton-response
200
x-sol
orig
x-ua-compatible
IE=edge
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tn4h3ipMnv80l6vAIpzUHslFy0L27EPOJLfNZGrZ22hrsvwHnVFmrKtJwoH%2BGAzuSfO93tS4T2bLs%2FKYwM0Sh2LkQ7bTiMjYiQ5D1o%2BP3YazcwUhJc%2FGgHyQs1WOEAypzzCGq9f2%2BdYDBavS%2BWWVmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66993a54492805b3-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-type
text/plain; charset=utf-8
content-length
0
cache-control
max-age=300, private
location
https://flamingoallservice.org/
vary
Accept-Encoding Accept-Encoding
x-middleton-display
redirect
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QWp5CoJFHrK9jlxW801wTYyzeFVhEhs61oGO5oYDVHLYSeMYOxX5HvC%2FCjQsq%2B%2FH2qYldIrf4zeiaEzgpjvgci%2BhGUkiFAVJX1t1H8E9satiZbOnmzXaDqEdv%2Bv6UBqQXUst6kggX%2FKxlXFldu29CY6Su7zSbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66993a536eda05b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ 		4 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,900&display=optional
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36ecb13809cdad7d7731a2d5862cff619666edc7fc5275c038442e2eedb4b5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Jul 2021 15:01:15 GMT
server
ESF
date
Sun, 04 Jul 2021 15:01:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Jul 2021 15:01:15 GMT
bootstrap.min.css
flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/bootstrap.min.css?v=3.88
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
f330c61c05dbf52f8105ed3e131c7d8885efbfa8fcf44fd8d8a5293999a59c97

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
response
200
last-modified
Sun, 04 Jul 2021 14:43:54 GMT
server
nginx/1.16.0
display
staticcontent_sol, orig_site_sol
etag
W/"60e1c92a-1d970-gzip"
x-ezoic-cdn
Hit ds;mm;215ac17bac389006f78a53b7fa75150a;2-262174-55;40ad3170-fd85-4b7f-5350-63a5bd7de833
content-type
text/css
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=315360000
x-middleton-response
200
x-sol
orig
common.css
flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/ 		878 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/common.css?v=3.88
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
1fffc1284e1ea87c134b0ec6153cffe80e4470542d455baeec0f314bf5cc2f36

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
br
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
response
200
last-modified
Sun, 04 Jul 2021 14:43:54 GMT
server
nginx/1.16.0
display
staticcontent_sol, orig_site_sol
etag
"60e1c92a-36e-gzip"
x-ezoic-cdn
Hit ds;mm;b55ac2df516343820975b2813ee8d114;2-262174-55;0f66c870-cd03-4acc-5da8-6e1201933ce6
content-type
text/css
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=315360000
x-middleton-response
200
x-sol
orig
content-length
382
style.css
flamingoallservice.se/wp-content/plugins/under-construction-page/themes/mad_designer/ 		2 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.se/wp-content/plugins/under-construction-page/themes/mad_designer/style.css?v=3.88
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
7be3780b21348d2279d348984afe78848c0bdf5ff5c42deb5c96d20af6c72fbf

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
response
200
last-modified
Sun, 04 Jul 2021 14:43:54 GMT
server
nginx/1.16.0
display
staticcontent_sol, orig_site_sol
etag
W/"60e1c92a-640-gzip"
x-ezoic-cdn
Hit ds;mm;da83ff867d0b549dd5e499a2b2ed68dd;2-262174-55;8dae0ac9-5c88-4ad3-5634-5ced46c9344b
content-type
text/css
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=315360000
x-middleton-response
200
x-sol
orig
content-length
627
font-awesome.min.css
flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.se/wp-content/plugins/under-construction-page/themes/css/font-awesome.min.css?v=3.88
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
response
200
last-modified
Sun, 04 Jul 2021 14:43:54 GMT
server
nginx/1.16.0
display
staticcontent_sol, orig_site_sol
etag
W/"60e1c92a-7918-gzip"
x-ezoic-cdn
Hit ds;mm;2cc8854df84d879a72ad7e2e5876b2b4;2-262174-55;a6c6125f-94cc-499b-4196-1dd6d3020c4b
content-type
text/css
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=315360000
x-middleton-response
200
x-sol
orig
cmbv2.js
flamingoallservice.org/detroitchicago/ 		124 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d90d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71c3b820968a87a895394190cfbcc3e0d42c393d18121d3cd98832351559801

Request headers

:path
/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
pragma
no-cache
cookie
ezoadgid_269125=-1; ezoref_269125=; ezoab_269125=mod1; lp_269125=https://flamingoallservice.org/; ezovuuidtime_269125=1625410875; ezovuuid_269125=cb3b2535-3e2e-4f88-588c-048c477a6310; ezopvc_269125=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=126715
cf-ray
66993a54e85f4d89-FRA
x-middleton-display
sol-js
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O4P4QKkAFYciD5iirNh%2BzsZvpMfM9f6f0Z9b4tS8X%2BaaZblKRfiy1ME%2Fn2zlRFu%2F2imniYSJ9l3RwFDl5GIdFHffInpMA3PeY4EYfih56d7drZex80CmaNd87xfHIg3IgxLf481fBvZz2JUIjGHTDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fccfcc28dd4ce29864b45645e7af19487ab6af7bb88a65bdf5f646b1eb36f94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900&display=optional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://flamingoallservice.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 10:52:05 GMT
x-content-type-options
nosniff
age
446950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:52:05 GMT
imp.gif
flamingoallservice.org/detroitchicago/ 		43 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A269125%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2298cb830b-4285-492f-7e4c-2b0e50a9fd93%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A2569%2C%22response_time_orig%22%3A4%2C%22serverid%22%3A%223.67.221.0%3A6821%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1625410875%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fflamingoallservice.org%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A42%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d90d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:path
/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A269125%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2298cb830b-4285-492f-7e4c-2b0e50a9fd93%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A2569%2C%22response_time_orig%22%3A4%2C%22serverid%22%3A%223.67.221.0%3A6821%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1625410875%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fflamingoallservice.org%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A42%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
pragma
no-cache
cookie
ezoadgid_269125=-1; ezoref_269125=; ezoab_269125=mod1; lp_269125=https://flamingoallservice.org/; ezovuuidtime_269125=1625410875; ezovuuid_269125=cb3b2535-3e2e-4f88-588c-048c477a6310; ezopvc_269125=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ttqYAB8C5Hq%2F5wPb%2FCMSFXRn7X%2B7wT2tQndb9WCQtvgPzh50qCK0xp0d690vxMfT4TuTdbvFi%2BHShZCrNGXTGqLUXMbldKFnsMiiBl%2BOoz1FVabVRxMJHXbUV9YnBumegRHvB2APyMptMP%2BliqNcbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66993a5518e44d89-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 11 Jul 2021 15:01:15 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
mad-designer.png
flamingoallservice.org/ezoimgfmt/flamingoallservice.se/wp-content/plugins/under-construction-page/themes/mad_designer/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flamingoallservice.org/ezoimgfmt/flamingoallservice.se/wp-content/plugins/under-construction-page/themes/mad_designer/mad-designer.png?ezimgfmt=rs:1200x691/rscb2/ng:webp/ngcb2
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d90d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb65f38330269f96a08f0eebbae4fd7a6e8ad959968b51efb448057863a4aa7

Request headers

:path
/ezoimgfmt/flamingoallservice.se/wp-content/plugins/under-construction-page/themes/mad_designer/mad-designer.png?ezimgfmt=rs:1200x691/rscb2/ng:webp/ngcb2
pragma
no-cache
cookie
ezoadgid_269125=-1; ezoref_269125=; ezoab_269125=mod1; lp_269125=https://flamingoallservice.org/; ezovuuidtime_269125=1625410875; ezovuuid_269125=cb3b2535-3e2e-4f88-588c-048c477a6310; ezopvc_269125=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:15 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
45
x-amzn-requestid
58130235-1472-4874-bcaf-c05eca6bacb8
x-ezoic-cdn
Miss
x-cache
Miss from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol, staticcontent_sol, staticcontent_sol
access-control-allow-methods
GET
x-middleton-response
200
x-amz-apigw-id
B8z6REidIAMF6zQ=
x-amz-cf-id
Ly6r6_-q7SjaRk4muFWMLzFhfMKTM4IH5IsrQxxBvIFoGWva4hLwjg==
response
200
server
cloudflare
x-amzn-trace-id
Root=1-60e1cd0e-63024dce0c4d7ecd0d1eb1f7;Sampled=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l4fdK3v6k3a4iaqrW4BRQLUt%2BdZgXpTgfp0TqzP9LqDlygK3Z9T0AVCt3nCzax%2B3iWxewnjF%2B%2FGjuB7VIn%2BNOwiAqVMtE8fxGhIpkP6EK0myA3qBHbulxbefBhSkFqDmbfLT1aQsGwuHHxfMd4CmWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
cf-ray
66993a5528f04d89-FRA
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 00:49:28 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
age
51107
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
lz8BJJU3oOXxEYa2o18A0tkO21y8c1C1CB4H6FOe6PL-R6aOLTURKg==
pixel;r=1938316983;labels=Domain.flamingoallservice_org%2CDomainId.269125;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fflamingoallservice.org%2F;uht=2;fpan=1;fpa=P0-681831279-1625410875752;pbcn=u;pbc=;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1938316983;labels=Domain.flamingoallservice_org%2CDomainId.269125;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fflamingoallservice.org%2F;uht=2;fpan=1;fpa=P0-681831279-1625410875752;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=flamingoallservice.org;je=0;sr=1600x1200x24;dst=1;et=1625410875752;tzo=-120;ogl=
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 15:01:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
greenoaks.gif
flamingoallservice.org/detroitchicago/ 		0
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDctMDQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:235e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDctMDQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:23 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SFyDNAI2vTELm6u6nojhMjFAha1sfsGDeRqaTJdngf4Mor8WvM2BhLAob%2BWcvvarvLk9AynxKrt4wDlJDEFfpNnspTaMO1OGJ5xJMtkf%2BewOVt7p88aAgp5OQEdCboeGSkq5pmo2V0kunTUuysnlPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
66993a83fab305b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
expires
Sat, 03 Jul 2021 15:01:22 UTC
greenoaks.gif
flamingoallservice.org/detroitchicago/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxODUifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjI2NCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjExIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjEzMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjMwNiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMzA2In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiOS41In1dfV0=
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:235e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxODUifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjI2NCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjExIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjEzMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjMwNiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMzA2In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk4Y2I4MzBiLTQyODUtNDkyZi03ZTRjLTJiMGU1MGE5ZmQ5MyIsImRvbWFpbl9pZCI6IjI2OTEyNSIsInRfZXBvY2giOjE2MjU0MTA4NzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiOS41In1dfV0=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:23 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LiL8JaMnr64VHjdSrweo4I8h%2B3%2Bap5GAVxVIIkih6B%2BgR4v7q5NnWNvm%2BArvL6r99%2F5RUQgOiq2rnx3wSOube7Z%2FbT7fpeH3fETad35nmiyqOfPIoVPgDVJna6kHkhEU%2B9NjiEJPAUyitsN1cA74hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
66993a83fab705b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
expires
Sat, 03 Jul 2021 15:01:23 UTC
greenoaks.gif
flamingoallservice.org/detroitchicago/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://flamingoallservice.org/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfV0=
Requested by
Host: flamingoallservice.org
URL: https://flamingoallservice.org/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-311-212-115-417-347-1&cmbcb=19&sj=x04x00x06x07x10x09x0ax0dx0fx11x12x15x17x47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:235e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5OGNiODMwYi00Mjg1LTQ5MmYtN2U0Yy0yYjBlNTBhOWZkOTMiLCJkb21haW5faWQiOiIyNjkxMjUiLCJ0X2Vwb2NoIjoxNjI1NDEwODc1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOThjYjgzMGItNDI4NS00OTJmLTdlNGMtMmIwZTUwYTlmZDkzIiwiZG9tYWluX2lkIjoiMjY5MTI1IiwidF9lcG9jaCI6MTYyNTQxMDg3NSwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfV0=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
flamingoallservice.org
referer
https://flamingoallservice.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://flamingoallservice.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 15:01:23 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dP1BPP7hJYLtBrBPl7Pf3Hfyfp3Qt%2FWvJVVNJQSkwnzb5TK9B38yY8w44lqLwoGhdLQKKQFjp%2FFcEr%2FiImkzGM%2F7mumu%2FGECiB8TB8Et%2FaP%2FcPOaiBm23P9wEYRSD516fuvy%2BtM27OBFYcgWSDrkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
66993a83fab905b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
expires
Sat, 03 Jul 2021 15:01:22 UTC

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __ez string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| _ez_TOS_TrackEvent function| ezocfol number| netStartTime function| hashCode function| ezogetrqbykey function| ezorqs function| ezorqe function| _fEzDt object| _ezImgFmt object| vitalsFired object| metricNameMap function| ezlogVital object| _qevents object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| ES6Promise function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| __ez__ael undefined| __ez__ael__proto function| loadCSS object| ezLazySizesConfig object| ezLazySizes object| webVitals number| indexKey function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| pubcidCookie object| perf_vals boolean| __ez__w_load

10 Cookies

Domain/Path Name / Value
flamingoallservice.org/ Name: ezux_lpl_269125
Value: 1625410875770|98cb830b-4285-492f-7e4c-2b0e50a9fd93|false
.flamingoallservice.org/ Name: ezopvc_269125
Value: 1
.flamingoallservice.org/ Name: ezovuuidtime_269125
Value: 1625410875
.flamingoallservice.org/ Name: ezCMPCCS
Value: true
.flamingoallservice.org/ Name: lp_269125
Value: https://flamingoallservice.org/
.flamingoallservice.org/ Name: ezovuuid_269125
Value: cb3b2535-3e2e-4f88-588c-048c477a6310
.flamingoallservice.org/ Name: ezoab_269125
Value: mod1
.flamingoallservice.org/ Name: ezoref_269125
Value:
.flamingoallservice.org/ Name: __qca
Value: P0-681831279-1625410875752
.flamingoallservice.org/ Name: ezoadgid_269125
Value: -1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-1.flamingoallservice.org
flamingoallservice.org
flamingoallservice.se
fonts.googleapis.com
fonts.gstatic.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
18.158.98.109
2600:9000:20eb:1200:6:44e3:f8c0:93a1
2606:4700:3032::6815:235e
2606:4700:3036::ac43:d90d
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:802::200a
2a00:1450:4001:831::2003
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0fccfcc28dd4ce29864b45645e7af19487ab6af7bb88a65bdf5f646b1eb36f94
1fffc1284e1ea87c134b0ec6153cffe80e4470542d455baeec0f314bf5cc2f36
36ecb13809cdad7d7731a2d5862cff619666edc7fc5275c038442e2eedb4b5b0
654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486
7be3780b21348d2279d348984afe78848c0bdf5ff5c42deb5c96d20af6c72fbf
96fb14e03d292a9f527990a79c050fe32cf38ffe7e9c91cd23fe29f33e1e33f5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb65f38330269f96a08f0eebbae4fd7a6e8ad959968b51efb448057863a4aa7
f330c61c05dbf52f8105ed3e131c7d8885efbfa8fcf44fd8d8a5293999a59c97
f71c3b820968a87a895394190cfbcc3e0d42c393d18121d3cd98832351559801