christus.okta.com
Open in
urlscan Pro
75.2.87.65
Public Scan
Effective URL: https://christus.okta.com/app/christus_edcast_1/exkm2uzeerEmPZdWi0x7/sso/saml
Submission: On August 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 22nd 2023. Valid for: a year.
This is the only time christus.okta.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:238... 2600:9000:238d:d800:19:9934:6a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 13 | 99.84.88.128 99.84.88.128 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.130.217 151.101.130.217 | 54113 (FASTLY) (FASTLY) | |
13 | 151.101.66.137 151.101.66.137 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 99.84.88.126 99.84.88.126 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 162.247.243.29 162.247.243.29 | 54113 (FASTLY) (FASTLY) | |
1 | 76.223.42.213 76.223.42.213 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 108.138.36.53 108.138.36.53 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 75.2.87.65 75.2.87.65 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 18.239.94.29 18.239.94.29 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 108.138.7.107 108.138.7.107 | 16509 (AMAZON-02) (AMAZON-02) | |
69 | 13 |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-128.muc50.r.cloudfront.net
christushealth.edcast.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-126.muc50.r.cloudfront.net
resources.edcast.io |
ASN16509 (AMAZON-02, US)
PTR: ae52e19d4a7095f43.awsglobalaccelerator.com
edcast.okta.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-53.muc50.r.cloudfront.net
ok6static.oktacdn.com |
ASN16509 (AMAZON-02, US)
PTR: a9fda6e8074f1dfbe.awsglobalaccelerator.com
christus.okta.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-29.ams1.r.cloudfront.net
ok2static.oktacdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-107.fra56.r.cloudfront.net
login.okta.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
oktacdn.com
ok6static.oktacdn.com — Cisco Umbrella Rank: 15844 ok2static.oktacdn.com — Cisco Umbrella Rank: 13092 |
1 MB |
13 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 475 |
48 KB |
13 |
edcast.com
1 redirects
christushealth.edcast.com |
849 KB |
11 |
edcast.io
resources.edcast.io — Cisco Umbrella Rank: 110567 |
105 KB |
5 |
okta.com
edcast.okta.com — Cisco Umbrella Rank: 194725 christus.okta.com — Cisco Umbrella Rank: 417150 login.okta.com — Cisco Umbrella Rank: 4857 |
123 KB |
2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 295 |
769 B |
2 |
launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1208 |
5 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
app.link
1 redirects
bbjst.app.link |
676 B |
0 |
cloudfront.net
Failed
d2m321vfjedqj8.cloudfront.net Failed |
|
69 | 11 |
Domain | Requested by | |
---|---|---|
13 | js-agent.newrelic.com |
christushealth.edcast.com
|
13 | christushealth.edcast.com |
1 redirects
christushealth.edcast.com
|
11 | ok2static.oktacdn.com |
christus.okta.com
ok2static.oktacdn.com |
11 | resources.edcast.io |
christushealth.edcast.com
|
4 | ok6static.oktacdn.com |
edcast.okta.com
|
2 | login.okta.com |
ok2static.oktacdn.com
login.okta.com |
2 | christus.okta.com |
christus.okta.com
|
2 | bam.nr-data.net |
christushealth.edcast.com
js-agent.newrelic.com |
2 | app.launchdarkly.com |
christushealth.edcast.com
|
2 | fonts.googleapis.com |
christushealth.edcast.com
|
1 | edcast.okta.com |
christushealth.edcast.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | bbjst.app.link | 1 redirects |
0 | d2m321vfjedqj8.cloudfront.net Failed |
christushealth.edcast.com
|
69 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.christushealth.org |
esupport.christushealth.org |
www.okta.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.edcast.com Amazon RSA 2048 M01 |
2023-02-23 - 2024-03-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-07-02 - 2024-08-02 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
resources.edcast.io Amazon RSA 2048 M02 |
2023-06-21 - 2024-07-20 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
*.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-22 - 2024-04-12 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-03 - 2024-01-02 |
a year | crt.sh |
accounts.okta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-19 - 2024-07-24 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://christus.okta.com/app/christus_edcast_1/exkm2uzeerEmPZdWi0x7/sso/saml
Frame ID: E49120686832371C1430F77C84E35600
Requests: 66 HTTP requests in this frame
Frame:
https://login.okta.com/discovery/iframe.html
Frame ID: F7E4CAA4DB0C93BCF2BEDA6780CB16E2
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
CHRISTUS - AnmeldenPage URL History Show full URLs
-
https://bbjst.app.link/M92ncOkegCb
HTTP 307
https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l?deep_link... Page URL
-
https://christushealth.edcast.com/auth/lxp_oauth?current_host=ckNrL1VtaVVZNlRldlQzSDdVdVh5RkpoOEJoUlNYZUVDYTUw...
HTTP 302
https://edcast.okta.com/oauth2/v1/authorize?client_id=edzwKYQH1470%21&idp=0oa3ls6w63y7Pg7sB2p7&nonce... Page URL
- https://christus.okta.com/app/christus_edcast_1/exkm2uzeerEmPZdWi0x7/sso/saml Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: CHRISTUS 24/7 Service Desk: 1-888-681-5123
Search URL Search Domain Scan URL
Title: St. Vincent Service Desk: 1-505-913-5246
Search URL Search Domain Scan URL
Title: CHRISTUS Bomgar Remote Support
Search URL Search Domain Scan URL
Title: Okta
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bbjst.app.link/M92ncOkegCb
HTTP 307
https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l?deep_link_id=16005465&deep_link_type=card&_branch_match_id=1220046723246535992&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0rKKi7RSywo0MvJzMvW97U0ykv2z05Nd04CAGw7XssiAAAA Page URL
-
https://christushealth.edcast.com/auth/lxp_oauth?current_host=ckNrL1VtaVVZNlRldlQzSDdVdVh5RkpoOEJoUlNYZUVDYTUwOHh1SFFUaytLdFhtWjlIZU1lU2V2ZFplOGhVMS0tdzZvSDhlenh2MGtSSXVvVExQUlBaUT09--d6fc98569923338e7212b483c72b51097fe38e31&connector=eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjgyMzIifQ.u_ADr3p6-kJa9cLFJvBLOFtlE7WVGNLDfiibr1ZCW28&provider=saml&origin=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l?deep_link_id=16005465&deep_link_type=card&_branch_match_id=1220046723246535992&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0rKKi7RSywo0MvJzMvW97U0ykv2z05Nd04CAGw7XssiAAAA
HTTP 302
https://edcast.okta.com/oauth2/v1/authorize?client_id=edzwKYQH1470%21&idp=0oa3ls6w63y7Pg7sB2p7&nonce=YsG76jo&redirect_uri=https%3A%2F%2Fchristushealth.edcast.com%2Fauth%2Flxp_oauth%2Fcallback&response_mode=query&response_type=code&scope=openid+email+profile+offline_access&state=7b25e9bd62ac32fb22f7965f4f964d88c17c8bda194007ef Page URL
- https://christus.okta.com/app/christus_edcast_1/exkm2uzeerEmPZdWi0x7/sso/saml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bbjst.app.link/M92ncOkegCb HTTP 307
- https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l?deep_link_id=16005465&deep_link_type=card&_branch_match_id=1220046723246535992&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0rKKi7RSywo0MvJzMvW97U0ykv2z05Nd04CAGw7XssiAAAA
- https://christushealth.edcast.com/auth/lxp_oauth?current_host=ckNrL1VtaVVZNlRldlQzSDdVdVh5RkpoOEJoUlNYZUVDYTUwOHh1SFFUaytLdFhtWjlIZU1lU2V2ZFplOGhVMS0tdzZvSDhlenh2MGtSSXVvVExQUlBaUT09--d6fc98569923338e7212b483c72b51097fe38e31&connector=eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjgyMzIifQ.u_ADr3p6-kJa9cLFJvBLOFtlE7WVGNLDfiibr1ZCW28&provider=saml&origin=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l?deep_link_id=16005465&deep_link_type=card&_branch_match_id=1220046723246535992&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0rKKi7RSywo0MvJzMvW97U0ykv2z05Nd04CAGw7XssiAAAA HTTP 302
- https://edcast.okta.com/oauth2/v1/authorize?client_id=edzwKYQH1470%21&idp=0oa3ls6w63y7Pg7sB2p7&nonce=YsG76jo&redirect_uri=https%3A%2F%2Fchristushealth.edcast.com%2Fauth%2Flxp_oauth%2Fcallback&response_mode=query&response_type=code&scope=openid+email+profile+offline_access&state=7b25e9bd62ac32fb22f7965f4f964d88c17c8bda194007ef
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
the-christus-moment-call-to-community-nuestro-llamado-a-l
christushealth.edcast.com/insights/ Redirect Chain
|
94 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-main.css
christushealth.edcast.com/ |
1 MB 124 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
29 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-common.js
christushealth.edcast.com/ |
3 MB 546 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-bootstrap.js
christushealth.edcast.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-main.js
christushealth.edcast.com/ |
444 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
christushealth.edcast.com/i/images/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
eyJrZXkiOiJhbm9ueW1vdXNAY2hyaXN0dXNoZWFsdGgiLCJlbWFpbCI6ImFub255bW91c0BjaHJpc3R1c2hlYWx0aCIsImFub255bW91cyI6dHJ1ZSwiY3VzdG9tIjp7Im9yZyI6ImNocmlzdHVzaGVhbHRoIn19
app.launchdarkly.com/sdk/evalx/59237632cace6509f8df21f1/users/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJrZXkiOiJhbm9ueW1vdXNAY2hyaXN0dXNoZWFsdGgiLCJlbWFpbCI6ImFub255bW91c0BjaHJpc3R1c2hlYWx0aCIsImFub255bW91cyI6dHJ1ZSwiY3VzdG9tIjp7Im9yZyI6ImNocmlzdHVzaGVhbHRoIn19
app.launchdarkly.com/sdk/evalx/59237632cace6509f8df21f1/users/ |
38 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info.json
christushealth.edcast.com/api/users/ |
61 B 494 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info.json
christushealth.edcast.com/api/users/ |
61 B 496 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-api.e9f77430-1.237.1.min.js
js-agent.newrelic.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
860.95a91211-1.237.1.min.js
js-agent.newrelic.com/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-manager.d080e4cc-1.237.1.min.js
js-agent.newrelic.com/ |
1 KB 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.webp
christushealth.edcast.com/i/compressed/images/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timestamp.json
resources.edcast.io/translations/edcast/cds/ |
30 B 542 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timestamp.json
resources.edcast.io/translations/edcast/web/ |
30 B 534 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy-feature-loader.c1052c27-1.237.1.min.js
js-agent.newrelic.com/ |
1 KB 628 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
646.9e7a6b8d-1.237.1.min.js
js-agent.newrelic.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_event-aggregate.4988d952-1.237.1.min.js
js-agent.newrelic.com/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_timing-aggregate.7b2a53ee-1.237.1.min.js
js-agent.newrelic.com/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics-aggregate.b86cefcf-1.237.1.min.js
js-agent.newrelic.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jserrors-aggregate.319b8300-1.237.1.min.js
js-agent.newrelic.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-aggregate.d95c640e-1.237.1.min.js
js-agent.newrelic.com/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session_trace-aggregate.ac30a1f3-1.237.1.min.js
js-agent.newrelic.com/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_action-aggregate.467f8594-1.237.1.min.js
js-agent.newrelic.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spa-aggregate.550eec7b-1.237.1.min.js
js-agent.newrelic.com/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
537d1e3ee8
bam.nr-data.net/1/ |
40 B 415 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
edcast.okta.com/oauth2/v1/ Redirect Chain
|
30 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edcast_translation.csv
christushealth.edcast.com/translations/en/ |
54 KB 18 KB |
XHR
text/csv |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/myprofile/main/ |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/common/main/ |
131 KB 40 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/talentmarketplace/main/ |
9 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/login/main/ |
6 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/cds/20230804065513/common/main/ |
15 KB 6 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/myprofile/main/ |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/common/main/ |
131 KB 40 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/talentmarketplace/main/ |
9 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
resources.edcast.io/translations/edcast/web/20230804065543/login/main/ |
6 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
537d1e3ee8
bam.nr-data.net/events/1/ |
24 B 354 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
us_prod_default_images.json
d2m321vfjedqj8.cloudfront.net/default_images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dist-1691130533915-2090.chunk.js
christushealth.edcast.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-970.css
christushealth.edcast.com/ |
521 B 639 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1691130533915-970.chunk.js
christushealth.edcast.com/ |
1 KB 999 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok6static.oktacdn.com/assets/js/ |
289 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.feb135ed7f21adf41b7543c04f346635.css
ok6static.oktacdn.com/assets/css/sections/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok6static.oktacdn.com/assets/img/ui/indicators/ |
143 KB 144 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok6static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
saml
christus.okta.com/app/christus_edcast_1/exkm2uzeerEmPZdWi0x7/sso/ |
26 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.js
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/js/ |
2 MB 475 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.css
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/css/ |
215 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
ok2static.oktacdn.com/assets/loginpage/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-sheet
christus.okta.com/api/internal/brand/theme/ |
556 B 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs0mp4vqesElszJ890x7
ok2static.oktacdn.com/fs/bco/4/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
ok2static.oktacdn.com/assets/js/mvc/loginpage/ |
204 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs0nbmhxofvIPvHgA0x7
ok2static.oktacdn.com/fs/bco/7/ |
205 KB 206 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
login.okta.com/discovery/ Frame F7E4 |
451 B 955 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_de.json
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/labels/json/ |
103 KB 104 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
country_de.json
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/labels/json/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs0533wxvvRb9Dsyi0x7
ok2static.oktacdn.com/fs/bco/1/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-okta-light-webfont.woff
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/font/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-okta-regular-webfont.woff
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.2/font/ |
21 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
discoveryIframe-88dc7396afa19c320b05.min.js
login.okta.com/lib/ Frame F7E4 |
96 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- d2m321vfjedqj8.cloudfront.net
- URL
- https://d2m321vfjedqj8.cloudfront.net/default_images/us_prod_default_images.json
- Domain
- christushealth.edcast.com
- URL
- https://christushealth.edcast.com/dist-1691130533915-2090.chunk.js
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/jserrors/1/537d1e3ee8?a=656688294&v=1.237.1&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4315&ck=0&s=ad4090732a5c6868&ref=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/events/1/537d1e3ee8?a=656688294&v=1.237.1&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4316&ck=0&s=ad4090732a5c6868&ref=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/jserrors/1/537d1e3ee8?a=656688294&v=1.237.1&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4316&ck=0&s=ad4090732a5c6868&ref=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/events/1/537d1e3ee8?a=656688294&v=1.237.1&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4317&ck=0&s=ad4090732a5c6868&ref=https://christushealth.edcast.com/insights/the-christus-moment-call-to-community-nuestro-llamado-a-l
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| cspNonce object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn object| okta function| runLoginPage object| OktaLogin object| jQBrowser9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app.link/ | Name: _s Value: 8jrC91qLHDXOZyx3gzZ2z18k7umjDRLzNt6K%2FyxTfhCi9PY9DWxmm22N6dZ5k0fw |
|
christushealth.edcast.com/ | Name: _d Value: zHAvDIfs2ag2dCrwIMfHqQ |
|
christushealth.edcast.com/ | Name: _edcast_session Value: 8b734b913510c839cd2d3446a2e5a6b3 |
|
edcast.okta.com/ | Name: JSESSIONID Value: E8EEEBB66FE96E76E7D6EBECFE914827 |
|
edcast.okta.com/ | Name: t Value: sea |
|
edcast.okta.com/ | Name: DT Value: DI1XJyaOiqnSU6jm7zQ5HdqTQ |
|
christus.okta.com/ | Name: t Value: purple |
|
christus.okta.com/ | Name: DT Value: DI15B0oj-nKRvSKxWgyJ7rsCA |
|
christus.okta.com/ | Name: JSESSIONID Value: 999A5A745B4D44972A71E2572F1DA7A6 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' data: ws: blob: wss: https://*.launchdarkly.com https://*.cloudfront.net https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://bam-cell.nr-data.net/ https://bam.nr-data.net/* https://api-iam.intercom.io/ https://www.edcast.me/ https://d.la2-c1cs-ord.salesforceliveagent.com/ https://*.agora.io https://*.agora.io:*/ https://*.agoraio.cn https://*.edcast.io/ https://*.edcast.com/ http://*.soc.edcast.com/ https://api-europe-edcast.io/ https://cdn.filestackcontent.com/ https://*.guideme.io/ https://*.hotjar.com/ https://*.hotjar.io/ https://*.api.osano.com/ https://*.myguide.org/ https://*.s3.amazonaws.com/ https://s3.amazonaws.com/ https://*.s3.us-east-1.amazonaws.com/ https://*.s3-us-east-1.amazonaws.com/ https://*.filestackapi.com/ https://*.company-target.com/ https://*.6sc.co/ https://*.adnxs.com/ https://www.facebook.com https://*.googleapis.com/ https://www.edcastcloud.com/ https://*.clearbit.com/ https://example.com/ https://services.edcast.ai/ https://hlg.tokbox.com/ https://*.opentok.com/ https://api.go1.co/ https://d1iwkfmdo6oqxx.cloudfront.net/organizations/ https://api.unsplash.com/ https://cdn.linkedin.oribi.io/partner/ https://bam.nr-data.net/ https://api2.amplitude.com/2/ https://*.csod.com/ https://*.oracle.com/;script-src 'self' blob: data: ws: wss: 'unsafe-inline' 'unsafe-eval' https://js-agent.newrelic.com/ https://www.googletagmanager.com/ https://bam-cell.nr-data.net/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://snap.licdn.com/li.lms-analytics/ https://editor.unlayer.com/ https://widget.intercom.io/ https://js.intercomcdn.com https://*.guideme.io/ https://cdnjs.cloudflare.com/ https://connect.facebook.net/ https://d2r1yp2w7bby2u.cloudfront.net/js/ https://d1iwkfmdo6oqxx.cloudfront.net/organizations/ https://wzrkt.com/ https://*.my.salesforce.com/ https://*.salesforceliveagent.com/ https://googleads.g.doubleclick.net/ https://www.googleadservices.com/ https://*.clearbitjs.com/ https://*.clearbit.com/ https://*.company-target.com/ https://tag.demandbase.com/ https://*.6sc.co https://*.google.com/ https://cdn.jsdelivr.net/ https://*.my.salesforce.com/ https://embedding.workato.com/r/ https://*.filestackapi.com/ https://*.osano.com/ https://*.hotjar.com/ https://www.youtube.com/ https://*.googleapis.com/ https://christus.okta.com/ https://tag.clearbitscripts.com/ https://cdn.walkme.com/ https://gateway.zscalerthree.net http://*.edcast.com/ https://*.edcast.com/ https://www.pagespeed-mod.com/v1/ https://els-jbs-prod-cdn.jbs.elsevierhealth.com/ https://www.pagespeed-mod.com/ https://*.ckeditor.com/ https://ckeditor.iframe.ly/ https://bam.nr-data.net/ https://*.oracle.com/;style-src 'self' blob: data: ws: wss: 'unsafe-inline' 'unsafe-eval' https://*.googleapis.com/ https://*.guideme.io/ https://*.my.salesforce.com/ https://service.force.com/ https://static.filestackapi.com/ https://*.ckeditor.com/ https://www.googletagmanager.com/ https://*.bootstrapcdn.com/ https://*.edcast.com/ https://lm.facebook.com/ https://*.oracle.com/;font-src 'self' blob: data: ws: wss: https://fonts.gstatic.com/s/ https://*.s3.amazonaws.com/fonts/ https://static3.avast.com/ https://*.guideme.io/ https://use.typekit.net/ https://*.edcast.com/ https://*.oracle.com/;img-src 'self' data: blob: https: http: about: android-webview-video-poster:;media-src blob: https: http:;frame-src 'self' atlassian-companion: data: blob: https:;report-uri /api/v2/csp_reports |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.launchdarkly.com
bam.nr-data.net
bbjst.app.link
christus.okta.com
christushealth.edcast.com
d2m321vfjedqj8.cloudfront.net
edcast.okta.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
login.okta.com
ok2static.oktacdn.com
ok6static.oktacdn.com
resources.edcast.io
bam.nr-data.net
christushealth.edcast.com
d2m321vfjedqj8.cloudfront.net
108.138.36.53
108.138.7.107
151.101.130.217
151.101.66.137
162.247.243.29
18.239.94.29
2600:9000:238d:d800:19:9934:6a80:93a1
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
75.2.87.65
76.223.42.213
99.84.88.126
99.84.88.128
02784eff1f5bc996e537d6ebf067d300d2f6e40c89810e5b8b5224fe39dc505e
04bd30d9b9545be789228927f36c37975e184bf39107592b0d8cf7048e4c4aef
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
312961c3e2abd191b80c96dc095382f8a09226a70ea00dbccc20ee26a67ced59
362334ea318c3797894fe20715a4aa04d56c94ca0853ceeb0898dca803c3d159
3b7bac456341faf5cfe75d68cea1970d202abb481e9dc06e605779ed3a954cbc
3f0184e74bb627ab8e05bdc85d80f82f1a12598851e5fca2eb90e22350277ce9
42539e5bcdac7ed28867ed67689ebadc2ea4ac9535f2213408b72c97925772b8
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
4c9527a5de7763af2d04d9bb62bb11f7576d283301b97332ab9f8031b90b738b
58b6611bacc3189271962e8079875dd1e7bd62e249d0c5f80230ad505a7fef36
59cabae1e505aebe6630e33c0093e0950ad446e0e2dc3bbad04341a72e4822f6
5bbca35e5cb61bfda6cdcd2bccdd1b41bb4e0da2eb1879692e07a5a974abf4aa
61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb
678a2bf8d706b73984d2bab26e19adaebfe92ecbe1eaab8a26f6fa189ff73694
6ca700ebfe9f0981a5a41ae5515d8743e2fc892251ef2f3cc247b5f16a03a6a8
6e8b39650d520ecf5d68a15df29c81d2a49f2fcc3613af0b6f174ab011769735
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
7a9e48e80d52573660e51ce910154a1a21a4a0b9af1a3318d8df2c21fcbe8358
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
bb7b04fe7a146c5260e3f1a82db4c675c3d41f53f0fe4fb7517840cef54f2b0b
ccf6add544df0956a4db5ffeab1cd89d06f63c7f5ec8081b4584d948cdb6604c
e1e44d4c36b5065da95f5c9fba78d36deb4a28e09751ae05aa1675121041af51
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
ea8d801deb6776d5aaf273dfbc42d503fdaaa6f51c8934d0961e3f2a1ba13ceb
f8f61006fda8c142a370e442839a69f4e2166658d1db646990331f4c87365cd2
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace