urlscan.io logo urlscan.io
SecurityTrails logo

app.findings.co Open in urlscan Pro
3.226.62.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.findings.co/site/#e26420d4-d95c-429c-bcfb-48bc9ca64329
Effective URL: https://app.findings.co/?ret=/site/
Submission: On January 16 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 3.226.62.139, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.findings.co.
TLS certificate: Issued by Amazon on September 22nd 2020. Valid for: a year.
This is the only time app.findings.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    3.226.62.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-62-139.compute-1.amazonaws.com
app.findings.co
7    2600:9000:206f:f400:0:432f:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.idrra.com
4    2a02:26f0:6c00::210:ba2a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)
fast.appcues.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:1901:0:2470:: (United States)

ASN15169 (GOOGLE, US)
fullstory.com
1    35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
4    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Domain Requested by
7 static.idrra.com app.findings.co
4 rs.fullstory.com fullstory.com
4 use.typekit.net app.findings.co
use.typekit.net
3 fast.appcues.com static.idrra.com
fast.appcues.com
2 www.google-analytics.com static.idrra.com
www.google-analytics.com
2 app.findings.co 1 redirects
1 edge.fullstory.com app.findings.co
1 fullstory.com 1 redirects
1 p.typekit.net use.typekit.net
23 9

This site contains no links.

Subject Issuer Validity Valid
findings.co
Amazon		 2020-09-22 -
2021-10-24		 a year crt.sh
idrra.com
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
edge.fullstory.com
GTS CA 1D2		 2020-12-26 -
2021-03-26		 3 months crt.sh
*.fullstory.com
Let's Encrypt Authority X3		 2020-11-29 -
2021-02-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.findings.co/?ret=/site/
Frame ID: 788374E6766F8C81FBA260DF870315D4
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app.findings.co/site/ HTTP 302
    https://app.findings.co/?ret=/site/ Page URL

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

4828 kB
Transfer

5332 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.findings.co/site/ HTTP 302
    https://app.findings.co/?ret=/site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://fullstory.com/s/fs.js HTTP 301
  • https://edge.fullstory.com/s/fs.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.findings.co/
Redirect Chain
  • https://app.findings.co/site/
  • https://app.findings.co/?ret=/site/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.62.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-62-139.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4a8352b13d190730f0c5388e8234dc1eb3ae7ed94404c47324c01f23c402237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
app.findings.co
:scheme
https
:path
/?ret=/site/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:46 GMT
content-type
text/html; charset=utf-8
content-length
710
server
Apache
vary
Cookie,Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-encoding
gzip
set-cookie
csrftoken=6YlO1xQLo53auOoz3Y9pxJDyaI7kyYcLVuVTTgbrvqL0okl0TPBg6sXq5Z59IEYV; expires=Sat, 15 Jan 2022 05:41:46 GMT; Max-Age=31449600; Path=/; SameSite=Lax
strict-transport-security
max-age=31536000; includeSubdomains; preload;
x-xss-protection
1; mode=block
x-content-type-options
nosniff

Redirect headers

date
Sat, 16 Jan 2021 05:41:46 GMT
content-type
text/html; charset=utf-8
content-length
0
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload;
location
/?ret=/site/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
GridED.js
static.idrra.com/benchmark/dashboard/treeGrid/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.idrra.com/benchmark/dashboard/treeGrid/GridED.js
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da133fac34ecc18a951241a54d150296a331e9abd9d0e586e83b1be8aacf96ee

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 00:11:51 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 16:15:05 GMT
server
AmazonS3
age
19796
etag
"6381c2b97a2e5993239ab7f2c4a9ad3d"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4793
x-amz-cf-id
VoR9ANHQwpW0kDxaHmLlcwdU0Gwm2i9C4dovbHU4Rh0DlycnSOcKzQ==
xda3apm.css
use.typekit.net/ 		2 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/xda3apm.css
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3640ca06e4c7266452281ca12e48132e9178ac77d55b12c11effae63ba3849fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sat, 16 Jan 2021 05:41:46 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
674
page_loader.gif
static.idrra.com/benchmark/dashboard/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.idrra.com/benchmark/dashboard/page_loader.gif
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990db40fe571183201d22ee138f9499d7014471f8eb41eb45c968960ecaee81

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 04:14:00 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jan 2021 21:25:53 GMT
server
AmazonS3
age
5267
etag
"1d77a5c5ea80beb9c1c82571ee3df239"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4600
x-amz-cf-id
PdK-adbxefFkKNImwmDtXD1FvzIWivQ0IFlKuR00OH3uxq0TM7IRrg==
main.c387c377236bdc09141b.js
static.idrra.com/benchmark/dashboard/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.idrra.com/benchmark/dashboard/main.c387c377236bdc09141b.js
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d42113798c97c37fff3014fbaf34709523b4922e9191ea884f0b9bdc1a053b

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 00:11:51 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jan 2021 21:25:53 GMT
server
AmazonS3
age
19796
etag
"84d0431ea85f1683f77c579129cbf682"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4387107
x-amz-cf-id
nCSiWTy14rt5Iw43f_Q4HTBqrs_VD-UEIBTnY6uGLUCa2gf4NNrPHQ==
p.css
p.typekit.net/ 		5 B
149 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=xda3apm&ht=tk&f=29005.29010.29012&a=31958645&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/xda3apm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/xda3apm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:46 GMT
last-modified
Tue, 01 Sep 2020 23:51:26 GMT
server
nginx
etag
"5f4ede7e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
c8b6e083af3f94009801989c3739425e.ttf
static.idrra.com/benchmark/dashboard/ 		237 KB
238 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.idrra.com/benchmark/dashboard/c8b6e083af3f94009801989c3739425e.ttf
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53

Request headers

Origin
https://app.findings.co
Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 16:37:35 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
vary
Origin
age
47053
x-cache
Hit from cloudfront
content-length
243180
last-modified
Fri, 15 Jan 2021 09:25:24 GMT
server
AmazonS3
etag
"c8b6e083af3f94009801989c3739425e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
QNgXyxs7QtOwliPYh8WL421zenETlaKfAHV0lRjqhyXdSFwsf0Lk6w==
6ec2abd0db2ebc1fd2d96a8575a18a26.png
static.idrra.com/benchmark/dashboard/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.idrra.com/benchmark/dashboard/6ec2abd0db2ebc1fd2d96a8575a18a26.png
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a226b41b24b0418f71d1268cb88ccc12adac0a87870c43b000ba3f029b2f16ff

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 07:39:39 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 16:14:55 GMT
server
AmazonS3
age
79329
etag
"6ec2abd0db2ebc1fd2d96a8575a18a26"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
5133
x-amz-cf-id
trpaDl_0gH9KGZQ-f9t0595VHOJpD_kMpISYxnDjlM3fIh7p5RPrUg==
l
use.typekit.net/af/0a3b88/00000000000000003b9adf46/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0a3b88/00000000000000003b9adf46/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/xda3apm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9de9a52027862a375187a0b740406c4cefafeffc011f83e4c82cabba92f032c7

Request headers

Origin
https://app.findings.co
Referer
https://use.typekit.net/xda3apm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
server
nginx
etag
"e93f0fe7baf7b6939e07597d5afa87eec40d02ea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
22444
l
use.typekit.net/af/6d9c84/00000000000000003b9adf41/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6d9c84/00000000000000003b9adf41/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/xda3apm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
449f0f420513fdfdf734e6a8698c9608031d7eb7b6272502037ad727874a6ab7

Request headers

Origin
https://app.findings.co
Referer
https://use.typekit.net/xda3apm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
server
nginx
etag
"51110cd670a8d43d05a4fc16edea219ed11f2eea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
22300
f1610b3aaae819213229405d5fa7adf1.ttf
static.idrra.com/benchmark/dashboard/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.idrra.com/benchmark/dashboard/f1610b3aaae819213229405d5fa7adf1.ttf
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aae4697e0b8ecaa50a72c34a16a4061a63ee5b96395bd05c72da0604b0a2330

Request headers

Origin
https://app.findings.co
Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 16:37:35 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
vary
Origin
age
47053
x-cache
Hit from cloudfront
content-length
17468
last-modified
Fri, 15 Jan 2021 09:25:25 GMT
server
AmazonS3
etag
"f1610b3aaae819213229405d5fa7adf1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
scWA4seIzoLRsPMgFfvCVkKkq8AsVdTwza_452UxfbCLttgEbd_bLw==
l
use.typekit.net/af/c43ad3/00000000000000003b9adf48/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c43ad3/00000000000000003b9adf48/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/xda3apm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b00ab3bb9da00083d35f01946a6013e3dca3dc19bd358225a3af4128f57a9a04

Request headers

Origin
https://app.findings.co
Referer
https://use.typekit.net/xda3apm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
server
nginx
etag
"3d1b4b7ccedb828922d6b4c75e0b2666c74eca59"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
22132
49828.js
fast.appcues.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/49828.js
Requested by
Host: static.idrra.com
URL: https://static.idrra.com/benchmark/dashboard/main.c387c377236bdc09141b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
140bfd75d9fc3be8adcdbf700bf305d578243bf3d1106065b4946229e0b76c61

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
4257
x-request-id
Flqf-NRv5dKXR-kEnG7h
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
server
Cowboy
x-timer
S1610775707.214272,VS0,VE674
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 varnish
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static.idrra.com
URL: https://static.idrra.com/benchmark/dashboard/main.c387c377236bdc09141b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1335
date
Sat, 16 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 16 Jan 2021 07:19:32 GMT
fs.js
edge.fullstory.com/s/
Redirect Chain
  • https://fullstory.com/s/fs.js
  • https://edge.fullstory.com/s/fs.js
200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
33eee65eb2089a8564016e30b41cfe959f9cf50016c4f4bdc1b17e1268c24fa8

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:34:47 GMT
content-encoding
gzip
age
420
x-guploader-uploadid
ABg5-Uz5XE34E5UNd1gX2fSMT5G6Dng1wvLoMCnVW_tLsa5sc4YZKP4PIhUcKDvtlZmgdbdJUcWPtS-QcVmOMWfk3_Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
61604
last-modified
Thu, 07 Jan 2021 15:53:32 GMT
server
UploadServer
etag
"88528feb21b4f41e4b96fd571c64e491"
x-goog-hash
crc32c=mjiUMA==, md5=iFKP6yG09B5Llv1XHGTkkQ==
x-goog-generation
1610034812761924
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
61604
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 16 Jan 2021 05:44:47 GMT

Redirect headers

date
Sat, 09 Jan 2021 23:14:45 GMT
via
1.1 google
alt-svc
clear
age
541622
strict-transport-security
max-age=63072000
location
https://edge.fullstory.com/s/fs.js
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-origin
*
content-length
0
53a6ae621278cd3fe4acee3b0880ae6a.png
static.idrra.com/benchmark/dashboard/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.idrra.com/benchmark/dashboard/53a6ae621278cd3fe4acee3b0880ae6a.png
Requested by
Host: app.findings.co
URL: https://app.findings.co/?ret=/site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:0:432f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa66de3e77651b220a399d36f8a8a6d262eac6093d30112671a4203d301d1b61

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 07:39:42 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 16:14:55 GMT
server
AmazonS3
age
79326
etag
"53a6ae621278cd3fe4acee3b0880ae6a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2260
x-amz-cf-id
GBHSC_OzqVcW0WQNBAbr1MjRlR8z1K_Nz95pKTl-Ctidk2bXaIai2A==
collect
www.google-analytics.com/j/ 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1464504951&t=pageview&_s=1&dl=https%3A%2F%2Fapp.findings.co%2F%3Fret%3D%2Fsite%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=892424574&gjid=1486414965&cid=889579172.1610775707&tid=UA-96610486-1&_gid=1501607188.1610775707&_r=1&_slc=1&z=1658838165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Jan 2021 05:41:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.findings.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
rs.fullstory.com/rec/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6bbafff54b59ba74ba57bbbb47eda89636165a1e01d220288e55b9ab073dc900

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.findings.co
access-control-allow-credentials
true
alt-svc
clear
content-length
1151
via
1.1 google
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=6J5S7&UserId=5890945453506560&SessionId=5318805368979456&PageId=5216373125267456&Seq=1&PageStart=1610775707463&PrevBundleTime=0&LastActivity=411&IsNewSession=true
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e02dd2b36d9e703df4be9963aaced63cf95f4164a08f069432c3215423c98b0c

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.findings.co
date
Sat, 16 Jan 2021 05:41:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
appcues.main.1f4f2e77c9f6af13c76d1e1c4f3d84fb468879ab.js
fast.appcues.com/generic/main/4.24.5/ 		426 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.24.5/appcues.main.1f4f2e77c9f6af13c76d1e1c4f3d84fb468879ab.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/49828.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fedfc495499fbcffc4ad3d80bb46812a188963d014534e791876659ba28a738

Request headers

Origin
https://app.findings.co
Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
content-encoding
gzip
age
365384
via
1.1 varnish
x-cache
HIT
content-length
110881
x-amz-id-2
W3qj5gZKowuINAAjnKHWFPDCnMh4CI0u8uv/96f0G7vYxM3s2C/dU5jbCLLiAKZAFnCprDPbybk=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Wed, 06 Jan 2021 17:24:26 GMT
server
AmazonS3
x-timer
S1610775708.910318,VS0,VE0
etag
"3c19eae9f496566589a1d9e18221472f"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
AZ5P3VDXFZ6HES2R
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
8132
container.1f4f2e77c9f6af13c76d1e1c4f3d84fb468879ab.css
fast.appcues.com/generic/main/4.24.5/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.24.5/container.1f4f2e77c9f6af13c76d1e1c4f3d84fb468879ab.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.24.5/appcues.main.1f4f2e77c9f6af13c76d1e1c4f3d84fb468879ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abdb0a6f61e90397c98cdd5c2bd2e32da1177dfe62c7cd51bf5637c49169b4f1

Request headers

Origin
https://app.findings.co
Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 05:41:47 GMT
content-encoding
gzip
age
365381
via
1.1 varnish
x-cache
HIT
content-length
2021
x-amz-id-2
v9UDHMEoylj6v+nQPx8BHCQsCfIC+uKSsTG8J/1WG+UZQJ8ifRp4Y7wQf4/5GcK4drfuOiDViCM=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Wed, 06 Jan 2021 17:24:26 GMT
server
AmazonS3
x-timer
S1610775708.966591,VS0,VE0
etag
"c8588d8418b8d6fe6746298ceb9870b2"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
8CF1831AC71465DD
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
text/css; charset=utf-8;
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
8433
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=6J5S7&UserId=5890945453506560&SessionId=5318805368979456&PageId=5216373125267456&Seq=2&PageStart=1610775707463&PrevBundleTime=1610775708129&LastActivity=4865&IsNewSession=true
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
64f19da5dbf0fe607603415a23e87b61db19fe5b60a5824b1c44ab2c7e1dfc1a

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.findings.co
date
Sat, 16 Jan 2021 05:41:52 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=6J5S7&UserId=5890945453506560&SessionId=5318805368979456&PageId=5216373125267456&Seq=3&PageStart=1610775707463&PrevBundleTime=1610775712795&LastActivity=9865&IsNewSession=true
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9a49d0c81c68a0429ebad92aa70476561626128cb8ef0cace842c6ae3b922655

Request headers

Referer
https://app.findings.co/?ret=/site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.findings.co
date
Sat, 16 Jan 2021 05:41:57 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| TGGrids function| TGTCalc object| TGDefNames function| TGTreeGrid function| TreeGrid function| TGPrintTreeGrid function| PrintTreeGrid function| TGStartTreeGrid function| StartTreeGrid function| TGSetEvent function| SetEvent function| TGAddEvent function| AddEvent function| TGDelEvent function| DelEvent function| TGGetEvent function| TGGetGrids function| GetGrids function| TGAddGanttUnits function| AddGanttUnits object| Grids function| TCalc function| TGLoadGridE function| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Pusher object| scCGSHMRCache function| _ string| GoogleAnalyticsObject function| ga boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| _fs_loaded function| _fs_shutdown object| AppcuesBundleSettings object| Appcues

5 Cookies

Domain/Path Name / Value
.findings.co/ Name: fs_uid
Value: rs.fullstory.com#6J5S7#5890945453506560:5318805368979456/1642311707
.findings.co/ Name: _gat
Value: 1
.findings.co/ Name: _gid
Value: GA1.2.1501607188.1610775707
.findings.co/ Name: _ga
Value: GA1.2.889579172.1610775707
app.findings.co/ Name: csrftoken
Value: 6YlO1xQLo53auOoz3Y9pxJDyaI7kyYcLVuVTTgbrvqL0okl0TPBg6sXq5Z59IEYV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.findings.co
edge.fullstory.com
fast.appcues.com
fullstory.com
p.typekit.net
rs.fullstory.com
static.idrra.com
use.typekit.net
www.google-analytics.com
2600:1901:0:2470::
2600:9000:206f:f400:0:432f:3100:93a1
2a00:1450:4001:808::200e
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a04:4e42:1b::622
3.226.62.139
35.186.194.58
35.201.112.186
140bfd75d9fc3be8adcdbf700bf305d578243bf3d1106065b4946229e0b76c61
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31d42113798c97c37fff3014fbaf34709523b4922e9191ea884f0b9bdc1a053b
33eee65eb2089a8564016e30b41cfe959f9cf50016c4f4bdc1b17e1268c24fa8
3640ca06e4c7266452281ca12e48132e9178ac77d55b12c11effae63ba3849fa
421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53
449f0f420513fdfdf734e6a8698c9608031d7eb7b6272502037ad727874a6ab7
4a8352b13d190730f0c5388e8234dc1eb3ae7ed94404c47324c01f23c402237d
64f19da5dbf0fe607603415a23e87b61db19fe5b60a5824b1c44ab2c7e1dfc1a
6990db40fe571183201d22ee138f9499d7014471f8eb41eb45c968960ecaee81
6bbafff54b59ba74ba57bbbb47eda89636165a1e01d220288e55b9ab073dc900
6fedfc495499fbcffc4ad3d80bb46812a188963d014534e791876659ba28a738
9a49d0c81c68a0429ebad92aa70476561626128cb8ef0cace842c6ae3b922655
9aae4697e0b8ecaa50a72c34a16a4061a63ee5b96395bd05c72da0604b0a2330
9de9a52027862a375187a0b740406c4cefafeffc011f83e4c82cabba92f032c7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a226b41b24b0418f71d1268cb88ccc12adac0a87870c43b000ba3f029b2f16ff
abdb0a6f61e90397c98cdd5c2bd2e32da1177dfe62c7cd51bf5637c49169b4f1
b00ab3bb9da00083d35f01946a6013e3dca3dc19bd358225a3af4128f57a9a04
da133fac34ecc18a951241a54d150296a331e9abd9d0e586e83b1be8aacf96ee
e02dd2b36d9e703df4be9963aaced63cf95f4164a08f069432c3215423c98b0c
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fa66de3e77651b220a399d36f8a8a6d262eac6093d30112671a4203d301d1b61