fordsworth-auth.tcfundportal.co.za Open in urlscan Pro
197.189.212.58  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ut-demo.tcfundportal.co.za/ Page URL
2. https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response ut-demo.tcfundportal.co.za/	2 KB 2 KB	561ms 184ms	Document text/html	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a2519084c3f7894af013679c27c0a23c5c8e32549c62e9aa4668777603b7287b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 04 Jul 2022 16:15:38 GMT ETag W/"62ad9d07-9d0" Last-Modified Sat, 18 Jun 2022 09:38:15 GMT Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	49ms 19ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i,900 Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e862816e75bdf8f23dd307c44dc2c7111a97ce5b2ddfb4e357c8f4a129342d7f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 04 Jul 2022 16:15:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 04 Jul 2022 16:15:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 04 Jul 2022 16:15:38 GMT
GET H/1.1	200 OK	style.css ut-demo.tcfundportal.co.za/assets/fonts/font-icomoon/	24 KB 24 KB	366ms 365ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/assets/fonts/font-icomoon/style.css Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash fe5f750b7f50cc774bbfa5de2869b362c1c7ae0b0a2c15a9d69b34a2d8d4c8c4 Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-6092" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 24722
GET H/1.1	200 OK	font-awesome.min.css ut-demo.tcfundportal.co.za/assets/fonts/font-awesome/css/	30 KB 31 KB	715ms 355ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/assets/fonts/font-awesome/css/font-awesome.min.css Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-791c" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 31004
GET H/1.1	200 OK	style.css ut-demo.tcfundportal.co.za/assets/fonts/font-linearicons/	9 KB 9 KB	542ms 182ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/assets/fonts/font-linearicons/style.css Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 523be2e3e4389da0ccb8d36894f08851a247518d2c480710c0d0ff0f3ede870c Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-22b0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 8880
GET H/1.1	200 OK	feather.css ut-demo.tcfundportal.co.za/assets/fonts/font-feathericons/dist/	13 KB 13 KB	718ms 357ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/assets/fonts/font-feathericons/dist/feather.css Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e8c71590a09344a774a23eaa9c89810732ae9f2cf6646e9fc2fb40c0762b9e5b Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-33c4" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 13252
GET H/1.1	200 OK	env.js Show response ut-demo.tcfundportal.co.za/assets/	1 KB 1 KB	560ms 193ms	Script application/javascript	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/assets/env.js Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 24f3a969728227c4b14796c8ac3de5e3b744892d4cf14430668e69af8322bf12 Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sun, 19 Jun 2022 11:55:26 GMT Server nginx/1.14.0 (Ubuntu) ETag "62af0eae-403" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1027
GET H/1.1	200 OK	styles.a5125b58eb60fdd04b80.css ut-demo.tcfundportal.co.za/	725 KB 726 KB	729ms 364ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/styles.a5125b58eb60fdd04b80.css Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash b6b0e9503e6925d150bf6013b331957b3876ed794504924fdc3ccc0826838761 Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:38 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-b55d5" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 742869
GET H/1.1	200 OK	runtime.2f5a6d8f7a908f4784f4.js Show response ut-demo.tcfundportal.co.za/	2 KB 3 KB	180ms 179ms	Script application/javascript	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/runtime.2f5a6d8f7a908f4784f4.js Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash ef0329aa6c050bf95474ed2aacd4d34b00f399e12cf678466a7738bae81dd4ad Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:39 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-9f4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2548
GET H/1.1	200 OK	polyfills.edb8d99df76fec7764b5.js Show response ut-demo.tcfundportal.co.za/	45 KB 45 KB	182ms 182ms	Script application/javascript	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/polyfills.edb8d99df76fec7764b5.js Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 311735a30e8e3f6390908e6210510e46866e27c864530d4881ca69ca2a515d7b Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:39 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-b3d2" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 46034
GET H/1.1	200 OK	scripts.b961bdb743184a004569.js Show response ut-demo.tcfundportal.co.za/	317 KB 317 KB	186ms 186ms	Script application/javascript	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/scripts.b961bdb743184a004569.js Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash baffa2d700b781e3ca37c3579ab1c1c8f5f94540865535b8dfb8e1c0d032c43f Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:39 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-4f3af" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 324527
GET H/1.1	200 OK	main.331f1c4e3bc38adb71aa.js Show response ut-demo.tcfundportal.co.za/	6 MB 6 MB	182ms 182ms	Script application/javascript	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://ut-demo.tcfundportal.co.za/main.331f1c4e3bc38adb71aa.js Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d6809b9a821b143aba50baac332740864f0c90d139eb870762cc460d5d43a6f5 Request headers accept-language de-DE,de;q=0.9 Referer https://ut-demo.tcfundportal.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:39 GMT Last-Modified Sat, 18 Jun 2022 09:38:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "62ad9d06-6146db" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6375131
GET DATA	200 OK	truncated /	670 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de477e6fe9dda8357344ab43f96ef72a24a24fb379c4c72932d35e9ddaab2a42 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	34ms 8ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ut-demo.tcfundportal.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 29 Jun 2022 19:26:22 GMT x-content-type-options nosniff age 420557 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 Jun 2023 19:26:22 GMT
GET H/1.1	200 OK	Primary Request auth Show response fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/	4 KB 3 KB	763ms 189ms	Document text/html	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Requested by Host: ut-demo.tcfundportal.co.za URL: https://ut-demo.tcfundportal.co.za/main.331f1c4e3bc38adb71aa.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 4bd47324d188ff49b43b00c61e6a8ad7360cfca50d3202b64fba3e6677c9db99 Security Headers Name Value Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ut-demo.tcfundportal.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Language en Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none'; Content-Type text/html;charset=utf-8 Date Mon, 04 Jul 2022 16:15:41 GMT Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Robots-Tag none X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	patternfly.min.css fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/	178 KB 31 KB	374ms 373ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly.min.css Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type text/css;charset=UTF-8 X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff
GET H/1.1	200 OK	patternfly-additions.min.css fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/	220 KB 31 KB	211ms 210ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type text/css;charset=UTF-8 X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff
GET H/1.1	200 OK	zocial.css fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/lib/zocial/	43 KB 22 KB	871ms 506ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/lib/zocial/zocial.css Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type text/css;charset=UTF-8 X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff
GET H/1.1	200 OK	login.css fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/css/	9 KB 3 KB	551ms 183ms	Stylesheet text/css	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/css/login.css Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 955c0aee9b60e86f711fb37b3b068fc716ce17348b041fee257a224743389fef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css;charset=UTF-8 X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Connection keep-alive Content-Length 2323 X-Content-Type-Options nosniff
GET H2	200	logo-blue.png fordsworth.com/images/	10 KB 10 KB	1042ms 228ms	Image image/png	102.130.115.60 Host-Africa-AS
General Check archive.org Show headers Download Go to Show image Full URL https://fordsworth.com/images/logo-blue.png Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/protocol/openid-connect/auth?client_id=front-end-realm&redirect_uri=https%3A%2F%2Fut-demo.tcfundportal.co.za%2F&state=75a46934-973a-40f5-8f36-8e898288a286&response_mode=fragment&response_type=code&scope=openid&nonce=2ad8bd19-a9f7-4f68-9b16-398f72b5752f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 102.130.115.60 Johannesburg, South Africa, ASN328364 (Host-Africa-AS, ZA), Reverse DNS Software Apache / Resource Hash 7a2c4c9adc7bdc94374a3905e155eaae4636af8c7ff027d4043450e62fb7fe5c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 16:15:40 GMT last-modified Thu, 21 Apr 2022 09:03:39 GMT server Apache accept-ranges bytes content-length 9806 content-type image/png
GET H/1.1	200 OK	bg-login.jpg fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/img/	47 KB 47 KB	187ms 187ms	Image image/jpeg	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Show image Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/img/bg-login.jpg Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/jpeg X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive X-Content-Type-Options nosniff
GET H/1.1	200 OK	keycloak-bg.png fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/img/	131 KB 131 KB	185ms 185ms	Image image/png	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Show image Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/img/keycloak-bg.png Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/css/login.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 601b93173d0993425fdf58f8d760711f8e2c090207bfd726a2f145ee42582d32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/png X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive X-Content-Type-Options nosniff
GET H/1.1	200 OK	OpenSans-Light-webfont.woff2 fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/	62 KB 60 KB	190ms 190ms	Font application/octet-stream	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2 Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Origin https://fordsworth-auth.tcfundportal.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type application/octet-stream X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff
GET H/1.1	200 OK	OpenSans-Semibold-webfont.woff2 fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/	62 KB 61 KB	375ms 375ms	Font application/octet-stream	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Semibold-webfont.woff2 Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash dabab8829a3f91d63ed1f8430d439c5dad1d35aca216e69cd842b58d2dac4f9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Origin https://fordsworth-auth.tcfundportal.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:42 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type application/octet-stream X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff
GET H/1.1	200 OK	OpenSans-Regular-webfont.woff2 fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/	61 KB 59 KB	549ms 185ms	Font application/octet-stream	197.189.212.58 xneelo
General Check archive.org Show headers Download Go to Full URL https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2 Requested by Host: fordsworth-auth.tcfundportal.co.za URL: https://fordsworth-auth.tcfundportal.co.za/auth/resources/h1f7v/login/keycloak/node_modules/patternfly/dist/css/patternfly.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 197.189.212.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Origin https://fordsworth-auth.tcfundportal.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 16:15:43 GMT Content-Encoding gzip Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Connection keep-alive Content-Type application/octet-stream X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: b7d2b764-dbbd-45d0-84c5-ca8e6c08739e.0a85144d8232
			fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: b7d2b764-dbbd-45d0-84c5-ca8e6c08739e.0a85144d8232
			fordsworth-auth.tcfundportal.co.za/auth/realms/fordsworth/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkZmQ4YjUyNC1kMTUxLTRkYjItYjA5Yi00ZjVhOWI2NDYyMzAifQ.eyJjaWQiOiJmcm9udC1lbmQtcmVhbG0iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3V0LWRlbW8udGNmdW5kcG9ydGFsLmNvLnphLyIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9mb3Jkc3dvcnRoLWF1dGgudGNmdW5kcG9ydGFsLmNvLnphL2F1dGgvcmVhbG1zL2ZvcmRzd29ydGgiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vdXQtZGVtby50Y2Z1bmRwb3J0YWwuY28uemEvIiwic3RhdGUiOiI3NWE0NjkzNC05NzNhLTQwZjUtOGYzNi04ZTg5ODI4OGEyODYiLCJub25jZSI6IjJhZDhiZDE5LWE5ZjctNGY2OC05YjE2LTM5OGY3MmI1NzUyZiIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.o04ID5cQW7sJ4BZQoG2OBCR3_2ZyNHjNPKlCOA48H1Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fordsworth-auth.tcfundportal.co.za
fordsworth.com
ut-demo.tcfundportal.co.za
102.130.115.60
197.189.212.58
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
24f3a969728227c4b14796c8ac3de5e3b744892d4cf14430668e69af8322bf12
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
311735a30e8e3f6390908e6210510e46866e27c864530d4881ca69ca2a515d7b
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
4bd47324d188ff49b43b00c61e6a8ad7360cfca50d3202b64fba3e6677c9db99
523be2e3e4389da0ccb8d36894f08851a247518d2c480710c0d0ff0f3ede870c
601b93173d0993425fdf58f8d760711f8e2c090207bfd726a2f145ee42582d32
7a2c4c9adc7bdc94374a3905e155eaae4636af8c7ff027d4043450e62fb7fe5c
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
955c0aee9b60e86f711fb37b3b068fc716ce17348b041fee257a224743389fef
a2519084c3f7894af013679c27c0a23c5c8e32549c62e9aa4668777603b7287b
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
b6b0e9503e6925d150bf6013b331957b3876ed794504924fdc3ccc0826838761
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
baffa2d700b781e3ca37c3579ab1c1c8f5f94540865535b8dfb8e1c0d032c43f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d6809b9a821b143aba50baac332740864f0c90d139eb870762cc460d5d43a6f5
dabab8829a3f91d63ed1f8430d439c5dad1d35aca216e69cd842b58d2dac4f9c
de477e6fe9dda8357344ab43f96ef72a24a24fb379c4c72932d35e9ddaab2a42
e862816e75bdf8f23dd307c44dc2c7111a97ce5b2ddfb4e357c8f4a129342d7f
e8c71590a09344a774a23eaa9c89810732ae9f2cf6646e9fc2fb40c0762b9e5b
ef0329aa6c050bf95474ed2aacd4d34b00f399e12cf678466a7738bae81dd4ad
fe5f750b7f50cc774bbfa5de2869b362c1c7ae0b0a2c15a9d69b34a2d8d4c8c4