urlscan.io logo urlscan.io
SecurityTrails logo

www.oodaloop.com Open in urlscan Pro
141.193.213.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Submission: On May 01 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 49 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.oodaloop.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2023. Valid for: a year.
This is the only time www.oodaloop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 141.193.213.11 209242 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
11 2600:9000:23c... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:2800:220... 15133 (EDGECAST)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.204.242.176 14618 (AMAZON-AES)
1 104.244.42.8 13414 (TWITTER)
1 52.20.78.240 14618 (AMAZON-AES)
49 15
10    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.oodaloop.com
3    2607:f8b0:4006:817::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
11    2600:9000:23cb:8e00:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.mailmunch.co
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700::6810:467d (United States)

ASN13335 (CLOUDFLARENET, US)
js.memberful.com
9    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2607:f8b0:4006:820::200a (New York, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.204.242.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-242-176.compute-1.amazonaws.com
forms.mailmunch.co
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com
analytics.mailmunch.co
Apex Domain
Subdomains		 Transfer
13 mailmunch.co
a.mailmunch.co — Cisco Umbrella Rank: 24558
forms.mailmunch.co — Cisco Umbrella Rank: 26953
analytics.mailmunch.co — Cisco Umbrella Rank: 63274
175 KB
10 oodaloop.com
www.oodaloop.com
280 KB
9 gstatic.com
fonts.gstatic.com
203 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1180
57 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
ajax.googleapis.com — Cisco Umbrella Rank: 607
36 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1159
syndication.twitter.com — Cisco Umbrella Rank: 1451
132 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1543
134 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
89 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3510
pixel.wp.com — Cisco Umbrella Rank: 2908
3 KB
1 memberful.com
js.memberful.com — Cisco Umbrella Rank: 155236
23 KB
49 10
Domain Requested by
11 a.mailmunch.co www.oodaloop.com
a.mailmunch.co
ajax.googleapis.com
10 www.oodaloop.com www.oodaloop.com
9 fonts.gstatic.com fonts.googleapis.com
4 unpkg.com 2 redirects www.oodaloop.com
unpkg.com
3 use.fontawesome.com www.oodaloop.com
use.fontawesome.com
3 fonts.googleapis.com www.oodaloop.com
a.mailmunch.co
2 platform.twitter.com www.oodaloop.com
platform.twitter.com
2 connect.facebook.net www.oodaloop.com
connect.facebook.net
1 analytics.mailmunch.co
1 syndication.twitter.com platform.twitter.com
1 forms.mailmunch.co a.mailmunch.co
1 ajax.googleapis.com a.mailmunch.co
1 pixel.wp.com www.oodaloop.com
1 js.memberful.com www.oodaloop.com
1 stats.wp.com www.oodaloop.com
49 15
Subject Issuer Validity Valid
www.oodaloop.com
Cloudflare Inc ECC CA-3		 2023-02-27 -
2024-02-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.mailmunch.co
Amazon RSA 2048 M01		 2023-03-01 -
2024-01-24		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
memberful.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
forms.mailmunch.co
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
analytics.mailmunch.co
R3		 2023-03-20 -
2023-06-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Frame ID: B3D0E2901D80EBA0C6162DB713B17933
Requests: 40 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.oodaloop.com
Frame ID: C84120A11BB59182645A206DE5276DE6
Requests: 2 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/elegant/embedded/index.css
Frame ID: 4EB2C3FD63316F8EC26D9F41726741D5
Requests: 7 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/expressions/popover/index.css
Frame ID: 4B11A0A5741CE168829AA1D896DBAD8C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OODA Loop - Russian Espionage Campaign: SolarWinds

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

1143 kB
Transfer

2620 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css?ver=1.5.1 HTTP 302
  • https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css
Request Chain 18
  • https://unpkg.com/ionicons@4.1.2/dist/fonts/ionicons.woff2?v=4.1.1 HTTP 302
  • https://unpkg.com/ionicons@4.1.2/dist/fonts/ionicons.woff2

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/ 		103 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
524c9943668d2a23c21b00ea019804b8eeae5d8c9644bd042a6d3865868758f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=15552000, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c03f1ebaede1865-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:35:32 GMT
last-modified
Fri, 18 Dec 2020 09:14:33 GMT
link
<https://www.oodaloop.com/wp-json/>; rel="https://api.w.org/" <https://www.oodaloop.com/wp-json/wp/v2/posts/223812>; rel="alternate"; type="application/json" <https://wp.me/p2lrck-WdS>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGfPjMubA8S7yj0z6CwN9FuczQKJgDwfGt7xBQSytjTAn7Vp3pBhh58rsFB6SlImXr4wpd47phOWyKugrAzy0yGGJU8wVctGKwxt4yY%2BcgtloxC34PsB%2Ft2hDE0%2BEwhXgno%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
YES:15552000.000
x-orig-cache-control
max-age=15552000, must-revalidate
x-powered-by
WP Engine
autoptimize_152fe0c9287afb21778b98e8367a6f0d.css
www.oodaloop.com/wp-content/cache/autoptimize/css/ 		385 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-content/cache/autoptimize/css/autoptimize_152fe0c9287afb21778b98e8367a6f0d.css
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3adf95a1192f1547f79f1e8b69cc7ee4294cfad3bdb1d34d93749c5729f3c516

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Mar 2023 14:57:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
17747
etag
W/"6408a266-605a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnYxlH%2FqLbK2SW%2BBdE1cmo1JduNogQTYJcohcwcB3b0TVh3k9JSO%2ByBUebqhDPtGp2s6VlH3JMoVJyzcbgvU9vUKwL0dO3ujQPDi70x4qwOAiTHBIQ9j7vWna5%2FIiaKl67Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1ee59201865-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
autoptimize_065892e82b11b7e2276dab07a3bdf8a3.css
www.oodaloop.com/wp-content/cache/autoptimize/css/ 		286 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-content/cache/autoptimize/css/autoptimize_065892e82b11b7e2276dab07a3bdf8a3.css
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a39b44a00923023cbe6afbd0a592e1ba9a54788a6159957cea8ecc0d0f41a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 23:51:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1630503
etag
W/"6435f26e-11e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw7UKXVBfwoPggX3N9%2BzhdN3M4RQN5qbeLPegStN3DWss4GoVw7XhqtQc7LwCYeausfdWJUDUXlqOPs2iHFu%2Fvs76eBJVOpFZNbrQEbm285dABz4dPRf98WpANGFmnfYE4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1ee591d1865-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dashicons.min.css
www.oodaloop.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-includes/css/dashicons.min.css?ver=e8680807a959fb3b772a7e520fb7b3dd
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3579242
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60YOOIfG2KrjENOa24%2BjBp6o0WYs1rHK5NxU73hX07AfD%2BBw8lEHEEoMsNdy7B3i6uFTWh9gBUl0lSicpM9JxIJThWgypAiTznQQLdmW44ohIGC1ycguvxEYAtU1ZsF6oa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1ee591f1865-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alegreya+Sans%3A400%2C400i%2C700%7CLora%3A400%2C700&display=swap&ver=1.5.1
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11d6e342757ef593a7f2d619cd5e0e40d809c0ef6cf1023a894cfb0cfdb3958a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:31:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 May 2023 00:35:32 GMT
ionicons.min.css
unpkg.com/ionicons@4.1.2/dist/css/
Redirect Chain
  • https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css?ver=1.5.1
  • https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css
45 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48603ddd070422856ca75db4ad323ea234a4a50b03a5a6614a4427f1834f6e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16909031
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJ2SJYK05YNW5R9EM5JYN590
server
cloudflare
etag
W/"b5ff-RGwHkRi/UwJOTtMwcy9S4BEE5d4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1eeab544bb9-YUL

Redirect headers

date
Mon, 01 May 2023 00:35:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GZAAQF70ZAZD0E24H1X6NZ98-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1095
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/ionicons@4.1.2/dist/css/ionicons.min.css
cf-ray
7c03f1ee7b154bb9-YUL
all.css
use.fontawesome.com/releases/v6.2.1/css/ 		100 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.2.1/css/all.css
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Request headers

Referer
https://www.oodaloop.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HS8R7W14P6Y4J0FS
age
29168
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
E36aSsyRSeiIWz4v3XPQ+kG9+zDVHZBMyL0zV2kVMTnIcDO9HHjvwJ2lasyYNvf4T/K4/TDq+aI=
last-modified
Mon, 14 Nov 2022 16:32:10 GMT
server
cloudflare
etag
W/"8bb6644125ddeee7a27732e86f65fa05"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=082yCkI842miOgx9IrMaxylNrG4ULjjiaboWqguQl1xOUEeK6KuXSn%2FgKI0gJMEnVp%2BgfUhaPH2oIG7uwmYCoCx3xoIZtHmTHkQR6UQhbY2xdqsF9My3frKkq6t5UOgtS%2FM3HkC%2F65qFKJ%2By4UjikNYK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7c03f1ee9dee0f77-EWR
v4-shims.css
use.fontawesome.com/releases/v6.2.1/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.2.1/css/v4-shims.css
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ac69ac1c26248a32f4c811f6da10c47bd32f65885774088e8de666f4e912f

Request headers

Referer
https://www.oodaloop.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HS8Q0DZ7YT53YJ24
age
29168
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kddNYt7VnIf2Ufywr5YotSp4hjJRaF7I5ZaFjggjk1SDQF5yyvL4qgtpgPQHz+fFDVg0dTcGfdA=
last-modified
Mon, 14 Nov 2022 16:32:10 GMT
server
cloudflare
etag
W/"1568e812cde85e014a6a0faf629ff2f9"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paJbxNdHEj%2BMni3n0Z5mQ085Mvwn5BVeMteD6w39EtspPkZ68FnvuOMyCMdMgHbElvTn4IDzLXZ92EeUjOcHmLKUN%2FqZIvNz1cHZC1DAgchaXOOUU%2Fu2nEolyFle5SNOyexSQae6mNUQtYWUjJMDGmU5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7c03f1ee9df00f77-EWR
jquery.min.js
www.oodaloop.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
733796
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIMMSEizYQMduXvq%2F9%2BfY%2BdrSeveiWGHxvidRyH59z%2BqUv%2F5sI5UKEZ1ebzS1g7TTnajh0xmgn8gK8OZGiDjtxJhsFR9gvwZ6F9t%2Be1xowuxNud9wrr%2BUQKeVWwwVRHcmrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1ee59211865-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
site.js
a.mailmunch.co/app/v1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/site.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:27:29 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
94084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8416
last-modified
Thu, 27 Apr 2023 11:42:42 GMT
server
AmazonS3
etag
"1840656a7c95d7d9b979116cd371c4d5"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
CIOFuJKtAbDjPWg8bnLi9B0BbC0U1JUpyhXPfvNh6pMw6ono1dbdHw==
lazysizes.min.js
www.oodaloop.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.6
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 11:05:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1753210
etag
W/"64256d15-2655"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIhXD9qQl3jq0iLVeXB01yQrdop0f2SJCQar4QZF%2BBG3r5iMgaNxRu%2BpyAwr90or%2BbUJF0I%2FSfZgc6RFWbuiGUJxdfd9g30nhogvfTqNhFd7KqLdQ7drThmkFbKYUSsfCLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1eee94f0f8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e-202318.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202318.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT yyz
date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
server
nginx
etag
W/"61beb56a-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Tue, 23 Apr 2024 14:12:53 GMT
autoptimize_2c406a726650bc32a5bbfb40f1e635cf.js
www.oodaloop.com/wp-content/cache/autoptimize/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-content/cache/autoptimize/js/autoptimize_2c406a726650bc32a5bbfb40f1e635cf.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb6eec785b67848d993d68dfee9c2b6c46b51ba2bc22decd858305e9fc66ab8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 23:51:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1630503
etag
W/"6435f26e-b261"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq7Yjdt5g7OXtOsgvV2Q9%2BBHEs1CPjGBeOo%2FqcqDZ02FJJSbfnPHZ%2BzIMwrXb084YloELzZaeGIPX%2FAmPXoxRyIJ9xjw5w6UDjXG7Ee9IhYi2ephuy0ktUYFYIK38pbu4bA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1eef9610f8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
www.oodaloop.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oodaloop.com/wp-includes/js/wp-emoji-release.min.js?ver=e8680807a959fb3b772a7e520fb7b3dd
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2035836
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BwPBk2H2UIq2FyyUSl%2FppLJGArZZQsDARocf0ax%2F3ZTXceJ6f63oI8JTXCBWC8z4z9Zab%2BtBEhSKNpP3%2BWfGBSGBmkkqUyi%2FQEWt97HNON1lZy6RrcmklQErp0TMHj7P6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c03f1eef9630f8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.js
js.memberful.com/ 		43 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.memberful.com/embed.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:467d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b18bdb4b201a5c66810d53a51a909a023ee675eadf7fac28720105c50c23e12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=15552000
last-modified
Wed, 26 Apr 2023 13:04:50 GMT
server
cloudflare
cf-cache-status
DYNAMIC
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
7c03f1ef2e2f714a-YUL
content-length
22831
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d2d86f777e0d337003688892e001abea8d2491bc41e19b6567680d26a442f57

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cae4ee013f217f9c449fe04eb87cb87fd2790a80a8021afdf97575eb65479b2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
SolarWinds-OODA-Loop.jpg
www.oodaloop.com/wp-content/uploads/2020/12/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oodaloop.com/wp-content/uploads/2020/12/SolarWinds-OODA-Loop.jpg
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e156861e9fd7e3ca596e83122f3a3c7d3c53b38822a78d220173dc71cc6d0b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 13:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632b0bfb-10d57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpvLXgB52471aTzx8KIcrZ%2Fa8IBO29pVVL6cV%2BugeBn9hxzhtEQpjyOfAw32hTykJx2LWgX7HrT7%2BsoW%2FRvF7fV2TO1rpKD4FCP42ygkmgAkLVhW4eIY3lGRk%2FYUBVlrMls%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7c03f1ef09810f8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68951
ionicons.woff2
unpkg.com/ionicons@4.1.2/dist/fonts/
Redirect Chain
  • https://unpkg.com/ionicons@4.1.2/dist/fonts/ionicons.woff2?v=4.1.1
  • https://unpkg.com/ionicons@4.1.2/dist/fonts/ionicons.woff2
49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.1.2/dist/fonts/ionicons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bd8b6080ab6c3f23202c8206287cadbd8d4f243e3c63899f5a2aca52b36730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://unpkg.com/ionicons@4.1.2/dist/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
655454
content-length
50448
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01F3Z44PF0W6P3ZC608EF31YSK
server
cloudflare
etag
"c510-Xf8sU1U56TF4rHzU+s8UyF3XV9I"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7c03f1ef7d6a4bd7-YUL

Redirect headers

date
Mon, 01 May 2023 00:35:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GZAAXE0KBMH2SS6SV4YJKZGM-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
900
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/ionicons@4.1.2/dist/fonts/ionicons.woff2
cf-ray
7c03f1ef3d064bd7-YUL
5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
fonts.gstatic.com/s/alegreyasans/v24/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya+Sans%3A400%2C400i%2C700%7CLora%3A400%2C700&display=swap&ver=1.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
358b77e66f715be7f5676feec15e05ec8292a165f99ea95b345cf87adc075ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:10:48 GMT
x-content-type-options
nosniff
age
163484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21820
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 17:51:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 03:10:48 GMT
5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2iw.woff2
fonts.gstatic.com/s/alegreyasans/v24/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya+Sans%3A400%2C400i%2C700%7CLora%3A400%2C700&display=swap&ver=1.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839b1145547ce6dcba32c1aeb4f578ed46847751fe8f5c7d2e427be44b9e03c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 05:16:00 GMT
x-content-type-options
nosniff
age
155972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 17:51:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 05:16:00 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v6.2.1/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.2.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166

Request headers

Referer
https://use.fontawesome.com/releases/v6.2.1/css/all.css
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
936T8PTJRA0MK9M6
age
581612
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107656
x-amz-id-2
diitMnBHo0s7S+y6+sjIzLavzKcZnXOG0GVrJpGX8YOABLM7jbltSmYu7l078nPuAHUMGkYVMTE=
last-modified
Mon, 14 Nov 2022 16:32:33 GMT
server
cloudflare
etag
"e2f5b365c7d3d4497da73148ddfae997"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECKMwF5FhAEo2BdbrmLvLtZzq%2BYYet0XpuRrFIzBcQI8jqhOlK%2BYZaqfXmOZRs3x9ZKWBSeJR%2F1xa%2BC43%2FnBe4CP7UNXAbj9eVs1aJFgFA%2FCMuED8R66a6f6YF7oQG22u3V3QZ6X3KvO0xnuQqeS9m9O"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7c03f1ef1e9c0f77-EWR
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya+Sans%3A400%2C400i%2C700%7CLora%3A400%2C700&display=swap&ver=1.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:22:27 GMT
x-content-type-options
nosniff
age
144785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35888
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:22:27 GMT
5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2
fonts.gstatic.com/s/alegreyasans/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya+Sans%3A400%2C400i%2C700%7CLora%3A400%2C700&display=swap&ver=1.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47ef21c70a3d03dc1bb7a44a728e7aa0e7c767c2d44a69c7baa52366effd113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 05:41:19 GMT
x-content-type-options
nosniff
age
154453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22404
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 05:41:19 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Referer
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/octet-stream
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=34662112&post=223812&tz=-4&srv=www.oodaloop.com&j=1%3A11.9.1&host=www.oodaloop.com&ref=&fcp=0&rand=0.2799820140581053
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:35:32 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/wp-content/cache/autoptimize/js/autoptimize_2c406a726650bc32a5bbfb40f1e635cf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a798a58706bc5e62d02ea453a13f01818997ff0a22c0d91e386c44464ceb03f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 May 2023 00:35:32 GMT
content-md5
aMXcFBMiMOT6f8dzkZwlfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
I+bSFOKMQQf4CePkIzSBAXv3+Wnz+8aEOz4+z5qmqQIXqOq/ygU0rag/B1Zq14lVi8VwiDGmSPC8b80cgMW7dQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
x-fb-content-md5
d91f19972a56c03e9bce46c6884eb949
cross-origin-opener-policy
same-origin-allow-popups
etag
"0aa3de3a9d842eb84843469a1f4fe127"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 01 May 2023 00:53:28 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/wp-content/cache/autoptimize/js/autoptimize_2c406a726650bc32a5bbfb40f1e635cf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D10) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:35:32 GMT
Content-Encoding
gzip
Age
494
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (nyb/1D10)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
cropped-ooda-loop-logo-2015-3.png
www.oodaloop.com/wp-content/uploads/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oodaloop.com/wp-content/uploads/2022/10/cropped-ooda-loop-logo-2015-3.png
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c828a6328d08ad192f383f0b5416e7877ee0e29126a77f59361efc4d0bcd159

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:35:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1753210
cf-polished
origFmt=png, origSize=11582
content-disposition
inline; filename="cropped-ooda-loop-logo-2015-3.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5524
cf-bgj
imgq:100,h2pri
last-modified
Tue, 25 Oct 2022 17:47:54 GMT
server
cloudflare
etag
"6358214a-2d3e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWAplRAp%2Fi80ksCgOHEuW8OiXtyLlkZOMjNIY6tRDHrvtHd8nBaIDUQL5AN4R3PzvLLypzJ%2FNY0vPlzIZn%2BM0h%2BlB3hR%2FWAFkSaAcNhDgVHxP4lXd2ubVp3W25ms8JXgfks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7c03f1efaa1e0f8f-EWR
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 15:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 15:27:45 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=02976a6cb54d2d03ae6d3e5d851bccd2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f377a51dda1c96112f74ebacfacf4185ee008f419f2438cbfb13e00a3c59bac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oodaloop.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 May 2023 00:35:32 GMT
content-md5
nzmheA/HTzRborfHStlRRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88641
x-fb-rlafr
0
x-fb-debug
ywuWI4vyxmIwNkKGjdZdwprOfNAbROQBrzCnHEFE+xp6Z8eHqpf3TaB/6tTulrx+svmfMGKpYpx1U8IhrjT2xA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
1bd183577fff1311b91d73645034cf8e
cross-origin-opener-policy
same-origin-allow-popups
etag
"6778ecbf7d2de1574da0b6b16ec999e5"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 29 Apr 2024 23:03:45 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame C841 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.oodaloop.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0F) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.oodaloop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
183794
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:35:32 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D0F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
styles.css
a.mailmunch.co/app/v1/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/styles.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:27:30 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
94083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 27 Apr 2023 11:42:49 GMT
server
AmazonS3
etag
"9e6292e1cf5d5ba0e4d6c92afef0fee2"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
WgfgZL7zP-zKTV-LI0tjvmlWM5SFuQQA1p-ZnLdfPc79bj8oy-sOfA==
713512
forms.mailmunch.co/sites/ 		130 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.mailmunch.co/sites/713512
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.204.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-242-176.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
d2e4404a30db7622f733c846bf0cf670a4cbb8e408ff941bbe40a81aae4978b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:35:32 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Etag
W/"82-PnvxHx8BcYJLpvbhB2F9O1PfLf0"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length
130
X-Mm-T
settings
syndication.twitter.com/ Frame C841 		800 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=4728f4a72d601c78b2dc7f77d939416a7f189ce3
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.oodaloop.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
5b152c384ea8c3be37e1991fb98124e98e741249d1ae916fee12c197a7ded34b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
6
date
Mon, 01 May 2023 00:35:31 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 01 May 2023 00:35:32 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
09adb316bc244107
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
b13eb265e3527ce15a4ed61416c1464a8c3b016457deca49c623c3700955db8f
content-length
322
settings-1682881211.json
a.mailmunch.co/forms-cache/713512/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/713512/settings-1682881211.json
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efe7b29c886f5fa9209429c4be0a39fc700b61ae76df270a88bb94c1c840306d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:39:54 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
17739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 30 Apr 2023 19:00:20 GMT
server
AmazonS3
etag
W/"ac35ef84a9a25737dac16da5b48406cf"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
yKlVYBsorc104WDMUH9xPR-s8oxDrCH5AqY65nfu6FLW5u27b4JMuQ==
embedded.js
a.mailmunch.co/app/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/embedded.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:27:50 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
94063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1097
last-modified
Thu, 27 Apr 2023 11:42:42 GMT
server
AmazonS3
etag
"52d7b5f0960ac27fb5257262e4929f4f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
T-G02k4VEcqWaHeuqobr5piQ_xoULBILtAa4TyTnI-DtMw4_kcjBEg==
popover.js
a.mailmunch.co/app/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/popover.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:27:50 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
94063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 27 Apr 2023 11:42:43 GMT
server
AmazonS3
etag
"91ff281640eab9fe5bef16fad5751e36"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
E3plWJsWlHhl4fzN5GmTfOGHUovqa1INwkxg-jGn2IlnnCAP6Iulog==
index-1679380057.html
a.mailmunch.co/forms-cache/713512/845272/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/713512/845272/index-1679380057.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
599851d504076df31bc9c910287655e325e035ef9a6081a612f889bf9fe4e329

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 07:01:35 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
3519238
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 21 Mar 2023 06:27:44 GMT
server
AmazonS3
etag
W/"052beced0f2c5471f1285d01f5c77eed"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
50qeTxztAOH5-E18XeLW5OU3-Tti3M8Vk7ErVO8glIyih1Xx6NhtJQ==
index-1679380057.html
a.mailmunch.co/forms-cache/713512/847257/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/713512/847257/index-1679380057.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e476e40fbff7eef8d7e080548bd4311844a27df1e2c6563ae3cde43b75b1d3cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 07:01:35 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
3519238
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 21 Mar 2023 06:27:44 GMT
server
AmazonS3
etag
W/"42efffa1b1b8c3079f42dc8956c701a9"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
y91TXyQQZhwqjp-jGIknjbySrzQQCo2GvDYLHw_3T-oqkurt0SrQfg==
index.css
a.mailmunch.co/v2/themes/mailmunch/elegant/embedded/ Frame 4EB2 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/elegant/embedded/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daf3f6544ba0385994bb12a35aade06160c027b4aa0bf669cd73badd880e577d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:53:20 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
92533
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:08:04 GMT
server
AmazonS3
etag
W/"0ceed91aba3636924d46192f82251a87"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
fMeOIG-sCunaM02mRFfIRbi9qz5GbiDyyGQJRLO58d1-zVwyxDTdkg==
logo.png
a.mailmunch.co/v2/themes/elegant/popover/images/ Frame 4EB2 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mailmunch.co/v2/themes/elegant/popover/images/logo.png
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25b38c8929e481d76ca12f557274f0720c5ffa3d723ca7369a3eb17f2c0a27e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:25:05 GMT
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
90628
x-cache
Hit from cloudfront
content-length
20889
last-modified
Tue, 16 May 2017 17:57:09 GMT
server
AmazonS3
etag
"925a256d2543498c22a58d502989bdd4"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
06kO4cHFcd8e8S-tbFoQPtte1jwk8rVumX42dfr5wBEbCoi8NfEARA==
index.css
a.mailmunch.co/v2/themes/mailmunch/expressions/popover/ Frame 4B11 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/expressions/popover/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86b1fbee69e8dd74e41ecca14a73e529082f9a8a79d5cfb44ffc434b728cae0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 12:42:12 GMT
content-encoding
gzip
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
42801
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:11:36 GMT
server
AmazonS3
etag
W/"4a3cd82ff542ebab8c044fb7e17cf149"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
6AZTCcEnZArgND0r3ZvkkyFI98dAkIj0B9a3e8eV2j0qUFZpOFQANw==
css
fonts.googleapis.com/ Frame 4EB2 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/elegant/embedded/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d948fad83c92c0450b3dd66bfc162e8cd1e1b5eb999425f0f86c6e0b139a215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:09:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 May 2023 00:35:32 GMT
css
fonts.googleapis.com/ Frame 4B11 		6 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700|Open+Sans
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/expressions/popover/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08ede5aba49a2ebcc9b85ab89645d37ebe32ec07ddf37f68b3e03a49dc57918e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:35:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 May 2023 00:35:32 GMT
truncated
/ Frame 4EB2 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c494f604dbae7596e5ef1d2e02d0e949306996eb35a5be5f42ffd7e9fe2c74d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4EB2 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:30:48 GMT
x-content-type-options
nosniff
age
151484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:30:48 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4EB2 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:06:15 GMT
x-content-type-options
nosniff
age
127757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 13:06:15 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4EB2 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:55:55 GMT
x-content-type-options
nosniff
age
113977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 16:55:55 GMT
truncated
/ Frame 4B11 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc14bd28f43f549eda3f6d6aebffd558265d6ac82a42024322bbe567c3034908

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
OODA-Facebook-PDB.jpg
a.mailmunch.co/attachments/assets/000/229/696/large/ Frame 4B11 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mailmunch.co/attachments/assets/000/229/696/large/OODA-Facebook-PDB.jpg?1575390434
Requested by
Host: www.oodaloop.com
URL: https://www.oodaloop.com/archive/2020/12/18/russian-espionage-campaign-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8e00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6655088452ef85873b726502df4b37108a3cdfab3371ff8de76064070ed4526f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:49:35 GMT
via
1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
26477158
x-cache
Hit from cloudfront
content-length
44810
last-modified
Tue, 03 Dec 2019 16:27:16 GMT
server
AmazonS3
etag
"ac52c4baa0ba89cc326aa206c8411fe6"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
accept-ranges
bytes
x-amz-cf-id
ipRz9-nedkAma1UHnZiHT5lkN6NtYmax2VaSJE_7KrSpJyTwqM7Cxw==
expires
Thu, 03 Dec 2020 16:27:14 GMT
7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v32/ Frame 4B11 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mavenpro/v32/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700|Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:43:44 GMT
x-content-type-options
nosniff
age
139908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18144
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 09:43:44 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 4B11 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700|Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oodaloop.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:56:05 GMT
x-content-type-options
nosniff
age
164367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 02:56:05 GMT
/
analytics.mailmunch.co/event/ 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=713512&widget_id=845272&event_name=views&cache=1682901333245&referrer=https%3A%2F%2Fwww.oodaloop.com%2Farchive%2F2020%2F12%2F18%2Frussian-espionage-campaign-solarwinds%2F&visitor_id=9165834f-8f6c-48e3-9b2d-e757f4196b57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.oodaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:35:33 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| mashsb object| mashnet object| _mmunch function| genesisBlocksShare object| lazySizesConfig object| click_object object| jpfbembed object| genesis_responsive_menu object| _stq function| st_go function| linktracker_init object| wpcom object| lazySizes undefined| strict function| ga_skiplinks function| fbAsyncInit function| _classCallCheck function| mailmunchGetMethodChain function| mailmunchGetOrCreateMethodChain function| MailMunchBaseForm function| _createClass object| _mailmunchInstances function| MailmunchMethodChain function| MailmunchUrlChangeTracker object| MailMunchDeviceDetect object| MailMunchAjax object| MailMunchHelpers object| mailmunch object| MailMunchWidgets object| twemoji object| wp function| nonPmrpcWorker function| nonPmrpcSharedWorker object| pmrpc object| Memberful object| FB object| __twttrll object| twttr object| __twttr function| _mJquery object| jQuery111303496387892751558 object| __buffer function| MailMunchEmbedded function| MailMunchPopover

1 Cookies

Domain/Path Name / Value
.memberful.com/ Name: __cf_bm
Value: jjAiOl.T8v4480JYVOX611ykmkftHuoY76nIwcLF62w-1682901332-0-ATVvCLz7e2xRxP9wi6/goroJsQlUrhT0cmYa1TNm7L7bxl+nJAvFn86cw/dIxo+WDMCGwqSYTxEYWJVeS5e+LiY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mailmunch.co
ajax.googleapis.com
analytics.mailmunch.co
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
js.memberful.com
pixel.wp.com
platform.twitter.com
stats.wp.com
syndication.twitter.com
unpkg.com
use.fontawesome.com
www.oodaloop.com
104.244.42.8
141.193.213.11
192.0.76.3
2600:9000:23cb:8e00:4:c961:9640:93a1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700::6810:467d
2606:4700::6810:7aaf
2606:4700:e2::ac40:850f
2607:f8b0:4006:80d::2003
2607:f8b0:4006:817::200a
2607:f8b0:4006:820::200a
2a03:2880:f012:10c:face:b00c:0:3
52.20.78.240
52.204.242.176
081ac69ac1c26248a32f4c811f6da10c47bd32f65885774088e8de666f4e912f
08ede5aba49a2ebcc9b85ab89645d37ebe32ec07ddf37f68b3e03a49dc57918e
0d2d86f777e0d337003688892e001abea8d2491bc41e19b6567680d26a442f57
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11d6e342757ef593a7f2d619cd5e0e40d809c0ef6cf1023a894cfb0cfdb3958a
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64
25b38c8929e481d76ca12f557274f0720c5ffa3d723ca7369a3eb17f2c0a27e1
2c828a6328d08ad192f383f0b5416e7877ee0e29126a77f59361efc4d0bcd159
2d948fad83c92c0450b3dd66bfc162e8cd1e1b5eb999425f0f86c6e0b139a215
358b77e66f715be7f5676feec15e05ec8292a165f99ea95b345cf87adc075ede
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3adf95a1192f1547f79f1e8b69cc7ee4294cfad3bdb1d34d93749c5729f3c516
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706
48603ddd070422856ca75db4ad323ea234a4a50b03a5a6614a4427f1834f6e4d
524c9943668d2a23c21b00ea019804b8eeae5d8c9644bd042a6d3865868758f2
599851d504076df31bc9c910287655e325e035ef9a6081a612f889bf9fe4e329
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b152c384ea8c3be37e1991fb98124e98e741249d1ae916fee12c197a7ded34b
5e156861e9fd7e3ca596e83122f3a3c7d3c53b38822a78d220173dc71cc6d0b7
6655088452ef85873b726502df4b37108a3cdfab3371ff8de76064070ed4526f
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
839b1145547ce6dcba32c1aeb4f578ed46847751fe8f5c7d2e427be44b9e03c2
86b1fbee69e8dd74e41ecca14a73e529082f9a8a79d5cfb44ffc434b728cae0b
8b18bdb4b201a5c66810d53a51a909a023ee675eadf7fac28720105c50c23e12
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bd8b6080ab6c3f23202c8206287cadbd8d4f243e3c63899f5a2aca52b36730
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a798a58706bc5e62d02ea453a13f01818997ff0a22c0d91e386c44464ceb03f0
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
aeb6eec785b67848d993d68dfee9c2b6c46b51ba2bc22decd858305e9fc66ab8
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b4a39b44a00923023cbe6afbd0a592e1ba9a54788a6159957cea8ecc0d0f41a4
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c494f604dbae7596e5ef1d2e02d0e949306996eb35a5be5f42ffd7e9fe2c74d6
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166
cae4ee013f217f9c449fe04eb87cb87fd2790a80a8021afdf97575eb65479b2f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d2e4404a30db7622f733c846bf0cf670a4cbb8e408ff941bbe40a81aae4978b7
daf3f6544ba0385994bb12a35aade06160c027b4aa0bf669cd73badd880e577d
dc14bd28f43f549eda3f6d6aebffd558265d6ac82a42024322bbe567c3034908
e476e40fbff7eef8d7e080548bd4311844a27df1e2c6563ae3cde43b75b1d3cf
e47ef21c70a3d03dc1bb7a44a728e7aa0e7c767c2d44a69c7baa52366effd113
efe7b29c886f5fa9209429c4be0a39fc700b61ae76df270a88bb94c1c840306d
f377a51dda1c96112f74ebacfacf4185ee008f419f2438cbfb13e00a3c59bac7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1