bluearth-ca.lifeworks.com Open in urlscan Pro
3.248.68.102  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request view-email-browser Show response bluearth-ca.lifeworks.com/	2 KB 2 KB	281ms 69ms	Document text/html	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software / Resource Hash 171271bb4364e6266b2d414a52bc1dbed530a58ad18d328947906bf40a2342e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host bluearth-ca.lifeworks.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control no-cache, no-store, must-revalidate, private Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 15 Oct 2020 13:07:47 GMT Expires 0 Last-Modified Wed, 14 Oct 2020 10:34:10 GMT LW-AWS-Instance-Id-Fragment 12cb Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubdomains Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block Content-Length 1109 Connection keep-alive
GET H2	200	css fonts.googleapis.com/	8 KB 871 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:400,700italic,700,400italic Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fcdf3a90ca2e51ee94cd2aa450387d67f6c1ad5a6cd6e993dbeeb0eff11ed243 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Oct 2020 13:07:47 GMT server ESF date Thu, 15 Oct 2020 13:07:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Oct 2020 13:07:47 GMT
GET H/1.1	200 OK	gtag-0.0.5.js Show response bluearth-ca.lifeworks.com/app/vendor/	290 B 752 B	199ms 67ms	Script text/javascript	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/app/vendor/gtag-0.0.5.js Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash b0dc382ed9cee3d148122b6ff94d35916a377d0614a8989256bb1076a3a1d6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Vary Accept-Encoding Content-Length 204 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/javascript Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment a835 Expires 0
GET H/1.1	200 OK	2028487c16.0.css bluearth-ca.lifeworks.com/assets/css/	503 KB 74 KB	94ms 92ms	Stylesheet text/css	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash b2004a5cc6addb54d99eb55ceb22ea51f59894a4662dd370963e2184f6ed81f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff transfer-encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/css Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment a835 Expires 0
GET H/1.1	200 OK	d81c4793c4.css bluearth-ca.lifeworks.com/assets/css/	208 KB 33 KB	233ms 107ms	Stylesheet text/css	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/assets/css/d81c4793c4.css Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 2e755b7fba2b64bc33c6855faaa2bc02f365e857f2e7a71685a4466123407e69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Vary Accept-Encoding Content-Length 33314 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/css Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	9c47e8d437.js Show response bluearth-ca.lifeworks.com/app/	4 MB 983 KB	343ms 210ms	Script text/javascript	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/app/9c47e8d437.js Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash b9bb105ccce08b3440fa58557bb7cfa7b8f62ce6721c25fbaa634ffdcd063f9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff transfer-encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:56 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/javascript Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	9db53ff71a.js Show response bluearth-ca.lifeworks.com/app/	831 KB 139 KB	247ms 105ms	Script text/javascript	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 0f76fddd0d66a332fe109a38aeb06479adae0754e9707ba8d310a861d7cace13 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff transfer-encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:56 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/javascript Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment a835 Expires 0
OPTIONS H2	200	en_CA-pre-auth.json localisation-assets.lifeworks.com/hermes/	0 0	210ms 90ms	Other	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-pre-auth.json Protocol H2 Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bluearth-ca.lifeworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers status 200 content-length 0 date Thu, 15 Oct 2020 13:07:40 GMT access-control-allow-origin * access-control-allow-methods GET access-control-allow-headers content-type access-control-expose-headers ETag access-control-max-age 3000 server AmazonS3 vary Origin x-cache Hit from cloudfront via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amz-cf-id t4PkGX-6I4LiX59zjLx7FOQhFS4WZ4oYf6eeOb9cuawGfgAIASpciQ== age 10
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	106 KB 42 KB	50ms 17ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-PN9EDKDJKD Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9c47e8d437.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eca946acb04df08340d9e4fffce38f6952168c181b9230de6686e091fecd1d12 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 13:07:49 GMT content-encoding br vary Accept-Encoding status 200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42653 x-xss-protection 0 server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Oct 2020 13:07:49 GMT
GET H2	200	en_CA-pre-auth.json Show response localisation-assets.lifeworks.com/hermes/	21 KB 22 KB	80ms 80ms	Fetch application/json	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-pre-auth.json Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash faf3bf08d8e805cc8b003a52115ad51bb029aff232db76958f554daa10792aeb Request headers Accept undefined Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 15 Oct 2020 13:07:40 GMT via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) vary Origin age 10 x-cache Hit from cloudfront status 200 content-length 22000 last-modified Wed, 14 Oct 2020 11:11:17 GMT server AmazonS3 etag "b5ee2c912534bee1d68a0066373c60ab" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id null access-control-allow-origin * access-control-expose-headers ETag x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/json x-amz-cf-id iWojF9v9fvHzwqcAOujKFLmyj-maOj_UAGBaQC8aDfTXt4oMnWbk1w==
GET BLOB	200 OK	9f90ae42-cb00-4f97-af3e-d301bf96b7e6 https://bluearth-ca.lifeworks.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bluearth-ca.lifeworks.com/9f90ae42-cb00-4f97-af3e-d301bf96b7e6 Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
POST H2	204	collect www.google-analytics.com/g/	0 81 B	43ms 42ms	Other text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-PN9EDKDJKD&gtm=2oe9u1&_p=1634960171&sr=1600x1200&ul=en-us&cid=574251368.1602767270&_s=1&dl=%2Fview-email-browser&dr=%2Fview-email-browser&dt=%2Fview-email-browser&sid=1602767269&sct=1&seg=0&en=screen_view&_fv=1&_nsi=1&_ss=1&ep.screen_name=%2Fview-email-browser&ep.page_path=%2Fview-email-browser&ep.app_name=Hermes Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PN9EDKDJKD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 15 Oct 2020 13:07:49 GMT server Golfe2 status 204 content-type text/plain access-control-allow-origin https://bluearth-ca.lifeworks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	bluearth-ca wellbeing.apis.lifeworks.com/tenancy-lookup-api/tenant/domain/	0 0	205ms 146ms	Other application/json	2600:9000:206e:2e00:6:1dea:1640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wellbeing.apis.lifeworks.com/tenancy-lookup-api/tenant/domain/bluearth-ca?branding=true&sso=true Protocol H2 Server 2600:9000:206e:2e00:6:1dea:1640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type,lw-language Origin https://bluearth-ca.lifeworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers status 200 content-type application/json content-length 0 server CloudFront date Thu, 15 Oct 2020 13:07:49 GMT access-control-allow-origin * access-control-allow-headers Content-Type,LW-Language,Accept-Language,Client-Date,x-api-key x-amz-apigw-id UdBx7Gs7rPEFp9g= access-control-allow-methods OPTIONS,DELETE,GET cache-control no-cache, no-store, must-revalidate, private x-amzn-requestid 007962b0-dc2c-460b-8099-98606a8bb339 x-cache Miss from cloudfront via 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amz-cf-id HkLqBX8Mkx8y-C9mhKo7LJuauJ2nOVrmgj7gZpERPIDOK2MQP9kDdw==
GET H2	200	bluearth-ca Show response wellbeing.apis.lifeworks.com/tenancy-lookup-api/tenant/domain/	1 KB 2 KB	493ms 490ms	Fetch application/json	2600:9000:206e:2e00:6:1dea:1640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wellbeing.apis.lifeworks.com/tenancy-lookup-api/tenant/domain/bluearth-ca?branding=true&sso=true Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:2e00:6:1dea:1640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash cf0abf49ec0e375f08a28fcd5b32a8b8297181f9da1e12ec1175900e0173c1d8 Request headers Accept application/vnd.wam-api-v1.3+json Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Lw-language en_CA Content-Type application/json Response headers date Thu, 15 Oct 2020 13:07:50 GMT via 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop VIE50-C1 x-amzn-requestid 26b961c8-15e3-4da5-9ceb-bfe580ee00f5 status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, private x-amzn-trace-id Root=1-5f8849a5-501531b4214eafcc7ce4e8d9;Sampled=0 lifeworks-response-timestamp 2020-10-15T13:07:50.379Z x-amz-apigw-id UdBx8HTALPEFlwg= content-length 1297 x-amz-cf-id x4Fh_MWZu_CYVgrQ8eZ4vKNP3UcSTcqIqYIh8LC-DqCF2TvY2W5Zrg==
OPTIONS H2	200	en_CA-pre-auth.json localisation-assets.lifeworks.com/hermes/	0 0	57ms 56ms	Other	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-pre-auth.json Protocol H2 Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bluearth-ca.lifeworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers status 200 content-length 0 date Thu, 15 Oct 2020 13:07:40 GMT access-control-allow-origin * access-control-allow-methods GET access-control-allow-headers content-type access-control-expose-headers ETag access-control-max-age 3000 server AmazonS3 vary Origin x-cache Hit from cloudfront via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amz-cf-id aiOsm8kom2P1vPiHHz2sOa0MxIAdF9CuY8blPsa9VDdZ7YTW8zE8ig== age 11
GET H2	200	en_CA-pre-auth.json Show response localisation-assets.lifeworks.com/hermes/	21 KB 22 KB	62ms 62ms	Fetch application/json	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-pre-auth.json Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash faf3bf08d8e805cc8b003a52115ad51bb029aff232db76958f554daa10792aeb Request headers Accept undefined Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 15 Oct 2020 13:07:40 GMT via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) vary Origin age 11 x-cache Hit from cloudfront status 200 content-length 22000 last-modified Wed, 14 Oct 2020 11:11:17 GMT server AmazonS3 etag "b5ee2c912534bee1d68a0066373c60ab" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id null access-control-allow-origin * access-control-expose-headers ETag x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/json x-amz-cf-id 5XaNuYJ1k2cGAOCUbZjrImqNmNpZSx2P8mNmGlfiIUUmi56apFvxGA==
OPTIONS H2	200	en_CA-auth.json localisation-assets.lifeworks.com/hermes/	0 0	96ms 96ms	Other	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-auth.json Protocol H2 Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://bluearth-ca.lifeworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers status 200 content-length 0 date Thu, 15 Oct 2020 13:07:41 GMT access-control-allow-origin * access-control-allow-methods GET access-control-allow-headers content-type access-control-expose-headers ETag access-control-max-age 3000 server AmazonS3 vary Origin x-cache Hit from cloudfront via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amz-cf-id rX_m0_vekrAZK_DyQ9GHl4rlNX_K--m0Vu7j2gxqvg-nip7efFzOEg== age 10
GET H2	200	en_CA-auth.json Show response localisation-assets.lifeworks.com/hermes/	139 KB 140 KB	82ms 79ms	Fetch application/json	99.86.243.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://localisation-assets.lifeworks.com/hermes/en_CA-auth.json Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.243.123 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-123.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 527c83171fcab3709811c863c582c1bb5ebd35c692d07dc9999e8c69861f0e84 Request headers Accept undefined Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 15 Oct 2020 13:07:41 GMT via 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront) vary Origin age 10 x-cache Hit from cloudfront status 200 content-length 142695 last-modified Wed, 14 Oct 2020 11:11:17 GMT server AmazonS3 etag "097ba13de0e16e7f872cfd137eaa1e19" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id null access-control-allow-origin * access-control-expose-headers ETag x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/json x-amz-cf-id IQwJIcMj_xBGY4znW_oZBD9puYzbCvvImj4u7Ngtzo9L145K8fh_og==
GET H/1.1	200 OK	1ad625fa.play.svg bluearth-ca.lifeworks.com/assets/images/	315 B 814 B	2061ms 71ms	Image image/svg+xml	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bluearth-ca.lifeworks.com/assets/images/1ad625fa.play.svg Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 18179df10a5681e002bdda5e53d0fb98e08822b88d98591157c68e9cdac4ef1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Oct 2020 13:07:52 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/svg+xml Cache-Control no-cache, no-store, must-revalidate, private Strict-Transport-Security max-age=31536000; includeSubdomains Accept-Ranges bytes Content-Length 315 X-XSS-Protection 1; mode=block LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	d8874bbd.close.svg bluearth-ca.lifeworks.com/assets/images/	222 B 721 B	2060ms 70ms	Image image/svg+xml	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bluearth-ca.lifeworks.com/assets/images/d8874bbd.close.svg Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 81b2841cd2e23c02563a506c686f1abd0abb2b0e969dbfb9a6366e16bf18465b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Oct 2020 13:07:52 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Oct 2020 10:34:04 GMT Server Apache X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/svg+xml Cache-Control no-cache, no-store, must-revalidate, private Strict-Transport-Security max-age=31536000; includeSubdomains Accept-Ranges bytes Content-Length 222 X-XSS-Protection 1; mode=block LW-AWS-Instance-Id-Fragment a835 Expires 0
GET H/1.1	200 OK	c65a8c6b.expand.svg bluearth-ca.lifeworks.com/assets/images/	734 B 1 KB	2088ms 70ms	Image image/svg+xml	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bluearth-ca.lifeworks.com/assets/images/c65a8c6b.expand.svg Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 3915478e739aa6cb0ad56c10b8a2b960fac18f93cf82619ee662762bed03f599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/assets/css/2028487c16.0.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Oct 2020 13:07:52 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Oct 2020 10:34:00 GMT Server Apache X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/svg+xml Cache-Control no-cache, no-store, must-revalidate, private Strict-Transport-Security max-age=31536000; includeSubdomains Accept-Ranges bytes Content-Length 734 X-XSS-Protection 1; mode=block LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	3770c98c.Averta-Regular.woff2 bluearth-ca.lifeworks.com/assets/fonts/	67 KB 67 KB	167ms 110ms	Font text/plain	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/assets/fonts/3770c98c.Averta-Regular.woff2 Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/assets/css/d81c4793c4.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 7925ae276135085dc017b75f6b05a3768f313b35266e2ca8c47bab5f03b6a011 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Origin https://bluearth-ca.lifeworks.com Referer https://bluearth-ca.lifeworks.com/assets/css/d81c4793c4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Oct 2020 13:07:50 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type text/plain; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate, private Strict-Transport-Security max-age=31536000; includeSubdomains Accept-Ranges bytes Content-Length 68584 X-XSS-Protection 1; mode=block LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	32d0a844.Averta-Semibold.woff2 bluearth-ca.lifeworks.com/assets/fonts/	63 KB 64 KB	136ms 73ms	Font text/plain	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/assets/fonts/32d0a844.Averta-Semibold.woff2 Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/assets/css/d81c4793c4.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 54422834caa35c3c61af51d38ecd63a8d75bb768325bfa4720028cff0290d055 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Origin https://bluearth-ca.lifeworks.com Referer https://bluearth-ca.lifeworks.com/assets/css/d81c4793c4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Oct 2020 13:07:50 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Oct 2020 10:33:57 GMT Server Apache X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type text/plain; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate, private Strict-Transport-Security max-age=31536000; includeSubdomains Accept-Ranges bytes Content-Length 64544 X-XSS-Protection 1; mode=block LW-AWS-Instance-Id-Fragment 12cb Expires 0
GET H/1.1	200 OK	c43da19fa79fa6c4ef630bd0d452620d images.workangel.com/wa/image/upload/h_100,f_auto,q_auto,fl_lossy/v1/common/static_image/	2 KB 2 KB	330ms 97ms	Image image/webp	52.210.227.202 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.workangel.com/wa/image/upload/h_100,f_auto,q_auto,fl_lossy/v1/common/static_image/c43da19fa79fa6c4ef630bd0d452620d Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.227.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-227-202.eu-west-1.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash 97bfe2fa764037835aad0514f863ebf4230ef74bf38a3be8c402a5ac3287306f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:36:18 GMT X-Content-Type-Options nosniff Content-Disposition inline; filename="c43da19fa79fa6c4ef630bd0d452620d.webp" Server-Timing fastly;dur=1;cpu=0;start=2020-10-15T13:07:51.109Z;desc=hit,rtt;dur=14 Content-Length 1676 Last-Modified Thu, 07 Nov 2019 08:50:14 GMT Server nginx/1.4.6 (Ubuntu) Cache-Control private, no-transform, immutable, max-age=31557600 Etag "0825e3c3054211ddd35da730605c4473" Vary Save-Data Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	419f60a2ec.js Show response bluearth-ca.lifeworks.com/app/	2 KB 2 KB	1898ms 72ms	Script text/javascript	3.248.68.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bluearth-ca.lifeworks.com/app/419f60a2ec.js Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.68.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-68-102.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 51f60901ac9041fead867e86d1593a845a5fc3bc5750a947d8ffa59293c71975 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 13:07:52 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Vary Accept-Encoding Content-Length 1047 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 14 Oct 2020 10:33:56 GMT Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubdomains Content-Type text/javascript Cache-Control no-cache, no-store, must-revalidate, private Accept-Ranges bytes LW-AWS-Instance-Id-Fragment a835 Expires 0
OPTIONS H2	200	view-email services.io.lifeworks.com/message-renderer/	0 0	333ms 197ms	Other application/json	99.86.243.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.io.lifeworks.com/message-renderer/view-email Protocol H2 Server 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-3.vie50.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://bluearth-ca.lifeworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers status 200 content-type application/json content-length 0 date Thu, 15 Oct 2020 13:07:53 GMT x-amzn-requestid 338e598c-9f90-4065-bbb0-630146121f80 access-control-allow-origin * access-control-allow-headers Content-Type,Wam-Token,LW-Language,Accept-Language,Accept,Client-Date x-amz-apigw-id UdBybFmlDoEFpkA= access-control-allow-methods OPTIONS,POST x-amzn-trace-id Root=1-5f8849a9-7c906bb353aba61f5224f569 x-cache Miss from cloudfront via 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amz-cf-id fZ5lu32-gQ2yW1s4aicdfqF3PDHRXgOkbSD9F9sWyOOYXJMq_UvAbw==
POST H2	200	view-email Show response services.io.lifeworks.com/message-renderer/	13 KB 14 KB	801ms 800ms	Fetch application/json	99.86.243.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.io.lifeworks.com/message-renderer/view-email Requested by Host: bluearth-ca.lifeworks.com URL: https://bluearth-ca.lifeworks.com/app/9db53ff71a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-3.vie50.r.cloudfront.net Software / Resource Hash 747a43a7a8d76f7a41c36c638fe10526c427fe03bd8af212b79e02802b46ce89 Request headers Accept undefined Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 15 Oct 2020 13:07:53 GMT via 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 x-amzn-requestid d63aadbf-6025-4228-b77e-dbb6c91854cf status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-5f8849a9-4e3fa17527c0759c3d3ad0f1 x-amz-apigw-id UdBydElEjoEFg0w= content-length 13606 x-amz-cf-id BA960thwLWcGWOAa1q9uTAnxI6ecGVCmH2uxeMsMLo63-3wZ0JselQ==
GET H2	200	lw-by-ms-horizontal-blue.png email-assets.lifeworks.com/	13 KB 13 KB	192ms 63ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/lw-by-ms-horizontal-blue.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 55fefb6a6917a73385dbb29c383d2ee2132e2c56a653a36933afd1a909dd08e5 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:18:29 GMT via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 64166 etag "0e0badb92305e6e445bb2ad47c3fb15a" x-cache Hit from cloudfront x-amz-version-id null status 200 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/png content-length 13323 x-amz-cf-id GuO4Kk_511uLW5NErt8YY3yI6CCsFX491IoxTYZvUh8WZ4TGmROE9Q==
GET H2	200	illu-access-granted.png email-assets.lifeworks.com/	13 KB 14 KB	191ms 63ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/illu-access-granted.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 6dfe111ec666e68b9f6368ccbb49796635c0b50a9dc93615dde7433254f4d8ee Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:18:29 GMT via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 64166 etag "d76254962ce0aebab19e48aed51b2ef1" x-cache Hit from cloudfront x-amz-version-id null status 200 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/png content-length 13714 x-amz-cf-id wx8UozTdSNMra_3NYwjyP_W0SHZPMt0AMS-7sxr1l5c-Y3Y2GQG-IQ==
GET H2	200	step-1.png email-assets.lifeworks.com/	651 B 992 B	213ms 86ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/step-1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 1bbacf954d72cb62e06649c1758144d1fb39f71b3cfc4096d7ddc655b93c19a5 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 1226 etag "2f352eaa83d028a664c72383f18be66e" x-cache Hit from cloudfront content-type image/png status 200 date Thu, 15 Oct 2020 12:47:29 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 651 x-amz-cf-id H-z8ujxdSUWY0v3es2IFslAW3YWjXWmhWDAHcrFREtqTlYJ2uyFi2w==
GET H2	200	en_app_store.png email-assets.lifeworks.com/	4 KB 4 KB	218ms 91ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/en_app_store.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash eb4f4594de26a808e78dc36a4cffd596713a9b56f1d5b50c62ddb4a99b7579bd Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 64166 etag "0c09ceaa38de5c9d77821b1c5ad15f57" x-cache Hit from cloudfront content-type image/png status 200 date Wed, 14 Oct 2020 19:18:29 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 4187 x-amz-cf-id vTkeh7k9DSr04m7rVqjeOPEJkCmWSVkrdwxOCPJz6XRHL_ofS_di-g==
GET H2	200	en_play_store.png email-assets.lifeworks.com/	9 KB 9 KB	212ms 86ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/en_play_store.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 6b9697544d75f5e6dfe538bc1e2a582c18647481051361647806b4788b0b5f1b Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 71012 etag "cf6dad406fdfdcd290fd40de9008ae50" x-cache Hit from cloudfront content-type image/png status 200 date Wed, 14 Oct 2020 17:24:23 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 9210 x-amz-cf-id XA0l7D7NlDwhfkt-j2t32fDma9c51rgifwYe1Srrd3x2gZCaBKaHkA==
GET H2	200	step-2.png email-assets.lifeworks.com/	959 B 1 KB	213ms 87ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/step-2.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash d0f85cdad1d777d85af9e3f3cf96862f8ab2fd0a7dbd49ce79df74384266e238 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 1226 etag "a84f3e66073e413d4aac2efb7a03d004" x-cache Hit from cloudfront content-type image/png status 200 date Thu, 15 Oct 2020 12:47:29 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 959 x-amz-cf-id HdXmJQf937rT3wxHegpqy-uKLQpyclmUQksJ8LEfYEFjPcqe2Z3KFQ==
GET H2	200	step-3.png email-assets.lifeworks.com/	1022 B 1 KB	57ms 55ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/step-3.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 26238ce36811ad56c8a69f57698747f5033cbd1de46bbb522f79e4198cacfbd5 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 1226 etag "1e6b9058e74abb3d5eb466acc3b2d44e" x-cache Hit from cloudfront content-type image/png status 200 date Thu, 15 Oct 2020 12:47:29 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 1022 x-amz-cf-id 7PFiXE9y1pn-D3o-ozuS6cjjXY80LeSpr-Y_ylVKQZe3U9CnXGpk7Q==
GET H2	200	facebook.png email-assets.lifeworks.com/	701 B 1 KB	54ms 52ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/facebook.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash c98989da573d0f3e9f6b9ac35c9ae76ef7f103f25903b79bd667eb72b8efc44e Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 3122 etag "6465b3f09271de7893edb3087288399c" x-cache Hit from cloudfront content-type image/png status 200 date Thu, 15 Oct 2020 12:15:53 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 701 x-amz-cf-id bZNu4BYy_SVXUBilpJYKf_CSjVlj38l6p7MLtvVPAFi1v4mMDT81MQ==
GET H2	200	twitter.png email-assets.lifeworks.com/	819 B 1 KB	53ms 51ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/twitter.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 89f8107d9f403318f6a2d1fd198d32cbc6713ba94919489c29356cbf71ad2645 Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 3122 etag "a7b4be6417e2413ed7836753d9004ae4" x-cache Hit from cloudfront content-type image/png status 200 date Thu, 15 Oct 2020 12:15:53 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 819 x-amz-cf-id pbUmrM9-qU0ci7z3Rr-5CuS1jnfPzBK8jhrvGXYrpJUyCP79Lnt5LQ==
GET H2	200	linked-in.png email-assets.lifeworks.com/	783 B 1 KB	55ms 52ms	Image image/png	99.86.7.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://email-assets.lifeworks.com/linked-in.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-18.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash d62bccd8ae801f1b9959fc7748f7b0075206e207b3fdaddd1eadb3b4a6d2dd1d Request headers Referer https://bluearth-ca.lifeworks.com/view-email-browser?templateName=signUp.user_signup_invite_by_admin_panel&lang=en_CA&user=5f87c75f25078031aa7e1db9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:18:29 GMT via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Oct 2020 11:41:43 GMT server AmazonS3 age 64166 etag "8c06946809c00f070b12b12f256941f7" x-cache Hit from cloudfront x-amz-version-id null status 200 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/png content-length 783 x-amz-cf-id lV8ZJu6EHU-To_KUN8v-58BI9gZOYkig5JgPEvssEuPL7tXU1dFRFg==

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| WAM object| dataLayer function| gtag object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| _ object| picturefillCFG function| picturefill object| polyglot object| perfMetrics function| jQuery function| $ function| autobind object| Rx object| vttjs function| WebVTT boolean| __forceSmoothScrollPolyfill__ object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lifeworks.com/	1970-01-20 06:43:59	Name: _ga_PN9EDKDJKD Value: GS1.1.1602767269.1.0.1602767269.0
			.lifeworks.com/	1970-01-20 06:43:59	Name: _ga Value: GA1.1.574251368.1602767270

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://bluearth-ca.lifeworks.com/app/9c47e8d437.js(Line 1) Message: VIDEOJS: WARN: Player "[object HTMLAudioElement]" is already initialised. Options will not be applied.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluearth-ca.lifeworks.com
email-assets.lifeworks.com
fonts.googleapis.com
images.workangel.com
localisation-assets.lifeworks.com
services.io.lifeworks.com
wellbeing.apis.lifeworks.com
www.google-analytics.com
www.googletagmanager.com
2600:9000:206e:2e00:6:1dea:1640:93a1
2a00:1450:4001:801::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
3.248.68.102
52.210.227.202
99.86.243.123
99.86.243.3
99.86.7.18
0f76fddd0d66a332fe109a38aeb06479adae0754e9707ba8d310a861d7cace13
171271bb4364e6266b2d414a52bc1dbed530a58ad18d328947906bf40a2342e5
18179df10a5681e002bdda5e53d0fb98e08822b88d98591157c68e9cdac4ef1f
1bbacf954d72cb62e06649c1758144d1fb39f71b3cfc4096d7ddc655b93c19a5
26238ce36811ad56c8a69f57698747f5033cbd1de46bbb522f79e4198cacfbd5
2e755b7fba2b64bc33c6855faaa2bc02f365e857f2e7a71685a4466123407e69
3915478e739aa6cb0ad56c10b8a2b960fac18f93cf82619ee662762bed03f599
51f60901ac9041fead867e86d1593a845a5fc3bc5750a947d8ffa59293c71975
527c83171fcab3709811c863c582c1bb5ebd35c692d07dc9999e8c69861f0e84
54422834caa35c3c61af51d38ecd63a8d75bb768325bfa4720028cff0290d055
55fefb6a6917a73385dbb29c383d2ee2132e2c56a653a36933afd1a909dd08e5
6b9697544d75f5e6dfe538bc1e2a582c18647481051361647806b4788b0b5f1b
6dfe111ec666e68b9f6368ccbb49796635c0b50a9dc93615dde7433254f4d8ee
747a43a7a8d76f7a41c36c638fe10526c427fe03bd8af212b79e02802b46ce89
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7925ae276135085dc017b75f6b05a3768f313b35266e2ca8c47bab5f03b6a011
81b2841cd2e23c02563a506c686f1abd0abb2b0e969dbfb9a6366e16bf18465b
89f8107d9f403318f6a2d1fd198d32cbc6713ba94919489c29356cbf71ad2645
97bfe2fa764037835aad0514f863ebf4230ef74bf38a3be8c402a5ac3287306f
b0dc382ed9cee3d148122b6ff94d35916a377d0614a8989256bb1076a3a1d6e6
b2004a5cc6addb54d99eb55ceb22ea51f59894a4662dd370963e2184f6ed81f4
b9bb105ccce08b3440fa58557bb7cfa7b8f62ce6721c25fbaa634ffdcd063f9d
c98989da573d0f3e9f6b9ac35c9ae76ef7f103f25903b79bd667eb72b8efc44e
cf0abf49ec0e375f08a28fcd5b32a8b8297181f9da1e12ec1175900e0173c1d8
d0f85cdad1d777d85af9e3f3cf96862f8ab2fd0a7dbd49ce79df74384266e238
d62bccd8ae801f1b9959fc7748f7b0075206e207b3fdaddd1eadb3b4a6d2dd1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4f4594de26a808e78dc36a4cffd596713a9b56f1d5b50c62ddb4a99b7579bd
eca946acb04df08340d9e4fffce38f6952168c181b9230de6686e091fecd1d12
faf3bf08d8e805cc8b003a52115ad51bb029aff232db76958f554daa10792aeb
fcdf3a90ca2e51ee94cd2aa450387d67f6c1ad5a6cd6e993dbeeb0eff11ed243