Submitted URL: http://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//
Effective URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Submission: On June 12 via api from IL

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 34 HTTP transactions.
The main IP is 69.163.215.170, located in Brea, United States and belongs to DREAMHOST-AS - New Dream Network, LLC, US. The main domain is www.groundswellfilms.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 26th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Downloads New! These files were downloaded by the website

Domain & IP information

IP Address AS Autonomous System
19 45 69.163.215.170 26347 (DREAMHOST-AS)
2 205.196.211.122 26347 (DREAMHOST-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 5
Domain
Subdomains
Transfer
45 groundswellfilms.org
289 KB
3 youtube.com
0 B
2 google-analytics.com
17 KB
2 navajoboy.com
6 KB
0 sitemeter.com Failed
s32.sitemeter.com Failed
0 B
34 5
Domain Requested by
36 groundswellfilms.org 19 redirects www.groundswellfilms.org
9 www.groundswellfilms.org www.groundswellfilms.org
3 www.youtube.com www.groundswellfilms.org
2 ssl.google-analytics.com www.groundswellfilms.org
2 navajoboy.com www.groundswellfilms.org
0 s32.sitemeter.com Failed www.groundswellfilms.org
34 6
Subject / Issuer Validity Valid
groundswellfilms.org
Let's Encrypt Authority X3
2019-04-26 -
2019-07-25
3 months

1970-01-01 -
1970-01-01
a few seconds
*.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months
*.google-analytics.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS
Redirect Chain
  • http://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//
  • https://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//
  • https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
24 KB
5 KB
Document
General
Full URL
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
b72b378c619391637fdcc41c3e4415d5ac02b23bc6d73b84125ad454f9693c5c

Request headers

:method
GET
:authority
www.groundswellfilms.org
:scheme
https
:path
/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
server
openresty
date
Wed, 12 Jun 2019 15:44:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.groundswellfilms.org/wp-json/>; rel="https://api.w.org/"
content-encoding
br

Redirect headers

status
301
server
openresty
date
Wed, 12 Jun 2019 15:44:20 GMT
content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-redirect-by
WordPress
location
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
x-varnish
MISS
age
Wed, 12 Jun 2019 15:44:19 GMT
style.css
/wp-content/themes/Groundswell%20Theme
3 KB
1 KB
Stylesheet
General
Full URL
https://www.groundswellfilms.org/wp-content/themes/Groundswell%20Theme/style.css
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
1ebae63fdd4d47bda349c8d42bede49306dda5a2c4768f91a6f99aeaf2b7b3e5

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:20 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"da6-582aec5a5c524"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:20 GMT
style.min.css?ver=5.1.1
/wp-includes/css/dist/block-library
25 KB
4 KB
Stylesheet
General
Full URL
https://www.groundswellfilms.org/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:20 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"629a-57ea707ad7640"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:20 GMT
woocommerce-layout.css?ver=3.5.5
/wp-content/plugins/woocommerce/assets/css
16 KB
2 KB
Stylesheet
General
Full URL
https://www.groundswellfilms.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.5.5
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:20 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"409e-571dca88b5280"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:20 GMT
woocommerce.css?ver=3.5.5
/wp-content/plugins/woocommerce/assets/css
61 KB
8 KB
Stylesheet
General
Full URL
https://www.groundswellfilms.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.5.5
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
9575dd0a8289678d89fee43f35b59fa4a6dde8dbf5329441468cb0f680e9d51e

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:20 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"f3b8-578ee4f53e100"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:20 GMT
jquery.js?ver=1.12.4
/wp-includes/js/jquery
95 KB
32 KB
Script
General
Full URL
https://www.groundswellfilms.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"17b9f-56cdcacc8d0c0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:21 GMT
Verified jquery-migrate.min.js?ver=1.4.1
/wp-includes/js/jquery
10 KB
4 KB
Script
General
Full URL
https://www.groundswellfilms.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Verified resource
jquery-migrate/1.4.1/jquery-migrate.min.js at cdnjs.com, project jquery-migrate

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"2748-5333ff613c400"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:21 GMT
donate-uniform.jpg
navajoboy.com/wp-content/themes/navajo%20boy%20theme/images
4 KB
4 KB
Image
General
Full URL
http://navajoboy.com/wp-content/themes/navajo%20boy%20theme/images/donate-uniform.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
HTTP/1.1
Security
, ,
Server
205.196.211.122 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
ps443476.dreamhost.com
Software
Apache /
Resource Hash
54f678d90502e4722f3bb0e9ae33122df87132be487a9bc4058c0ec2bc7a1983

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:44:21 GMT
Last-Modified
Wed, 22 Jul 2015 17:57:18 GMT
Server
Apache
ETag
"10cb-51b7a8079a745"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
4299
groundswell-logo.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/groundswell-logo.jpg
  • https://groundswellfilms.org/media/groundswell-logo.jpg
13 KB
13 KB
Image
General
Full URL
https://groundswellfilms.org/media/groundswell-logo.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
b89f5c79f78d043a45e4881e93263f8af24082f610b02309951a29dcee8f2b50

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"347f-58311789e778a"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
13439
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/groundswell-logo.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
212
howdoufeelthumb.jpg
groundswellfilms.org/images
Redirect Chain
  • http://groundswellfilms.org/images/howdoufeelthumb.jpg
  • https://groundswellfilms.org/images/howdoufeelthumb.jpg
14 KB
14 KB
Image
General
Full URL
https://groundswellfilms.org/images/howdoufeelthumb.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
af6a8bad4fbb6db4b82ca07b33d490328e3894e5e3579be0fea22d1591487a08

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"360d-5831188f21a21"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
13837
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/images/howdoufeelthumb.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
217
food-patriots-sidebar.gif
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/food-patriots-sidebar.gif
  • https://groundswellfilms.org/media/food-patriots-sidebar.gif
28 KB
28 KB
Image
General
Full URL
https://groundswellfilms.org/media/food-patriots-sidebar.gif
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
bbdbf00d141fd7ef57c50384501e4171ea968c246ec48343febe853d42f74847

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"7069-5831176088a0f"
content-type
image/gif
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
28777
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/food-patriots-sidebar.gif
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
220
the-greens.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/the-greens.jpg
  • https://groundswellfilms.org/media/the-greens.jpg
14 KB
14 KB
Image
General
Full URL
https://groundswellfilms.org/media/the-greens.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
9c846bcc8894ded7f671d8cb320a9c650792fa640e9f4f3592cabc20736551aa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"36f1-58311fc0a2701"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
14065
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/the-greens.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
213
return-of-navajo-boy-stub-small.gif
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
  • https://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
31 KB
31 KB
Image
General
Full URL
https://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
b98652a300db78395cb4e5dab04556fdf4cecad79fabc2d7483f60ba94c67dd8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"7a22-58311f97fe1ed"
content-type
image/gif
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
31266
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
227
depue-cleanup-project-sidebar.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
  • https://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
14 KB
14 KB
Image
General
Full URL
https://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
d77ef448e51bed01b457b912a8727dbde2e0e4540775ad01901ac320b68853a5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"38e1-58311708e40ef"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
14561
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
226
navajo-water.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/navajo-water.jpg
  • https://groundswellfilms.org/media/navajo-water.jpg
11 KB
11 KB
Image
General
Full URL
https://groundswellfilms.org/media/navajo-water.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
8059a1ebaf62a2719d4a322344fadf2e1ddf75bc34ffda87b6aa678a77d4b992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"2b2e-58311856d09c7"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
11054
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/navajo-water.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
215
robben-island-singers-stub-small.gif
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/robben-island-singers-stub-small.gif
  • https://groundswellfilms.org/media/robben-island-singers-stub-small.gif
19 KB
20 KB
Image
General
Full URL
https://groundswellfilms.org/media/robben-island-singers-stub-small.gif
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
318e3d3caf9dcbaec6fddddc62a1071a911c6bb1dffb43babdf2443f87294b3b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"4db1-58311fa7127ad"
content-type
image/gif
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
19889
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/robben-island-singers-stub-small.gif
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
228
libraries-change-lives.gif
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/libraries-change-lives.gif
  • https://groundswellfilms.org/media/libraries-change-lives.gif
28 KB
28 KB
Image
General
Full URL
https://groundswellfilms.org/media/libraries-change-lives.gif
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
d9ef4db5997dcd58b4ce3e8523525a811bb75b11b8b0cb54af152448fefb5c88

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"6e55-58311802b35d1"
content-type
image/gif
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
28245
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/libraries-change-lives.gif
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
221
low-rider.gif
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/low-rider.gif
  • https://groundswellfilms.org/media/low-rider.gif
27 KB
27 KB
Image
General
Full URL
https://groundswellfilms.org/media/low-rider.gif
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
87ea9625a3c9599b4ab2495cf30ff8d22056ce8305b5b19d43046f970718c653

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"6a29-5831182219775"
content-type
image/gif
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
27177
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/low-rider.gif
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
212
newspaper.jpg
navajoboy.com/media/images
2 KB
2 KB
Image
General
Full URL
http://navajoboy.com/media/images/newspaper.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
HTTP/1.1
Security
, ,
Server
205.196.211.122 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
ps443476.dreamhost.com
Software
Apache /
Resource Hash
6537843c950cdb7b0b3dc432d33a6b16859e4ceab7c7e63c8e62a39e9c7d77f0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:44:23 GMT
Last-Modified
Wed, 22 Jul 2015 17:33:32 GMT
Server
Apache
ETag
"681-51b7a2b70894e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
1665
facebook.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/facebook.jpg
  • https://groundswellfilms.org/media/facebook.jpg
3 KB
3 KB
Image
General
Full URL
https://groundswellfilms.org/media/facebook.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
d5c0ad7b49f4516665f27a3f498b95d7d626ee26d08198d96c3a073ebf6286c0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"c1a-58311747a8738"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
3098
expires
Fri, 12 Jul 2019 15:44:21 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:21 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/facebook.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
212
youtube.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/youtube.jpg
  • https://groundswellfilms.org/media/youtube.jpg
4 KB
4 KB
Image
General
Full URL
https://groundswellfilms.org/media/youtube.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
103133b4ec027fad8523163bc7251bd1bced8afb144d0ab08385e91e998f2988

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"ea0-583121de8462f"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
3744
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/youtube.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
211
Adblocked twitter.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/twitter.jpg
  • https://groundswellfilms.org/media/twitter.jpg
4 KB
4 KB
Image
General
Full URL
https://groundswellfilms.org/media/twitter.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
12a0e10331c6cbadc26315ec9273c45062915e53f65485e5206e5fed4e41119c
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"10b7-583121668f57a"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
4279
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/twitter.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
211
Adblocked rss.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/rss.jpg
  • https://groundswellfilms.org/media/rss.jpg
2 KB
2 KB
Image
General
Full URL
https://groundswellfilms.org/media/rss.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
a20c47bdaed81533a227065549d8db61a3e3d1051a8da298d5f69590c5fc4d9f
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"865-58311fab237f5"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
2149
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:22 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/rss.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
207
wp-emoji-release.min.js?ver=5.1.1
/wp-includes/js
12 KB
4 KB
Script
General
Full URL
https://www.groundswellfilms.org/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"2f02-57fb1a0f67a80"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:21 GMT
woocommerce-smallscreen.css?ver=3.5.5
/wp-content/plugins/woocommerce/assets/css
7 KB
1 KB
Stylesheet
General
Full URL
https://www.groundswellfilms.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.5.5
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
content-encoding
br
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
W/"1a66-571dca88b5280"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-varnish
HIT
expires
Fri, 12 Jul 2019 15:44:21 GMT
V7smSleJ8kI?rel=0
www.youtube.com/embed
0
0
Document
General
Full URL
https://www.youtube.com/embed/V7smSleJ8kI?rel=0
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/V7smSleJ8kI?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/

Response headers

status
200
x-content-type-options
nosniff
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 EST
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2019 15:44:21 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=qXC3BWvZlLE; path=/; domain=.youtube.com; expires=Mon, 09-Dec-2019 15:44:21 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 16:14:21 GMT YSC=gUHFJnrjigQ; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=qXC3BWvZlLE; path=/; domain=.youtube.com; expires=Mon, 09-Dec-2019 15:44:21 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Tue, 11-Feb-2020 03:37:21 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
navbar-bg.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/navbar-bg.jpg
  • https://groundswellfilms.org/media/navbar-bg.jpg
311 B
508 B
Image
General
Full URL
https://groundswellfilms.org/media/navbar-bg.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
fdbf2c4a78a3aebd61fd4ef4ee57bea0b2a43a0345929711d156b5601b6a7c58

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"137-583118603eadc"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
311
expires
Fri, 12 Jul 2019 15:44:21 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:21 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/navbar-bg.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
213
bottom-bg.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/bottom-bg.jpg
  • https://groundswellfilms.org/media/bottom-bg.jpg
1 KB
2 KB
Image
General
Full URL
https://groundswellfilms.org/media/bottom-bg.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
93f3e9f02131ba613698470732db311e8b88f3a6041a85636c8b1dbf10e182c2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:21 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"582-583116b98a8a0"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
1410
expires
Fri, 12 Jul 2019 15:44:21 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:21 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/bottom-bg.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
213
social-networking2.jpg
groundswellfilms.org/media
Redirect Chain
  • http://groundswellfilms.org/media/social-networking2.jpg
  • https://groundswellfilms.org/media/social-networking2.jpg
5 KB
6 KB
Image
General
Full URL
https://groundswellfilms.org/media/social-networking2.jpg
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.215.170 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
dp-e139949298.dreamhostps.com
Software
openresty /
Resource Hash
4999f64d29a954ae780af2619a4b4c083dc68d97c6566f13bc827058f2decbda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:44:22 GMT
server
openresty
age
Wed, 12 Jun 2019 14:46:16 GMT
etag
"15b1-58311fb85a510"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-varnish
HIT
accept-ranges
bytes
content-length
5553
expires
Fri, 12 Jul 2019 15:44:22 GMT

Redirect headers

Date
Wed, 12 Jun 2019 15:44:21 GMT
Content-Encoding
gzip
Server
openresty
Age
Wed, 12 Jun 2019 14:46:16 GMT
X-Varnish
HIT
Location
https://groundswellfilms.org/media/social-networking2.jpg
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
219
counter.js?site=s32groundswell
s32.sitemeter.com/js
0
0

8Jk31_7C6h4?fs=1&hl=en_US&rel=0
www.youtube.com/v
0
0
Document
General
Full URL
https://www.youtube.com/v/8Jk31_7C6h4?fs=1&hl=en_US&rel=0
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/8Jk31_7C6h4?fs=1&hl=en_US&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/

Response headers

status
200
content-length
106729
x-content-type-options
nosniff
content-encoding
br
strict-transport-security
max-age=31536000
content-type
application/x-shockwave-flash
cache-control
no-store
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Wed, 12 Jun 2019 15:44:21 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=daCMcHtRz-o; path=/; domain=.youtube.com; expires=Mon, 09-Dec-2019 15:44:21 GMT; httponly VISITOR_INFO1_LIVE=daCMcHtRz-o; path=/; domain=.youtube.com; expires=Mon, 09-Dec-2019 15:44:21 GMT; httponly YSC=jGlqNUrM7l4; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Tue, 11-Feb-2020 03:37:21 GMT GPS=1; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 16:14:21 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
WZbn4nPPMkk?fs=1&hl=en_US&rel=0
www.youtube.com/v
0
0
Document
General
Full URL
https://www.youtube.com/v/WZbn4nPPMkk?fs=1&hl=en_US&rel=0
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/WZbn4nPPMkk?fs=1&hl=en_US&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
accept-encoding
gzip, deflate, br
cookie
GPS=1; PREF=f1=50000000; VISITOR_INFO1_LIVE=daCMcHtRz-o; YSC=jGlqNUrM7l4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/

Response headers

status
200
content-type
application/x-shockwave-flash
content-encoding
br
cache-control
no-store
expires
Tue, 27 Apr 1971 19:44:06 EST
content-length
15975
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2019 15:44:22 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
ga.js
ssl.google-analytics.com
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
1657
date
Wed, 12 Jun 2019 15:16:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 12 Jun 2019 17:16:44 GMT
Adblocked __utm.gif?utmwv=5.7.2&utms=1&utmn=1972399190&utmhn=www.groundswellfilms.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Groundswell%20Educational%20Fi...
ssl.google-analytics.com/r
35 B
199 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1972399190&utmhn=www.groundswellfilms.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Groundswell%20Educational%20Films%20%C2%BB%20Page%20not%20found&utmhid=1877041551&utmr=-&utmp=%2FDE%2FIRWIOMG1185760%2FRechnungskorrektur%2FDETAILS%2F&utmht=1560354261597&utmac=UA-260795-3&utmcc=__utma%3D152940015.1941926937.1560354261.1560354261.1560354261.1%3B%2B__utmz%3D152940015.1560354261.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=824791370&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.groundswellfilms.org
URL: https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:44:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//
  • https://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//
  • https://www.groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/
Request 8
  • http://groundswellfilms.org/media/groundswell-logo.jpg
  • https://groundswellfilms.org/media/groundswell-logo.jpg
Request 9
  • http://groundswellfilms.org/images/howdoufeelthumb.jpg
  • https://groundswellfilms.org/images/howdoufeelthumb.jpg
Request 10
  • http://groundswellfilms.org/media/food-patriots-sidebar.gif
  • https://groundswellfilms.org/media/food-patriots-sidebar.gif
Request 11
  • http://groundswellfilms.org/media/the-greens.jpg
  • https://groundswellfilms.org/media/the-greens.jpg
Request 12
  • http://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
  • https://groundswellfilms.org/media/return-of-navajo-boy-stub-small.gif
Request 13
  • http://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
  • https://groundswellfilms.org/media/depue-cleanup-project-sidebar.jpg
Request 14
  • http://groundswellfilms.org/media/navajo-water.jpg
  • https://groundswellfilms.org/media/navajo-water.jpg
Request 15
  • http://groundswellfilms.org/media/robben-island-singers-stub-small.gif
  • https://groundswellfilms.org/media/robben-island-singers-stub-small.gif
Request 16
  • http://groundswellfilms.org/media/libraries-change-lives.gif
  • https://groundswellfilms.org/media/libraries-change-lives.gif
Request 17
  • http://groundswellfilms.org/media/low-rider.gif
  • https://groundswellfilms.org/media/low-rider.gif
Request 19
  • http://groundswellfilms.org/media/facebook.jpg
  • https://groundswellfilms.org/media/facebook.jpg
Request 20
  • http://groundswellfilms.org/media/youtube.jpg
  • https://groundswellfilms.org/media/youtube.jpg
Request 21
  • http://groundswellfilms.org/media/twitter.jpg
  • https://groundswellfilms.org/media/twitter.jpg
Request 22
  • http://groundswellfilms.org/media/rss.jpg
  • https://groundswellfilms.org/media/rss.jpg
Request 26
  • http://groundswellfilms.org/media/navbar-bg.jpg
  • https://groundswellfilms.org/media/navbar-bg.jpg
Request 27
  • http://groundswellfilms.org/media/bottom-bg.jpg
  • https://groundswellfilms.org/media/bottom-bg.jpg
Request 28
  • http://groundswellfilms.org/media/social-networking2.jpg
  • https://groundswellfilms.org/media/social-networking2.jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s32.sitemeter.com
URL
http://s32.sitemeter.com/js/counter.js?site=s32groundswell

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| twemoji object| wp

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.groundswellfilms.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1, Line 2, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

groundswellfilms.org
navajoboy.com
s32.sitemeter.com
ssl.google-analytics.com
www.groundswellfilms.org
www.youtube.com

s32.sitemeter.com

205.196.211.122
2a00:1450:4001:806::2008
2a00:1450:4001:81e::200e
69.163.215.170

103133b4ec027fad8523163bc7251bd1bced8afb144d0ab08385e91e998f2988
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a0e10331c6cbadc26315ec9273c45062915e53f65485e5206e5fed4e41119c
1ebae63fdd4d47bda349c8d42bede49306dda5a2c4768f91a6f99aeaf2b7b3e5
318e3d3caf9dcbaec6fddddc62a1071a911c6bb1dffb43babdf2443f87294b3b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4999f64d29a954ae780af2619a4b4c083dc68d97c6566f13bc827058f2decbda
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
54f678d90502e4722f3bb0e9ae33122df87132be487a9bc4058c0ec2bc7a1983
6537843c950cdb7b0b3dc432d33a6b16859e4ceab7c7e63c8e62a39e9c7d77f0
8059a1ebaf62a2719d4a322344fadf2e1ddf75bc34ffda87b6aa678a77d4b992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ea9625a3c9599b4ab2495cf30ff8d22056ce8305b5b19d43046f970718c653
93f3e9f02131ba613698470732db311e8b88f3a6041a85636c8b1dbf10e182c2
9575dd0a8289678d89fee43f35b59fa4a6dde8dbf5329441468cb0f680e9d51e
9c846bcc8894ded7f671d8cb320a9c650792fa640e9f4f3592cabc20736551aa
a20c47bdaed81533a227065549d8db61a3e3d1051a8da298d5f69590c5fc4d9f
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
af6a8bad4fbb6db4b82ca07b33d490328e3894e5e3579be0fea22d1591487a08
b72b378c619391637fdcc41c3e4415d5ac02b23bc6d73b84125ad454f9693c5c
b89f5c79f78d043a45e4881e93263f8af24082f610b02309951a29dcee8f2b50
b98652a300db78395cb4e5dab04556fdf4cecad79fabc2d7483f60ba94c67dd8
bbdbf00d141fd7ef57c50384501e4171ea968c246ec48343febe853d42f74847
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
d5c0ad7b49f4516665f27a3f498b95d7d626ee26d08198d96c3a073ebf6286c0
d77ef448e51bed01b457b912a8727dbde2e0e4540775ad01901ac320b68853a5
d9ef4db5997dcd58b4ce3e8523525a811bb75b11b8b0cb54af152448fefb5c88
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fdbf2c4a78a3aebd61fd4ef4ee57bea0b2a43a0345929711d156b5601b6a7c58