carrstanyergitau.com Open in urlscan Pro
197.248.5.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carrstanyergitau.com/
Submission Tags: @phishunt_io
Submission: On November 06 via api (November 6th 2020, 6:24:11 am UTC) from ES

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 197.248.5.15, located in Kenya and belongs to Safaricom, KE. The main domain is carrstanyergitau.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 5th 2020. Valid for: 3 months.

This is the only time carrstanyergitau.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
19	197.248.5.15 197.248.5.15		37061 (Safaricom) (Safaricom)
1	2a00:1450:400... 2a00:1450:4001:81f::200a		15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2003		15169 (GOOGLE) (GOOGLE)
25	4

19 197.248.5.15 (Kenya)

ASN37061 (Safaricom, KE)
PTR: host15.safaricombusiness.co.ke

carrstanyergitau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	carrstanyergitau.com carrstanyergitau.com	985 KB
4	gstatic.com fonts.gstatic.com	49 KB
1	googleapis.com fonts.googleapis.com maps.googleapis.com Failed	950 B
25	3

	Domain	Requested by
19	carrstanyergitau.com	carrstanyergitau.com
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	carrstanyergitau.com
0	maps.googleapis.com Failed	carrstanyergitau.com
25	4

This site contains links to these domains. Also see Links.

Domain
bicagency.co.ke

Subject Issuer	Validity	Valid
carrstanyergitau.com cPanel, Inc. Certification Authority	`2020-11-05` - `2021-02-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://carrstanyergitau.com/
Frame ID: C46B18194D58AE4E55CD37EFFBC0451C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

25
Requests

84 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1035 kB
Transfer

1038 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://bicagency.co.ke/
Title: BIC Agency

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
carrstanyergitau.com/ 18 KB
19 KB 1750ms
809ms Document
text/html 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 5503f978c1dc0ef9a93fd3adb90a47ac4967332f293c28dd63a2d7772ecc3a62

Request headers

Host: carrstanyergitau.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:47 GMT
Server: Apache
Link: <https://carrstanyergitau.com/wp-json/>; rel="https://api.w.org/", <https://carrstanyergitau.com/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 9 KB
950 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1

Requested by

Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3d7e13e1db0e51b794badddf659cb94c26c5aec14043b96c9ebea6348bccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 06:23:52 GMT
server: ESF
date: Fri, 06 Nov 2020 06:23:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 06:23:52 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
carrstanyergitau.com/wp-includes/js/ 12 KB
12 KB 733ms
192ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-includes/js/wp-emoji-release.min.js?ver=4.8.1
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: bcb42c4f5eb5b4c7ee08632af417513c6f6002fdf7d4b8d2dea6376f0cadd563

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Sun, 06 Aug 2017 20:26:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11845

GET
H/1.1 200
OK font-awesome.min.css
carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/ 28 KB
29 KB 210ms
206ms Stylesheet
text/css 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/font-awesome.min.css?ver=4.4.0
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29062

GET
H/1.1 200
OK bootstrap.min.css
carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/ 103 KB
103 KB 420ms
204ms Stylesheet
text/css 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/bootstrap.min.css?ver=3.3.1
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 379b3dfc8560c7ad869708f76fdfa8ba1ff8acaaa1bf859cdf5f61e8f8a834e3

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:36 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 105029

GET
H/1.1 200
OK style.css
carrstanyergitau.com/wp-content/themes/llorix-one-lite/ 125 KB
125 KB 526ms
204ms Stylesheet
text/css 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/style.css?ver=1.0.0
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 07bd8af7850f46fc2a2b3f0336c26d144c2467179b74a8b9c6b4963ca7e19ec7

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:40 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 128181

GET
H/1.1 200
OK jquery.js Show response
carrstanyergitau.com/wp-includes/js/jquery/ 95 KB
95 KB 578ms
200ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Mon, 06 Mar 2017 18:01:27 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97184

GET
H/1.1 200
OK jquery-migrate.min.js Show response
carrstanyergitau.com/wp-includes/js/jquery/ 10 KB
10 KB 576ms
197ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:48 GMT
Last-Modified: Mon, 06 Mar 2017 18:01:27 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10056

GET
H/1.1 200
OK CSG-Logo-for-web.png
carrstanyergitau.com/wp-content/uploads/2017/01/ 12 KB
12 KB 396ms
382ms Image
image/png 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://carrstanyergitau.com/wp-content/uploads/2017/01/CSG-Logo-for-web.png
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 18ed3188e6e5a6c6209b820f3a976683a75cdc8d954987e2a4334fbea10e733d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:28:49 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11915

GET
H/1.1 200
OK accounting-starting-salary-senior-accountant-salary-beginner-accountant-accounting-jobs.jpg
carrstanyergitau.com/wp-content/uploads/2016/10/ 192 KB
192 KB 401ms
386ms Image
image/jpeg 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://carrstanyergitau.com/wp-content/uploads/2016/10/accounting-starting-salary-senior-accountant-salary-beginner-accountant-accounting-jobs.jpg
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 347c2989db0165ee839cf0ad59e494492ff727fc5e43b9e58b80f4b02972f257

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:07 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 196744

GET
H/1.1 200
OK bootstrap.min.js Show response
carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/vendor/ 36 KB
36 KB 193ms
193ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/vendor/bootstrap.min.js?ver=3.3.7
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:40 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 37045

GET
H/1.1 200
OK custom.all.js Show response
carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/ 20 KB
21 KB 190ms
189ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/custom.all.js?ver=2.0.2
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 3402fea07d9f48fbe227569fb68dc2a415985235e8ea173326e340ea1904aeef

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:40 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20753

GET
H/1.1 200
OK custom.home.js Show response
carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/ 4 KB
4 KB 196ms
194ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/custom.home.js?ver=1.0.0
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 4e239016c2b1378d88e0754903b421439394a025799a95adf4b060a19e1deee1

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:40 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4320

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/ 751 B
1005 B 191ms
189ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/js/skip-link-focus-fix.js?ver=1.0.0
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:40 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 751

GET
H/1.1 200
OK comment-reply.min.js Show response
carrstanyergitau.com/wp-includes/js/ 1 KB
1 KB 192ms
190ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-includes/js/comment-reply.min.js?ver=4.8.1
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Mon, 06 Mar 2017 18:01:27 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1078

GET
H/1.1 200
OK wp-embed.min.js Show response
carrstanyergitau.com/wp-includes/js/ 1 KB
2 KB 197ms
195ms Script
application/javascript 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-includes/js/wp-embed.min.js?ver=4.8.1
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Mon, 06 Mar 2017 18:01:27 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1398

GET js
maps.googleapis.com/maps/api/ 0
0

GET
H/1.1 200
OK cropped-CSG-Cover2.png
carrstanyergitau.com/wp-content/uploads/2016/10/ 164 KB
164 KB 294ms
199ms Image
image/png 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carrstanyergitau.com/wp-content/uploads/2016/10/cropped-CSG-Cover2.png
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 31e7203934b70e135fd0ef3b2c80389599d46900f31f079f926557cb30b2c003

Request headers

Referer: https://carrstanyergitau.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:03 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 167669

GET
H/1.1 200
OK loader-red.gif
carrstanyergitau.com/wp-content/themes/llorix-one-lite/images/ 8 KB
8 KB 295ms
190ms Image
image/gif 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/images/loader-red.gif
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/style.css?ver=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 6f78e2ffad7fb69d9617a709c78cb2ed5fbc5593076c309b2924266cbf0c4187

Request headers

Referer: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:36 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7761

GET
H/1.1 200
OK bg02-1024x576-1.jpg
carrstanyergitau.com/wp-content/uploads/2016/10/ 80 KB
81 KB 390ms
377ms Image
image/jpeg 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://carrstanyergitau.com/wp-content/uploads/2016/10/bg02-1024x576-1.jpg
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/
Protocol: HTTP/1.1
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: daf8866052bf7796568497d9272abeac723ac75be5326aa05f61f06853845819

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:28:59 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82385

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carrstanyergitau.com
Referer: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 595108
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:25 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
carrstanyergitau.com/wp-content/themes/llorix-one-lite/fonts/ 70 KB
70 KB 337ms
194ms Font
font/woff2 197.248.5.15
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: carrstanyergitau.com
URL: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/font-awesome.min.css?ver=4.4.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.248.5.15 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: host15.safaricombusiness.co.ke
Software: Apache /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://carrstanyergitau.com
Referer: https://carrstanyergitau.com/wp-content/themes/llorix-one-lite/css/font-awesome.min.css?ver=4.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 06:23:49 GMT
Last-Modified: Sun, 06 Aug 2017 20:29:36 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 71896

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
fonts.gstatic.com/s/cabin/v17/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v17/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carrstanyergitau.com
Referer: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 13:09:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 2020 22:46:58 GMT
server: sffe
age: 321289
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22704
x-xss-protection: 0
expires: Tue, 02 Nov 2021 13:09:04 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carrstanyergitau.com
Referer: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 595108
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:25 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carrstanyergitau.com
Referer: https://fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=4.8.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:10:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 29611
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:10:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?key=AIzaSyDIjgQ83IKfLFAH8oiY12YwJcQR7zNml-I&libraries=places&ver=4.8.1

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| jQuery112401066823549610636 object| screenReaderText function| callback_menu_align function| fixFooterBottom function| mainNav function| scrolled undefined| timer object| $body object| $nav object| veryTopHeaderHeight number| adminBarHeight boolean| isAdminBar number| limit number| window_width_old object| isMobile function| fixed_responsive_bg_body undefined| slideWidth number| slideCount number| slideHeight number| sliderUlHeight number| marginTop function| llorix_one_latest_news function| llorix_one_moveTop function| llorix_one_moveBottom object| addComment

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://carrstanyergitau.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carrstanyergitau.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.googleapis.com
197.248.5.15
2a00:1450:4001:817::2003
2a00:1450:4001:81f::200a
07bd8af7850f46fc2a2b3f0336c26d144c2467179b74a8b9c6b4963ca7e19ec7
18ed3188e6e5a6c6209b820f3a976683a75cdc8d954987e2a4334fbea10e733d
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
31e7203934b70e135fd0ef3b2c80389599d46900f31f079f926557cb30b2c003
3402fea07d9f48fbe227569fb68dc2a415985235e8ea173326e340ea1904aeef
347c2989db0165ee839cf0ad59e494492ff727fc5e43b9e58b80f4b02972f257
379b3dfc8560c7ad869708f76fdfa8ba1ff8acaaa1bf859cdf5f61e8f8a834e3
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e239016c2b1378d88e0754903b421439394a025799a95adf4b060a19e1deee1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5503f978c1dc0ef9a93fd3adb90a47ac4967332f293c28dd63a2d7772ecc3a62
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6f78e2ffad7fb69d9617a709c78cb2ed5fbc5593076c309b2924266cbf0c4187
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bcb42c4f5eb5b4c7ee08632af417513c6f6002fdf7d4b8d2dea6376f0cadd563
daf8866052bf7796568497d9272abeac723ac75be5326aa05f61f06853845819
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
ec3d7e13e1db0e51b794badddf659cb94c26c5aec14043b96c9ebea6348bccd7
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e