link.bdainc.com Open in urlscan Pro
44.240.235.130  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request f2a5xV9nemB7dxkuuPXcDyjF Show response link.bdainc.com/mbholidayappreciation22/	10 KB 5 KB	833ms 377ms	Document text/html	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash ab51e5db6ff56da38668c814de11a2398be5214cf616f246e467f3f50d1091ec Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com maps.googleapis.com cdn.datatables.net nightly.datatables.net cdnjs.cloudflare.com cdn.cookielaw.org o662518.ingest.sentry.io www.googletagmanager.com cdn.jsdelivr.net ajax.googleapis.com Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff nosniff X-Frame-Options sameorigin SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers 0 Pragma 1 no-cache 2 Expires 3 Fri, 01 Jan 1990 00:00:00 GMT cache-control max-age=0, must-revalidate, no-store, nocache, private content-encoding gzip content-security-policy script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com maps.googleapis.com cdn.datatables.net nightly.datatables.net cdnjs.cloudflare.com cdn.cookielaw.org o662518.ingest.sentry.io www.googletagmanager.com cdn.jsdelivr.net ajax.googleapis.com content-type text/html; charset=UTF-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Wed, 23 Aug 2023 18:32:13 GMT permissions-policy accelerometer=(self), autoplay=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self) referrer-policy no-referrer server nginx strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff nosniff x-download-options noopen x-frame-options sameorigin SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 1; mode=block 1; mode=block
GET H2	200	vendor.css link.bdainc.com/css/	136 KB 137 KB	379ms 377ms	Stylesheet text/css	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/css/vendor.css?1691157484 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash c55839c77a1aeb4594d3db9a2f8567e2f5d6026f52f507f4419e7d8ec0161be4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:13 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-22039" x-frame-options SAMEORIGIN content-type text/css accept-ranges bytes content-length 139321 x-xss-protection 1; mode=block
GET H2	200	app.css link.bdainc.com/css/	386 KB 387 KB	569ms 568ms	Stylesheet text/css	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/css/app.css?1691157484 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 793378edd23483b0a5caedd7d5e47d4027ca963d9a4d91cad67d4dac48b84d38 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:13 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-607d5" x-frame-options SAMEORIGIN content-type text/css accept-ranges bytes content-length 395221 x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	25 KB 2 KB	81ms 33ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 23 Aug 2023 18:32:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 23 Aug 2023 18:32:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 23 Aug 2023 18:32:13 GMT
GET H2	200	slick.css cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/	2 KB 1 KB	83ms 35ms	Stylesheet text/css	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15760716 x-jsd-version 1.8.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230085-FRA, cache-yyz4552-YYZ x-jsd-version-type version server cloudflare etag W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqoCxLaFMONzFNYCsOB9cBrLdxJNO%2FAlzfgw6uCpPOVgThkvfvpu9%2FBn2QGUZGWsDCUcVn2JIf61Thq2V6B54Xk1G5EVNNFSPBi71SzHkzWmLLhXgclqATbtCHcCC%2BMq8MFc%2BTbBhk%2FWFTGPds8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 7fb56fdd8de89b1f-FRA
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	80ms 36ms	Script application/javascript	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:13 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 X1C0PY0lSDg1JSpsyFxfYA== age 9042 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6837 x-ms-lease-status unlocked last-modified Mon, 21 Aug 2023 17:10:59 GMT server cloudflare etag 0x8DBA269973EC8AB vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5bd67f6c-c01e-006d-2268-d48dc8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fdd88759b76-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	250 KB 86 KB	83ms 36ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RQGQL4VJ8J Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4400f0668bc880036cf2d606137ea7fb59186bd5fe6a1a2ece483790c7621699 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87279 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 23 Aug 2023 18:32:14 GMT
GET H/1.1	200 OK	604edd48-a0af-4f0f-9ac4-826e039ab880.jpg bda-redemption.s3.us-west-2.amazonaws.com/uploads/websites/166/	372 KB 372 KB	667ms 262ms	Image image/jpeg	52.218.252.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bda-redemption.s3.us-west-2.amazonaws.com/uploads/websites/166/604edd48-a0af-4f0f-9ac4-826e039ab880.jpg Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.252.41 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash 5930456be2a11b0037a38052191431b90c647e2264396fd9ff91819960471cf9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Wed, 23 Aug 2023 18:32:16 GMT Last-Modified Tue, 15 Nov 2022 23:10:05 GMT Server AmazonS3 x-amz-request-id BTYPKK1A4HSS1CJ2 ETag "08900aba672bebd59c58851aba485d82" Content-Type image/jpeg Accept-Ranges bytes Content-Length 380676 x-amz-id-2 +MDobrKnHPfYuLx9IhFQ/Sgyvu+CEwVyzKE+/gKBNWy87IooX2bgLkswjzRvu1NNV5UdaNEm23s=
GET H2	200	vendor.js Show response link.bdainc.com/js/	901 KB 902 KB	190ms 190ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/vendor.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 0725500cdcd391f8600120d1b071ae21b7d8875d005b9070f2d627aaa3f9a321 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-e1350" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 922448 x-xss-protection 1; mode=block
GET H2	200	theme.js Show response link.bdainc.com/js/	11 KB 11 KB	198ms 198ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/theme.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 521f9465a6b64628abe81b8ef8ae4e73f791e3d16bb2ae883e4553efd489110c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-2a45" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 10821 x-xss-protection 1; mode=block
GET H2	200	app.js Show response link.bdainc.com/js/	105 KB 105 KB	191ms 189ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/app.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3119a7dd0cc44227fb10287adf5419a18e219022b8ad487c7d98cbb5f2973790 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-1a332" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 107314 x-xss-protection 1; mode=block
GET H2	200	jquery.dataTables.min.js Show response cdn.datatables.net/1.10.22/js/	85 KB 29 KB	144ms 84ms	Script application/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/1.10.22/js/jquery.dataTables.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c91c904fbfbe1fcb61c4e4cb955b35e8eb303f29d97a9f757c744fc6603a978a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip cf-cache-status HIT age 18175793 content-length 29732 last-modified Fri, 11 Nov 2022 14:46:27 GMT server cloudflare etag "12a0fad-15216-5ed32f45c0f70-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 accept-ranges bytes cf-ray 7fb56fe50b5fbb3d-FRA access-control-allow-headers origin, x-requested-with, content-type expires Thu, 25 Jan 2024 09:42:20 GMT
GET H2	200	dataTables.bootstrap4.min.js Show response cdn.datatables.net/1.10.22/js/	4 KB 2 KB	125ms 65ms	Script application/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/1.10.22/js/dataTables.bootstrap4.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8ccda79c0869303bbef93ef44992a313778b11e9cb918909644f6894782b125 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip cf-cache-status HIT age 10154846 content-length 1951 last-modified Thu, 27 Apr 2023 16:04:48 GMT server cloudflare etag "12a003f-11a8-5fa53840f38da-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 accept-ranges bytes cf-ray 7fb56fe50b62bb3d-FRA access-control-allow-headers origin, x-requested-with, content-type expires Sat, 27 Apr 2024 05:44:47 GMT
GET H2	200	dataTables.responsive.min.js Show response cdn.datatables.net/responsive/2.2.6/js/	16 KB 6 KB	137ms 78ms	Script application/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/responsive/2.2.6/js/dataTables.responsive.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7078f29430851b033425fe25ac6a376faf67434dbb60a09de2693173d608306 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip cf-cache-status HIT age 30321780 content-length 5962 last-modified Thu, 14 Jul 2022 08:25:02 GMT server cloudflare etag "13000ca-41d1-5e3bfa35a5fef-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 accept-ranges bytes cf-ray 7fb56fe50b64bb3d-FRA access-control-allow-headers origin, x-requested-with, content-type expires Wed, 06 Sep 2023 19:49:14 GMT
GET H2	200	responsive.bootstrap4.min.js Show response cdn.datatables.net/responsive/2.2.6/js/	4 KB 2 KB	130ms 71ms	Script application/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/responsive/2.2.6/js/responsive.bootstrap4.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 308c5ac6865fe2c0252c5abaed7b8055e542d4943b85b5b99823c994e4bbc11d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip cf-cache-status HIT age 18962051 content-length 1474 last-modified Fri, 11 Nov 2022 14:47:20 GMT server cloudflare etag "13000bf-e4d-5ed32f78dfa28-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 accept-ranges bytes cf-ray 7fb56fe50b63bb3d-FRA access-control-allow-headers origin, x-requested-with, content-type expires Tue, 16 Jan 2024 07:18:03 GMT
GET H2	200	dataTables.buttons.min.js Show response nightly.datatables.net/buttons/js/	25 KB 8 KB	179ms 121ms	Script text/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nightly.datatables.net/buttons/js/dataTables.buttons.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a073b02c2a2e2f053bcb121d662f61e2073811a18aa69cefbdcaf2edad9f6fb1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Tue, 22 Aug 2023 15:15:55 GMT server cloudflare etag "1042094-63e9-6038478afab7c-gzip" vary Accept-Encoding,User-Agent access-control-allow-methods GET content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 7fb56fe50893923e-FRA access-control-allow-headers origin, x-requested-with, content-type content-length 8122
GET H2	200	datatable-paginator.js Show response link.bdainc.com/js/	3 KB 4 KB	191ms 190ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/datatable-paginator.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e45c81ee73a4fbcaaebec38f4483e355160af951c1a7f0e8160f541f7e175479 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-bf7" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 3063 x-xss-protection 1; mode=block
GET H2	200	sentry-init.js Show response link.bdainc.com/js/	115 KB 115 KB	191ms 190ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/sentry-init.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash acdf79cc64f58558f10e171a96bf9d241b5432909f38aeca27cb164ff3189420 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-1ca43" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 117315 x-xss-protection 1; mode=block
GET H2	200	slick.min.js Show response cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/	42 KB 11 KB	32ms 31ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15760717 x-jsd-version 1.8.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230096-FRA, cache-yyz4521-YYZ x-jsd-version-type version server cloudflare etag W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ9MzLti3vvgbauvLdc2V5rjWwdhJ6RngZoRTH1PBcxaKSOMmRyzkM4F2KgLGnQURs%2F8s1DMSA15QYUROdklIzOrrVmPPcKO4M495j2aGuRsw60N1Ws12Ii4pGuP%2B5bZVyOn4StrqorDw4mlIWw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 7fb56fe4af4f9b1f-FRA
GET H2	200	index-frontoffice.bundle.js Show response link.bdainc.com/js/	396 KB 397 KB	192ms 190ms	Script application/javascript	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/js/index-frontoffice.bundle.js?1691157484 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/mbholidayappreciation22/f2a5xV9nemB7dxkuuPXcDyjF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 1309e5cffcbf85215bf8f07c53b814e5adbad4c54a65152e56c5eb6779d3c5e2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-63113" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 accept-ranges bytes content-length 405779 x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	15 KB 1002 B	31ms 31ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,600,700,900|Open+Sans:400,600,700 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/css/app.css?1691157484 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f780b3437394b6dae2c06ee98f370122f823e232b4c527afa2f661a4e64d839b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 23 Aug 2023 18:26:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 23 Aug 2023 18:32:14 GMT
GET H2	200	8d54f0af-a311-4724-a8a3-8b2572c60227.json Show response cdn.cookielaw.org/consent/8d54f0af-a311-4724-a8a3-8b2572c60227/	4 KB 2 KB	108ms 69ms	XHR application/x-javascript	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8d54f0af-a311-4724-a8a3-8b2572c60227/8d54f0af-a311-4724-a8a3-8b2572c60227.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb7733477255cd8bbbf3b7b71fda97cb49427db748f5535e39aba17a13c9725b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 p0mmz3CiIjQKd+MerAk2Dw== content-length 1592 x-ms-lease-status unlocked last-modified Tue, 11 May 2021 18:29:04 GMT server cloudflare etag 0x8D914AAA7F3BDC5 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 54b0d38d-a01e-00a0-4704-cdbd22000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fe4e9303733-FRA expires Thu, 24 Aug 2023 18:32:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	72ms 25ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link.bdainc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Tue, 22 Aug 2023 17:26:14 GMT x-content-type-options nosniff age 90360 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Aug 2024 17:26:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	67ms 20ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link.bdainc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 16 Aug 2023 22:08:16 GMT x-content-type-options nosniff age 591838 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Aug 2024 22:08:16 GMT
GET H2	200	feather.woff link.bdainc.com/fonts/	68 KB 68 KB	316ms 316ms	Font application/font-woff	44.240.235.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://link.bdainc.com/fonts/feather.woff Requested by Host: link.bdainc.com URL: https://link.bdainc.com/css/vendor.css?1691157484 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.235.130 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-235-130.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 6758d48c645ef6740d2d7d5c582a4d7aaa5c95f0edd78b8c31a412a356094f08 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://link.bdainc.com/css/vendor.css?1691157484 Origin https://link.bdainc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:32:14 GMT x-content-type-options nosniff last-modified Fri, 04 Aug 2023 13:58:04 GMT server nginx etag "64cd03ec-10ed0" x-frame-options SAMEORIGIN content-type application/font-woff accept-ranges bytes content-length 69328 x-xss-protection 1; mode=block
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.17.0/	377 KB 84 KB	30ms 30ms	Script application/javascript	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:14 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 66Z8bY5FXXAAikIS37tpYA== age 29879 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 85833 x-ms-lease-status unlocked last-modified Thu, 29 Apr 2021 01:57:14 GMT server cloudflare etag 0x8D90AB21C520644 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 9cd4979a-301e-0033-5ce1-5a81cb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fe55e5e9b76-FRA
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	75ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-RQGQL4VJ8J&gtm=45je38l0&_p=960141551&cid=475796094.1692815535&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692815534&sct=1&seg=0&dl=https%3A%2F%2Flink.bdainc.com%2Fmbholidayappreciation22%2Ff2a5xV9nemB7dxkuuPXcDyjF&dt=Home%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=false Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RQGQL4VJ8J Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers pragma no-cache date Wed, 23 Aug 2023 18:32:15 GMT server Golfe2 content-type text/plain access-control-allow-origin https://link.bdainc.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	215 B 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/jpg
GET H2	200	en.json Show response cdn.cookielaw.org/consent/8d54f0af-a311-4724-a8a3-8b2572c60227/4b9d9b0b-72ba-446b-a4f6-895488358d03/	23 KB 8 KB	77ms 77ms	Fetch application/x-javascript	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8d54f0af-a311-4724-a8a3-8b2572c60227/4b9d9b0b-72ba-446b-a4f6-895488358d03/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 390cd663e605cc360dc6d8b3dede482d94ce024b13a3148e2826d7a5cfced747 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:15 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 R5ts4KCehlDNHqc4Z3IYKw== content-length 8294 x-ms-lease-status unlocked last-modified Tue, 11 May 2021 18:29:12 GMT server cloudflare etag 0x8D914AAACFF2362 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9e518dc2-a01e-0054-4299-d276d4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fe63bb63733-FRA expires Thu, 24 Aug 2023 18:32:15 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.17.0/assets/	12 KB 3 KB	63ms 63ms	Fetch application/json	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otFlat.json Requested by Host: link.bdainc.com URL: https://link.bdainc.com/js/sentry-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:15 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 iBHq0PTHfG30UZUmEXHGnw== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2938 x-ms-lease-status unlocked last-modified Thu, 29 Apr 2021 01:57:06 GMT server cloudflare etag 0x8D90AB2173E15E6 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id a53d32bb-101e-008a-7a8e-c76232000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fe6ed3e3733-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.17.0/assets/	62 KB 15 KB	61ms 61ms	Fetch application/json	2606:4700::6812:bbda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otPcCenter.json Requested by Host: link.bdainc.com URL: https://link.bdainc.com/js/sentry-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Aug 2023 18:32:15 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 r/nm/Kt9tdjXHtMK2zGH9Q== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14755 x-ms-lease-status unlocked last-modified Thu, 29 Apr 2021 01:57:06 GMT server cloudflare etag 0x8D90AB217A74BD0 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 2755281b-701e-0078-109d-d29a7b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7fb56fe6ed413733-FRA
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	20ms 19ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link.bdainc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 19 Aug 2023 11:08:17 GMT x-content-type-options nosniff age 372238 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Aug 2024 11:08:17 GMT
POST H2	200	/ Show response o662518.ingest.sentry.io/api/5774404/envelope/	41 B 373 B	125ms 42ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o662518.ingest.sentry.io/api/5774404/envelope/?sentry_key=f853baadb3974edcbfe00bfe8b06a2f8&sentry_version=7 Requested by Host: link.bdainc.com URL: https://link.bdainc.com/js/sentry-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash f43893e50c4421dcafa9ea281b732b99e0f8a6fbd74c0bc65acf45b6965d6bfc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://link.bdainc.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 23 Aug 2023 18:32:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| OneTrustStub function| OptanonWrapper function| gtag object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| EasyAutocomplete object| ParallaxScroll object| card function| _typeof function| _possibleConstructorReturn function| _getPrototypeOf function| _assertThisInitialized function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ function| $ function| jQuery function| Popper object| bootstrap function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| iziToast object| noUiSlider object| Modernizr function| Payment function| Card function| FilePondPluginFileEncode function| FilePondPluginFileValidateSize function| FilePondPluginImageExifOrientation function| FilePondPluginImagePreview object| FilePond object| __framePainter function| tinycolor object| webpackChunk function| _ function| axios function| loadImage object| $jscomp function| $jscomp$lookupPolyfilledValue object| __SENTRY__ object| Optanon object| OneTrust function| showNotification

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			link.bdainc.com/	1970-01-20 14:13:42	Name: XSRF-TOKEN Value: eyJpdiI6IjQ2QmkyMVk4NmdJbURRNm1BRC8xWUE9PSIsInZhbHVlIjoibG9QcFZWRGd6UmFPcUFNcitlU0dBb3N3eVVHVTlpMkhiUWNwYXBSMHJOR3pneTFyeDhvbEluZ2ZjaUVTajdJcWd6ZlNpcmNpdkY5UEpaT2F1VDUrWkpiUm9QcGZvK0o3L3djRng2ZnFQYjNoaUszUXNhME9HSGVFUGVYWnN4eXoiLCJtYWMiOiIyYmIzNDRiNjA4ZWRjZGE2ZGZjODA2MGJkNDE2YjIyZTljNGE0ZmViYTU0ZDVlYmYwYWVkOWYyZGE2OWNhZjg5IiwidGFnIjoiIn0%3D
			link.bdainc.com/	1970-01-20 14:13:42	Name: bda_session Value: eyJpdiI6IkF0NldDN2c1azI1eW56aGpYQ011anc9PSIsInZhbHVlIjoibnhobnZEdUd1WW1YdnZUdGd0Y3pXckMyTVA5Qlo1U2ltbElHNStuMGVtRnJPMDFyV0V5K2ZmeHJWaElLOGRNb3NSWTB2SHpMOWRnM2ZCRG1oVFdVSFVaU1RtT3JTNC8xb2liZ3IyTzQxR2hUQ2pEYWZnbUdQWW81ZVNoNEsxcE4iLCJtYWMiOiJjZDE5MTliOTliNDA2ZTBmZjdjYjNiNDNiMzg0YzEzYTI0YjZlYWUyZDdlMjEwOTE0NDlhZjVhYmY3YzM3MWVkIiwidGFnIjoiIn0%3D
			.bdainc.com/	1970-01-20 23:49:35	Name: _ga Value: GA1.1.475796094.1692815535
			.bdainc.com/	1970-01-20 23:49:35	Name: _ga_RQGQL4VJ8J Value: GS1.1.1692815534.1.0.1692815535.0.0.0
			link.bdainc.com/	1970-01-20 14:23:40	Name: AWSALB Value: b/dgfRtYCZyIVZKHP97fpmmAIfCUcnq6Cdi+VkQXPH4U8cw34BCk/UaIOsWXTK3A69NJHC62OcRUDimKR7Upx4B2jDlLDJfY9G2E2bIns79yq7I/LZV6nroGeLn+
			link.bdainc.com/	1970-01-20 14:23:40	Name: AWSALBCORS Value: b/dgfRtYCZyIVZKHP97fpmmAIfCUcnq6Cdi+VkQXPH4U8cw34BCk/UaIOsWXTK3A69NJHC62OcRUDimKR7Upx4B2jDlLDJfY9G2E2bIns79yq7I/LZV6nroGeLn+
			.link.bdainc.com/	1970-01-20 22:59:11	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Aug+23+2023+20%3A32%3A15+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=9151798b-3017-49df-bf27-4ccda283f292&interactionCount=0&landingPath=https%3A%2F%2Flink.bdainc.com%2Fmbholidayappreciation22%2Ff2a5xV9nemB7dxkuuPXcDyjF&groups=C0001%3A1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com maps.googleapis.com cdn.datatables.net nightly.datatables.net cdnjs.cloudflare.com cdn.cookielaw.org o662518.ingest.sentry.io www.googletagmanager.com cdn.jsdelivr.net ajax.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bda-redemption.s3.us-west-2.amazonaws.com
cdn.cookielaw.org
cdn.datatables.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
link.bdainc.com
nightly.datatables.net
o662518.ingest.sentry.io
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:10::6816:325d
2606:4700::6810:5814
2606:4700::6812:bbda
2a00:1450:4001:809::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
34.120.195.249
44.240.235.130
52.218.252.41
0725500cdcd391f8600120d1b071ae21b7d8875d005b9070f2d627aaa3f9a321
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1309e5cffcbf85215bf8f07c53b814e5adbad4c54a65152e56c5eb6779d3c5e2
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
308c5ac6865fe2c0252c5abaed7b8055e542d4943b85b5b99823c994e4bbc11d
3119a7dd0cc44227fb10287adf5419a18e219022b8ad487c7d98cbb5f2973790
390cd663e605cc360dc6d8b3dede482d94ce024b13a3148e2826d7a5cfced747
4400f0668bc880036cf2d606137ea7fb59186bd5fe6a1a2ece483790c7621699
4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd
521f9465a6b64628abe81b8ef8ae4e73f791e3d16bb2ae883e4553efd489110c
5930456be2a11b0037a38052191431b90c647e2264396fd9ff91819960471cf9
6758d48c645ef6740d2d7d5c582a4d7aaa5c95f0edd78b8c31a412a356094f08
793378edd23483b0a5caedd7d5e47d4027ca963d9a4d91cad67d4dac48b84d38
a073b02c2a2e2f053bcb121d662f61e2073811a18aa69cefbdcaf2edad9f6fb1
ab51e5db6ff56da38668c814de11a2398be5214cf616f246e467f3f50d1091ec
acdf79cc64f58558f10e171a96bf9d241b5432909f38aeca27cb164ff3189420
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7078f29430851b033425fe25ac6a376faf67434dbb60a09de2693173d608306
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
c55839c77a1aeb4594d3db9a2f8567e2f5d6026f52f507f4419e7d8ec0161be4
c91c904fbfbe1fcb61c4e4cb955b35e8eb303f29d97a9f757c744fc6603a978a
d8ccda79c0869303bbef93ef44992a313778b11e9cb918909644f6894782b125
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c81ee73a4fbcaaebec38f4483e355160af951c1a7f0e8160f541f7e175479
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb7733477255cd8bbbf3b7b71fda97cb49427db748f5535e39aba17a13c9725b
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f43893e50c4421dcafa9ea281b732b99e0f8a6fbd74c0bc65acf45b6965d6bfc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f780b3437394b6dae2c06ee98f370122f823e232b4c527afa2f661a4e64d839b
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785