ndg.io Open in urlscan Pro
52.21.237.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ndg.io/
Effective URL:
https://ndg.io/login/
Submission: On December 04 via manual (December 4th 2018, 3:32:02 am UTC) from US

Summary HTTP 21 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 21 HTTP transactions. The main IP is 52.21.237.96, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is ndg.io.
TLS certificate: Issued by Amazon on April 10th 2018. Valid for: a year.

This is the only time ndg.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 18	52.21.237.96 52.21.237.96		14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6813:c597		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4860:480... 2001:4860:4802:32::15		15169 (GOOGLE) (GOOGLE - Google LLC)
3	35.186.194.58 35.186.194.58		15169 (GOOGLE) (GOOGLE - Google LLC)
21	4

18 52.21.237.96 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-237-96.compute-1.amazonaws.com

ndg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ndg.io 2 redirects ndg.io	589 KB
4	fullstory.com fullstory.com rs.fullstory.com	56 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
21	3

	Domain	Requested by
18	ndg.io	2 redirects ndg.io
3	rs.fullstory.com	fullstory.com
1	fullstory.com	ndg.io
1	cdnjs.cloudflare.com	ndg.io
21	4

This site contains no links.

Subject Issuer	Validity	Valid
ndg.io Amazon	`2018-04-10` - `2019-05-10`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://ndg.io/login/
Frame ID: 7DFDB1D90AE0C0A801EA9F12A6B0CD3D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ndg.io/ HTTP 301
https://ndg.io/ HTTP 307
https://ndg.io/login/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

647 kB
Transfer

743 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ndg.io/ HTTP 301
https://ndg.io/ HTTP 307
https://ndg.io/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ndg.io/login/
Redirect Chain

http://ndg.io/
https://ndg.io/
https://ndg.io/login/

10 KB
11 KB

217ms
217ms

Document
text/html

52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 / PHP/7.2.10
Resource Hash: 76455f5e76e1ed13edad07d9c467a76f406dce31f71ccfec4f4505164d451f85

Request headers

:method: GET
:authority: ndg.io
:scheme: https
:path: /login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 04 Dec 2018 03:31:46 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.1
x-powered-by: PHP/7.2.10
set-cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; expires=Tue, 04-Dec-2018 05:31:46 GMT; Max-Age=7200; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

Redirect headers

status: 307
date: Tue, 04 Dec 2018 03:31:46 GMT
content-type: text/html; charset=UTF-8
location: https://ndg.io/login/
server: nginx/1.14.1
x-powered-by: PHP/7.2.10
set-cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; expires=Tue, 04-Dec-2018 05:31:45 GMT; Max-Age=7200; path=/; secure ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f; expires=Tue, 11-Dec-2018 03:31:45 GMT; Max-Age=604800; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

GET
H2 200 bootstrap.css
ndg.io/css/ 26 KB
26 KB 92ms
91ms Stylesheet
text/css 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/css/bootstrap.css
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 6e46c04b45f52455566312c7acf6d635e73905cd5fd5345d921e9f062b8e57ba

Request headers

:path: /css/bootstrap.css
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-6816"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 26646

GET
H2 200 animate.css
ndg.io/css/ 4 KB
4 KB 181ms
180ms Stylesheet
text/css 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/css/animate.css
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e2ac425e4d673db1f4035882182252bec6bf22448a77902b255100a89de588e4

Request headers

:path: /css/animate.css
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-f05"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 3845

GET
H2 200 font-awesome.min.css
ndg.io/css/ 20 KB
21 KB 180ms
180ms Stylesheet
text/css 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/css/font-awesome.min.css
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e05b0f42027e594b5c95c15cf3469d6b2d750b374a57ab99c07ddec67ecab80d

Request headers

:path: /css/font-awesome.min.css
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-5156"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 20822

GET
H2 200 icon.css
ndg.io/css/ 12 KB
12 KB 181ms
181ms Stylesheet
text/css 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/css/icon.css
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: a0d63cc14947ed3aa9aea94f8288b8dff28b0a0a0cff0a0f3f5a6ab77809e605

Request headers

:path: /css/icon.css
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-2eaa"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 11946

GET
H2 200 app.css
ndg.io/css/ 67 KB
68 KB 181ms
181ms Stylesheet
text/css 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/css/app.css
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: f5a35be313a8d08789df8dc0c69320c9fd831f4a266cc8209c1fa5f9550016c5

Request headers

:path: /css/app.css
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-10ded"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 69101

GET
H2 200 nudge-site-logo.png
ndg.io/images/ 19 KB
20 KB 181ms
181ms Image
image/png 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndg.io/images/nudge-site-logo.png
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: c87db0a1229bae2be7400fa0a4b2d01599047d838f4ef46a565399ca5e04fc46

Request headers

:path: /images/nudge-site-logo.png
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-4dec"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 19948

GET
H2 200 jquery.min.js Show response
ndg.io/js/ 91 KB
91 KB 181ms
181ms Script
application/javascript 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/js/jquery.min.js
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: a0e1e058447f4f8b0af1445196f203c04812ee0baa269f0f484823524e2a19a5

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-16bb3"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 93107

GET
H2 200 bootstrap.min.js Show response
ndg.io/js/ 25 KB
25 KB 91ms
90ms Script
application/javascript 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/js/bootstrap.min.js
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: be8ff1e5ee88213d51ca475dd8d8e453290a0b8ca2a8d55dfdec041e8e8d1cd2

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-645e"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 25694

GET
H2 200 app.js Show response
ndg.io/js/ 21 KB
21 KB 90ms
90ms Script
application/javascript 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/js/app.js
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 85054a30437a4b4704a42c3c6c6a12669d484087f93b30550d3a239b9271ed21

Request headers

:path: /js/app.js
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-546e"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 21614

GET
H2 200 jquery.slimscroll.min.js Show response
ndg.io/js/slimscroll/ 5 KB
5 KB 91ms
91ms Script
application/javascript 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/js/slimscroll/jquery.slimscroll.min.js
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: f496b65a5c0d027523555084a35b76b6d1560f8cb3bd944963be4cb1dc670eec

Request headers

:path: /js/slimscroll/jquery.slimscroll.min.js
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:33 GMT
server: nginx/1.14.1
etag: "5c055b55-1267"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4711

GET
H2 200 app.plugin.js Show response
ndg.io/js/ 9 KB
9 KB 91ms
91ms Script
application/javascript 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/js/app.plugin.js
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: a8498c548433653641c336f119c6fef06625de32c6be80eac36472d1b9e364a2

Request headers

:path: /js/app.plugin.js
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/login/
:scheme: https
:method: GET
Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-234a"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 9034

GET
S 200 jstz.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/ 5 KB
2 KB 8ms
8ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/jstz.min.js

Requested by

Host: ndg.io
URL: https://ndg.io/login/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.001
last-modified: Thu, 17 May 2018 09:20:20 GMT
server: cloudflare
etag: W/"5afd4954-14dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 483b33b88cb597aa-FRA
expires: Sun, 24 Nov 2019 03:31:46 GMT

GET
H2 200 GothamSSm-Book.woff
ndg.io/fonts/gotham/ 146 KB
146 KB 91ms
90ms Font
application/font-woff 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/fonts/gotham/GothamSSm-Book.woff
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 235e2713da8cb8299c2c06a589b9f619ddc8359ae94aa63b41a858d6ef539beb

Request headers

:path: /fonts/gotham/GothamSSm-Book.woff
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
origin: https://ndg.io
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/css/app.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://ndg.io/css/app.css
Origin: https://ndg.io

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-247f8"
content-type: application/font-woff
status: 200
accept-ranges: bytes
content-length: 149496

GET
H2 200 Gotham%20Extra%20Light.otf
ndg.io/fonts/gotham/ 129 KB
129 KB 91ms
91ms Font
application/octet-stream 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/fonts/gotham/Gotham%20Extra%20Light.otf
Requested by: Host: ndg.io
URL: https://ndg.io/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: af462ba7d9b199fbd0fed5e00cee566fc25f64d8c6d6f0a617f530b6fd7c1a8c

Request headers

:path: /fonts/gotham/Gotham%20Extra%20Light.otf
pragma: no-cache
cookie: ndg_csess_token=fab684935b978a30b3626ec7def72c17; ndg_session=84aca747939165344bc1dccc0c0f91cfc7dd4e1f
origin: https://ndg.io
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
referer: https://ndg.io/css/app.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://ndg.io/css/app.css
Origin: https://ndg.io

Response headers

date: Tue, 04 Dec 2018 03:31:46 GMT
last-modified: Mon, 03 Dec 2018 16:35:32 GMT
server: nginx/1.14.1
etag: "5c055b54-20418"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 132120

GET
S 200 fs.js Show response
fullstory.com/s/ 152 KB
55 KB 51ms
13ms Script
application/javascript 2001:4860:4802:32::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: ndg.io
URL: https://ndg.io/login/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b11bc995fe73708dfdcdec0e8a1e8cf1e8be21ebddc4f10716345e1fcc0c6428

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ndg.io/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 295
etag: "R6TN3A"
content-type: application/javascript
status: 200
x-cloud-trace-context: 701e53757c45941365761679040d2ced;o=1
cache-control: public, max-age=600
date: Tue, 04 Dec 2018 03:26:51 GMT
content-length: 56388
expires: Tue, 04 Dec 2018 03:36:51 GMT

POST
S 200 page Show response
rs.fullstory.com/rec/ 401 B
593 B 539ms
512ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e193f362cdd134a49ae0a02bf9751a966b7d93714d56effbc1618b7ec4b6560b

Request headers

Referer: https://ndg.io/login/
Origin: https://ndg.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Dec 2018 03:31:47 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ndg.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 401
expires: 0

POST
S 200 bundle Show response
rs.fullstory.com/rec/ 29 B
97 B 184ms
183ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=1GZAS&UserId=5705535638732800&SessionId=5629499534213120&PageId=5707702298738688&Seq=1&PageStart=1543894307118&PrevBundleTime=0
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 347837bbcbf171e5ee926f7391fcf79daa0b95fb66ff3a4b9a3a5f117f01add6

Request headers

Referer: https://ndg.io/login/
Origin: https://ndg.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Dec 2018 03:31:47 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ndg.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

GET
H2 200 ping Show response
ndg.io/ 4 B
396 B 192ms
192ms XHR
text/html 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/ping
Requested by: Host: ndg.io
URL: https://ndg.io/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 / PHP/7.2.10
Resource Hash: 9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Request headers

:path: /ping
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://ndg.io/login/
:method: GET
Accept: */*
Referer: https://ndg.io/login/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Dec 2018 03:31:51 GMT
server: nginx/1.14.1
x-powered-by: PHP/7.2.10
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
set-cookie: ndg_csess_token=3199438f20d44bedf511546e304226bc; expires=Tue, 04-Dec-2018 05:31:51 GMT; Max-Age=7200; path=/; secure ndg_session=2f43321bf0a1582559723f34d0be49eba9943bc4; expires=Tue, 11-Dec-2018 03:31:51 GMT; Max-Age=604800; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
S 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 118ms
118ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=1GZAS&UserId=5705535638732800&SessionId=5629499534213120&PageId=5707702298738688&Seq=2&PageStart=1543894307118&PrevBundleTime=1543894307436
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: efda728b38dc79ba0130555c32a34df330787c7837f7d0b56fd61c05973b6ae3

Request headers

Referer: https://ndg.io/login/
Origin: https://ndg.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Dec 2018 03:31:52 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ndg.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

GET
H2 200 ping Show response
ndg.io/ 4 B
397 B 151ms
151ms XHR
text/html 52.21.237.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ndg.io/ping
Requested by: Host: ndg.io
URL: https://ndg.io/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.237.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-237-96.compute-1.amazonaws.com
Software: nginx/1.14.1 / PHP/7.2.10
Resource Hash: 9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Request headers

:path: /ping
pragma: no-cache
cookie: ndg_csess_token=3199438f20d44bedf511546e304226bc; ndg_session=2f43321bf0a1582559723f34d0be49eba9943bc4
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ndg.io
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://ndg.io/login/
:method: GET
Accept: */*
Referer: https://ndg.io/login/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Dec 2018 03:31:56 GMT
server: nginx/1.14.1
x-powered-by: PHP/7.2.10
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
set-cookie: ndg_csess_token=3199438f20d44bedf511546e304226bc; expires=Tue, 04-Dec-2018 05:31:56 GMT; Max-Age=7200; path=/; secure ndg_session=2f43321bf0a1582559723f34d0be49eba9943bc4; expires=Tue, 11-Dec-2018 03:31:56 GMT; Max-Age=604800; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| siteurl function| $ function| jQuery object| jQuery1102071696366051177 object| Modernizr object| screenfull object| jstz object| Account boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS function| easypie string| _fs_loaded function| _fs_shutdown

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ndg.io/	1970-01-18 21:01:39	Name: ndg_session Value: 84aca747939165344bc1dccc0c0f91cfc7dd4e1f
			ndg.io/	1970-01-18 20:51:41	Name: ndg_csess_token Value: fab684935b978a30b3626ec7def72c17

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fullstory.com
ndg.io
rs.fullstory.com
2001:4860:4802:32::15
2606:4700::6813:c597
35.186.194.58
52.21.237.96
235e2713da8cb8299c2c06a589b9f619ddc8359ae94aa63b41a858d6ef539beb
347837bbcbf171e5ee926f7391fcf79daa0b95fb66ff3a4b9a3a5f117f01add6
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
6e46c04b45f52455566312c7acf6d635e73905cd5fd5345d921e9f062b8e57ba
76455f5e76e1ed13edad07d9c467a76f406dce31f71ccfec4f4505164d451f85
85054a30437a4b4704a42c3c6c6a12669d484087f93b30550d3a239b9271ed21
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2
a0d63cc14947ed3aa9aea94f8288b8dff28b0a0a0cff0a0f3f5a6ab77809e605
a0e1e058447f4f8b0af1445196f203c04812ee0baa269f0f484823524e2a19a5
a8498c548433653641c336f119c6fef06625de32c6be80eac36472d1b9e364a2
af462ba7d9b199fbd0fed5e00cee566fc25f64d8c6d6f0a617f530b6fd7c1a8c
b11bc995fe73708dfdcdec0e8a1e8cf1e8be21ebddc4f10716345e1fcc0c6428
be8ff1e5ee88213d51ca475dd8d8e453290a0b8ca2a8d55dfdec041e8e8d1cd2
c87db0a1229bae2be7400fa0a4b2d01599047d838f4ef46a565399ca5e04fc46
e05b0f42027e594b5c95c15cf3469d6b2d750b374a57ab99c07ddec67ecab80d
e193f362cdd134a49ae0a02bf9751a966b7d93714d56effbc1618b7ec4b6560b
e2ac425e4d673db1f4035882182252bec6bf22448a77902b255100a89de588e4
efda728b38dc79ba0130555c32a34df330787c7837f7d0b56fd61c05973b6ae3
f496b65a5c0d027523555084a35b76b6d1560f8cb3bd944963be4cb1dc670eec
f5a35be313a8d08789df8dc0c69320c9fd831f4a266cc8209c1fa5f9550016c5