urlscan.io logo urlscan.io
SecurityTrails logo

sso.mediafly.com Open in urlscan Pro
34.233.114.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bioproductionondemand.com/
Effective URL: https://sso.mediafly.com/HybridSSO
Submission: On April 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 34.233.114.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sso.mediafly.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 10th 2020. Valid for: 2 years.
This is the only time sso.mediafly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.169.216.17 26496 (AS-26496-...)
1 7 108.138.7.123 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 52.222.236.48 16509 (AMAZON-02)
2 4 34.233.114.188 14618 (AMAZON-AES)
2 52.222.250.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.32.99.108 16509 (AMAZON-02)
30 10
1    192.169.216.17 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-192-169-216-17.ip.secureserver.net
www.bioproductionondemand.com
7    108.138.7.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-123.fra56.r.cloudfront.net
viewer.mediafly.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    52.222.236.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-48.fra56.r.cloudfront.net
login.mediafly.com
4    34.233.114.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-114-188.compute-1.amazonaws.com
sso.mediafly.com
2    52.222.250.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-111.fra60.r.cloudfront.net
d24vzrffmnq0aw.cloudfront.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    13.32.99.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-108.fra60.r.cloudfront.net
doqzh3gg3lhpb.cloudfront.net
Apex Domain
Subdomains		 Transfer
18 mediafly.com
viewer.mediafly.com — Cisco Umbrella Rank: 530145
login.mediafly.com
sso.mediafly.com
3 MB
4 cloudfront.net
d24vzrffmnq0aw.cloudfront.net
doqzh3gg3lhpb.cloudfront.net
377 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
ajax.googleapis.com — Cisco Umbrella Rank: 270
93 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 91
118 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2868
8 KB
1 bioproductionondemand.com
www.bioproductionondemand.com
516 B
30 6
Domain Requested by
7 login.mediafly.com viewer.mediafly.com
login.mediafly.com
7 viewer.mediafly.com 1 redirects viewer.mediafly.com
4 sso.mediafly.com 2 redirects login.mediafly.com
sso.mediafly.com
3 apis.google.com viewer.mediafly.com
apis.google.com
2 doqzh3gg3lhpb.cloudfront.net sso.mediafly.com
2 d24vzrffmnq0aw.cloudfront.net sso.mediafly.com
2 fonts.googleapis.com viewer.mediafly.com
sso.mediafly.com
1 netdna.bootstrapcdn.com sso.mediafly.com
1 ajax.googleapis.com sso.mediafly.com
1 www.bioproductionondemand.com 1 redirects
30 10

This site contains no links.

Subject Issuer Validity Valid
*.mediafly.com
Go Daddy Secure Certificate Authority - G2		 2020-08-10 -
2022-10-09		 2 years crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.mediafly.com/HybridSSO
Frame ID: 74F22987EAD7B0CDA638BE5F5DD89F89
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.bioproductionondemand.com/ HTTP 302
    https://viewer.mediafly.com/thermofisher Page URL
  2. https://viewer.mediafly.com/thermofisher/redirect/login?url=https%3A%2F%2Fviewer.mediafly.com%2Fthermofi... HTTP 302
    https://login.mediafly.com/thermofisher Page URL
  3. https://sso.mediafly.com/entry?relayState=%2F4rINrwh8sz2OHpz9%2BZxA7UMrGzgT%2BKfvW3AVPTLJ4gY14Fo5AY%2... HTTP 302
    https://sso.mediafly.com/saml/establish?returnUrl=https%3A%2F%2Flogin.mediafly.com%2Fthermofisher%2Fr... HTTP 302
    https://sso.mediafly.com/HybridSSO Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

87 %
HTTPS

40 %
IPv6

6
Domains

10
Subdomains

10
IPs

2
Countries

4037 kB
Transfer

15256 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bioproductionondemand.com/ HTTP 302
    https://viewer.mediafly.com/thermofisher Page URL
  2. https://viewer.mediafly.com/thermofisher/redirect/login?url=https%3A%2F%2Fviewer.mediafly.com%2Fthermofisher%23%2Flogin HTTP 302
    https://login.mediafly.com/thermofisher Page URL
  3. https://sso.mediafly.com/entry?relayState=%2F4rINrwh8sz2OHpz9%2BZxA7UMrGzgT%2BKfvW3AVPTLJ4gY14Fo5AY%2F6ZNElDCFSXn2pCHzuQik1oNjE%2BrbfXaP3tPXedqhNxa8FaQNCVEWel%2FGws6VI9%2FvhqhRO32Ho6HTXk7wKgWeNwUgMfAxcY6S0w%3D%3D&returnUrl=https%3A%2F%2Flogin.mediafly.com%2Fthermofisher%2Fredirect%3Furl%3Dhttps%253A%252F%252Flogin.mediafly.com%252Fthermofisher%2523%252Flogin%253FreturnUrl%253Dhttps%253A%25252F%25252Fviewer.mediafly.com%25252Fthermofisher%252523%25252Flogin HTTP 302
    https://sso.mediafly.com/saml/establish?returnUrl=https%3A%2F%2Flogin.mediafly.com%2Fthermofisher%2Fredirect%3Furl%3Dhttps%253A%252F%252Flogin.mediafly.com%252Fthermofisher%2523%252Flogin%253FreturnUrl%253Dhttps%253A%25252F%25252Fviewer.mediafly.com%25252Fthermofisher%252523%25252Flogin HTTP 302
    https://sso.mediafly.com/HybridSSO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.bioproductionondemand.com/ HTTP 302
  • https://viewer.mediafly.com/thermofisher
Request Chain 14
  • https://viewer.mediafly.com/thermofisher/redirect/login?url=https%3A%2F%2Fviewer.mediafly.com%2Fthermofisher%23%2Flogin HTTP 302
  • https://login.mediafly.com/thermofisher

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
thermofisher
viewer.mediafly.com/
Redirect Chain
  • http://www.bioproductionondemand.com/
  • https://viewer.mediafly.com/thermofisher
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
8cc8d33c2afac0d8c2b75a4beb32c353a010e5e38613e612b3829e70d7e3d9a6
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3600
content-length
1485
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
text/html
date
Thu, 28 Apr 2022 18:52:09 GMT
etag
"8cafdc28df5ad81:0"
last-modified
Thu, 28 Apr 2022 09:05:51 GMT
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-id
Oe0JrMMJ2eIZAVyooZZXns5eA8vi0sRbyCZuaEWVyzlX7RjzJ1dk0g==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Apr 2022 18:52:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://viewer.mediafly.com/thermofisher#/login
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.38
X-Powered-By
PHP/5.6.38
styles.39e7722e740c3bdb08c0.min.css
viewer.mediafly.com/ 		612 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/styles.39e7722e740c3bdb08c0.min.css
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
3ee8554f71d996ace4f8601073f1746805bcc15ad70377bb652ba59730f6766e
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 12:37:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281683
x-cache
Hit from cloudfront
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 12:36:38 GMT
etag
W/"b764bb1ba158d81:0"
vary
Accept-Encoding
content-type
text/css
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
cache-control
max-age=3600
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
yJPcYWO7XTs_lBuAwhbCPblTI-6C3F1Y4KJW2jtqhgeLVA8cJA7RPw==
client.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
835b4f8f9fa87cacc42c6d2fd1ce2a79e851330dee301c0380890a26cf27006a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5543
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 28 Apr 2022 18:52:09 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"36f6388f2bfe0a40"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 18:52:09 GMT
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5541
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 28 Apr 2022 18:52:09 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"d9fb14b7bd505434"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 18:52:09 GMT
vendors~bundle.516a6dae14f4f02defe0.min.js
viewer.mediafly.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/vendors~bundle.516a6dae14f4f02defe0.min.js
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
49900690325f071f647ef89b6c53946fca493fc7c614e5e85e79387a5177903a
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 12:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281682
x-cache
Hit from cloudfront
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 12:36:39 GMT
etag
W/"b1cca1ca158d81:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
cache-control
max-age=3600
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
FEkxwBE565XCL_sOnf955bzpB6WwWSWo8w2Lh8yux1AfHnE320YXNg==
bundle.fd6aaf68b50de9807798.min.js
viewer.mediafly.com/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/bundle.fd6aaf68b50de9807798.min.js
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
d1d747efcc66377bf2537134c47c397bd1e5f0b3b3ed5e30b57df729e41d862e
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 12:37:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281683
x-cache
Hit from cloudfront
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 12:36:45 GMT
etag
W/"8b74ca1fa158d81:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
cache-control
max-age=3600
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
-_o_P27O4eBMvftd9ZPcmb1XWOl0q8jTy7QKuNt1oUz89rp9kwPbLQ==
css
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/styles.39e7722e740c3bdb08c0.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 18:52:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Apr 2022 18:52:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Apr 2022 18:52:09 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		313 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 18:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108245
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Apr 2023 18:23:23 GMT
48f9ef44-673b-432a-b914-c609ba658e96
https://viewer.mediafly.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://viewer.mediafly.com/48f9ef44-673b-432a-b914-c609ba658e96
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
9425cc24-f5ff-4ab3-8dec-1c64fa142a98
https://viewer.mediafly.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://viewer.mediafly.com/9425cc24-f5ff-4ab3-8dec-1c64fa142a98
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
54d47b83-8aaa-4791-8e70-640e1eb87c7e
https://viewer.mediafly.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://viewer.mediafly.com/54d47b83-8aaa-4791-8e70-640e1eb87c7e
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/thermofisher
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
contentsource
viewer.mediafly.com/api/ 		127 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/api/contentsource
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/vendors~bundle.516a6dae14f4f02defe0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://viewer.mediafly.com/thermofisher
mcode
thermofisher
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 18:52:10 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Error from cloudfront
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
cache-control
private
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
application/json; charset=utf-8
content-length
127
x-xss-protection
1; mode=block
x-amz-cf-id
Mvjnf0v9CzyG5K89pmNc-U86IAd_evchpitJHWsaW_dCtVvpkZR77A==
poppins-v9-latin-500.woff2
viewer.mediafly.com/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://viewer.mediafly.com/fonts/poppins-v9-latin-500.woff2
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/styles.39e7722e740c3bdb08c0.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-123.fra56.r.cloudfront.net
Software
/
Resource Hash
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viewer.mediafly.com/styles.39e7722e740c3bdb08c0.min.css
Origin
https://viewer.mediafly.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 08:33:12 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
987538
x-cache
Hit from cloudfront
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
content-length
7960
x-xss-protection
1; mode=block
last-modified
Fri, 15 Apr 2022 09:07:59 GMT
etag
"69f0764da850d81:0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/font-woff2
cache-control
max-age=3600
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-amz-cf-id
4tNS87fFSHqTnqVAbJhQ2knRsougQEwtz82J57uSrxylJw0hHGZU1g==
login
viewer.mediafly.com/thermofisher/redirect/ 		0
0
thermofisher
login.mediafly.com/
Redirect Chain
  • https://viewer.mediafly.com/thermofisher/redirect/login?url=https%3A%2F%2Fviewer.mediafly.com%2Fthermofisher%23%2Flogin
  • https://login.mediafly.com/thermofisher
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/thermofisher
Requested by
Host: viewer.mediafly.com
URL: https://viewer.mediafly.com/bundle.fd6aaf68b50de9807798.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
36be0690271b03dc44c76437127db4654dbb98445b10516fce715bf507117e4a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viewer.mediafly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1096
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
text/html
date
Thu, 28 Apr 2022 18:52:11 GMT
last-modified
Tue, 12 Apr 2022 15:16:40 GMT
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
server
Kestrel
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-id
Wg2uV9MBHZrhjMsZ6Qmt1BVtG19vePzPJnvoreF-AwmmHRV3Czcd_w==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
233
content-security-policy
default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
text/html; charset=utf-8
date
Thu, 28 Apr 2022 18:52:11 GMT
location
https://login.mediafly.com/thermofisher#/login?returnUrl=https%3a%2f%2fviewer.mediafly.com%2fthermofisher%23%2flogin
p3p
CP="NON ONL UNI COM NAV INT STA CURa OUR IND"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-id
7h2f8dh40GevRpr_wjx-2A7Su5pG3GK2RNT4Ce0Qiv0Nz2BiWYXw4A==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles.65c45c9b7ff582c32c59.min.css
login.mediafly.com/ 		140 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/styles.65c45c9b7ff582c32c59.min.css
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
6f261f170318aa851d577f604a12c045b93ff0fdd9bb8ca3e8c544a11772df84
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394803
x-cache
Hit from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 15:16:40 GMT
server
Kestrel
x-frame-options
DENY
etag
W/"1d84e804f40cd24"
vary
Accept-Encoding
content-type
text/css
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
cXijIJztiUtrYQBIyPg8sDHRJW_Rrcch7SpFtzH0G2Z-Ic2X7-qRdA==
vendors~bundle.c15b1162a79f2b4e75ce.min.js
login.mediafly.com/ 		1 MB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/vendors~bundle.c15b1162a79f2b4e75ce.min.js
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
37119ce885eeda90eb2f07ec56b8b53ada23398d7cf16be96ced3fef3afb4bca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394803
x-cache
Hit from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 15:16:40 GMT
server
Kestrel
x-frame-options
DENY
etag
W/"1d84e804f537250"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
HDvVsqJTL9Fgk4Dd97a3egsy7NAWSbQRui1dy4k7cDQaQOX-K5NRIA==
bundle.b95cb0f40c9cbed5789f.min.js
login.mediafly.com/ 		204 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/bundle.b95cb0f40c9cbed5789f.min.js
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/thermofisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
ae433cafdd228640febe6c81be5ff33d8e892ed8f5b24e2669a4471e76b5f8d7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.mediafly.com/thermofisher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394803
x-cache
Hit from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 15:16:40 GMT
server
Kestrel
x-frame-options
DENY
etag
W/"1d84e804f41d207"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ndG-OQj1ybnGgqEY7ECGi5QQfdLbS9LCpMFdvP0mVUd5T8mQPusmEQ==
initialization
login.mediafly.com/api/ 		20 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/api/initialization
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/vendors~bundle.c15b1162a79f2b4e75ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
61ac5857feb130a1dc475db36bbe21604fddf30024110bb2bea9d8b23e8b1b44
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.mediafly.com/thermofisher
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 18:52:12 GMT
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-frame-options
DENY
x-cache
Miss from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
cache-control
no-store,no-cache
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
application/json; charset=utf-8
x-amz-cf-id
vq_0EEDKxdcoUYyPnL3h_ood0KPD5GzLe1XGTBzPdTruag97umPKtA==
x-xss-protection
1; mode=block
product
login.mediafly.com/api/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/api/product
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/vendors~bundle.c15b1162a79f2b4e75ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
940b4bc5c8330c880d47a27ae0bfb62264349fbbe7b176c2a9b237c8f7706a1c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.mediafly.com/thermofisher
X-XSRF-TOKEN
CfDJ8OHjzNGZmVVJkBZIAOhjiviixY5oNZQ-SamuLB_Ulk_Q6TSAC_POn0Nfi-3oxNWkBxTCYcmqUq86TmnaqahpEcSDpQiwvDPjtZnE69oULEf-ikwXhbDci7cnDvKRRgsBzBBFse7ir1RGGayCNtYCE0o
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 18:52:12 GMT
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-frame-options
DENY
x-cache
Miss from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
cache-control
no-store,no-cache
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
application/json; charset=utf-8
x-amz-cf-id
k_EMCJUqydaTh82BvlcXsk7sxlsvbnRj8f60H_f5jw-Ac_5hQo3dOg==
x-xss-protection
1; mode=block
accounts
login.mediafly.com/api/ 		0
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.mediafly.com/api/accounts
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/vendors~bundle.c15b1162a79f2b4e75ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-48.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.mediafly.com/thermofisher
X-XSRF-TOKEN
CfDJ8OHjzNGZmVVJkBZIAOhjiviixY5oNZQ-SamuLB_Ulk_Q6TSAC_POn0Nfi-3oxNWkBxTCYcmqUq86TmnaqahpEcSDpQiwvDPjtZnE69oULEf-ikwXhbDci7cnDvKRRgsBzBBFse7ir1RGGayCNtYCE0o
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 18:52:13 GMT
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-frame-options
DENY
x-cache
Error from cloudfront
p3p
CP=&quot;NON ONL UNI COM NAV INT STA CURa OUR IND&quot;
cache-control
no-store,no-cache
content-security-policy
default-src 'none'; child-src 'none'; connect-src 'self'; frame-src *; font-src data: 'self' fonts.googleapis.com fonts.gstatic.com; img-src data: 'self' *.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
content-type
application/json; charset=utf-8
x-amz-cf-id
IoLv1FLWeWubTEXPk8IF2vU9Dj4m18_-MGY9SQ2mGyFJLE4IwBPQ5Q==
x-xss-protection
1; mode=block
Primary Request HybridSSO
sso.mediafly.com/
Redirect Chain
  • https://sso.mediafly.com/entry?relayState=%2F4rINrwh8sz2OHpz9%2BZxA7UMrGzgT%2BKfvW3AVPTLJ4gY14Fo5AY%2F6ZNElDCFSXn2pCHzuQik1oNjE%2BrbfXaP3tPXedqhNxa8FaQNCVEWel%2FGws6VI9%2FvhqhRO32Ho6HTXk7wKgWeNwUgM...
  • https://sso.mediafly.com/saml/establish?returnUrl=https%3A%2F%2Flogin.mediafly.com%2Fthermofisher%2Fredirect%3Furl%3Dhttps%253A%252F%252Flogin.mediafly.com%252Fthermofisher%2523%252Flogin%253Fretur...
  • https://sso.mediafly.com/HybridSSO
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.mediafly.com/HybridSSO
Requested by
Host: login.mediafly.com
URL: https://login.mediafly.com/bundle.b95cb0f40c9cbed5789f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.114.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-114-188.compute-1.amazonaws.com
Software
/
Resource Hash
6ab699e6aa59bcff7ab945b79ca4856b4cd5633c44fdca53ba66fc6920f5e67e

Request headers

Referer
https://login.mediafly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Apr 2022 18:52:13 GMT
vary
Accept-Encoding
x-correlation-id
sso-df09cf98ab934596b9d6a9d36e583a3d
x-request-id
80001d42-0000-f500-b63f-84710c7967bb

Redirect headers

date
Thu, 28 Apr 2022 18:52:13 GMT
location
https://sso.mediafly.com/HybridSSO
x-correlation-id
sso-d106a7e3e4e04ad3bd5446d1539cece1
x-request-id
80005f89-0000-f400-b63f-84710c7967bb
css
fonts.googleapis.com/ 		10 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 17:41:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Apr 2022 18:52:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Apr 2022 18:52:13 GMT
mediafly-bootstrap.min.css
d24vzrffmnq0aw.cloudfront.net/deviceapi/styles/ 		116 KB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d24vzrffmnq0aw.cloudfront.net/deviceapi/styles/mediafly-bootstrap.min.css
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47e9b2cfa93d3f2895a9953378a5c7b5c7a34826d72b517a3191741f21bae17e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 07:16:56 GMT
Via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Apr 2016 17:21:02 GMT
Server
AmazonS3
Age
41718
ETag
"ad8499aa6242de57228151c75ecf3051"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
118595
X-Amz-Cf-Id
6hNQeRNhXmBtEfmswxz6ym6enqJmaVc655krxqq-O6gUqlQ5lm8YRA==
sso.css
d24vzrffmnq0aw.cloudfront.net/deviceapi/styles/ 		42 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d24vzrffmnq0aw.cloudfront.net/deviceapi/styles/sso.css
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fa6b779d5f6f3cde351f02d8efc4b3e763c6c25799309e233bed7c70c45978b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:45:21 GMT
Via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 May 2021 13:54:52 GMT
Server
AmazonS3
Age
43613
ETag
"ec977b1f30c24b3cab4a324091aaa48d"
x-amz-meta-sha256
68e1eaaa7d21e1aeb30692fa2b8ef56536ad0808d3f7425d531a46a791bf1b64
Content-Type
text/css
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Length
42539
X-Amz-Cf-Id
zXvOIsAM12nK1bVZHGUVx62b0ccUohlW_Oa28gOTLjczF6yhJFx6xA==
x-amz-meta-s3b-last-modified
20210517T135443Z
main.css
sso.mediafly.com/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.mediafly.com/styles/main.css?v=4
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.114.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-114-188.compute-1.amazonaws.com
Software
/
Resource Hash
df11d1e8b7cd3deb6954380e8dda511eb79a607157cf6ade726f7d519786e52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/HybridSSO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 18:52:13 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 09:06:05 GMT
etag
"1d85adf30c73468"
vary
Accept-Encoding
content-type
text/css
x-correlation-id
sso-05a6c34951d14e60bd5d93d06c36e152
accept-ranges
bytes
x-request-id
800011d6-0000-f200-b63f-84710c7967bb
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 17:05:18 GMT
x-content-type-options
nosniff
age
6415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93100
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 17:05:18 GMT
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.0.0/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 18:52:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
8074615
cdn-cachedat
2021-04-13 03:04:13
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
MISS
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0441cf5259e8a21a0a35d574536753ab
cf-ray
7031fe6a2dc59c0d-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
headerBackground-480px.png
doqzh3gg3lhpb.cloudfront.net/723b7a7de9ca40d096daf8df120e5399/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doqzh3gg3lhpb.cloudfront.net/723b7a7de9ca40d096daf8df120e5399/headerBackground-480px.png
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-108.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c64ba09a9487ea4181728b5dc6cc1f2132375f8f5669351f7aac9ac4edd6fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 18:52:15 GMT
Via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Last-Modified
Fri, 17 Feb 2017 18:04:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
ETag
"79e244dddb65edd63b01b4c8cf2ce024"
X-Cache
Miss from cloudfront
x-amz-version-id
null
x-amz-meta-qqfilename
headerBackground-480px.png
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
15775
X-Amz-Cf-Id
DPzHYYVomWoD86hlsy4EwV5hQo2_sMKTNSrKChzf8re_YSbvsUhK3Q==
logo-login.png
doqzh3gg3lhpb.cloudfront.net/723b7a7de9ca40d096daf8df120e5399/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doqzh3gg3lhpb.cloudfront.net/723b7a7de9ca40d096daf8df120e5399/logo-login.png
Requested by
Host: sso.mediafly.com
URL: https://sso.mediafly.com/HybridSSO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-108.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c67c8f4049d28762eaade156f24e858efab3f7151320df9da9e34dc4364d127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.mediafly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 18:52:15 GMT
Via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 May 2017 21:55:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
ETag
"63dec02b2b4cd52de08d27e2c23bd3a4"
X-Cache
Miss from cloudfront
x-amz-version-id
null
x-amz-meta-qqfilename
logo-viewer.png
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
207514
X-Amz-Cf-Id
mdM4c4OtjSlEWhzvdS1y0WAJXc-YLwAo19TQ5TO1cwSVR2WksQxKUA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
viewer.mediafly.com
URL
https://viewer.mediafly.com/thermofisher/redirect/login?url=https%3A%2F%2Fviewer.mediafly.com%2Fthermofisher%23%2Flogin

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| jQuery1102034289171484529435

8 Cookies

Domain/Path Name / Value
www.bioproductionondemand.com/ Name: PHPSESSID
Value: 0d1gbett3hra9g3drj1tj484n2
viewer.mediafly.com/ Name: devicetype
Value: web
.mediafly.com/ Name: did
Value: 3C1217E1F025E89D0A19D4B49A5E7BED5254CC32967FE721CB1A40F186D082676F2FEC58FB62C9BEFBD5CC88F5060C22D91C6E7D61885C9504C92DFC4C10E79D27EA1003571982CDFD38C27C5AABDB6671BDDA0172785169A87C8A2C8DD68336A442838A31212B43C397A83527A9C2B82880834F46CBA20C0772A89196A543E72B4EC75AA37B4F8002F911F03B61BB67103B8887
viewer.mediafly.com/ Name: token
Value: 655D952420A364982AACF1C63D05068809AFE093501936AD0A871C6CD7D1D481EDBD4961AFB04529A4B88AF5F6DB5FC91825410F91BE9905F75A2C68A7ADD9766EB2E730EF0FB94F64E232BCC49582ACFE738C56E4BAA3023A6386472BCD22BA1D1A229F6DB309487C7046164CD98071B4FC16EFDC7456D6EF3EE7EBFDAA10D80EC0800586D6704C85092990568819E53D8CBDB2F8AF0C3271D06A254037730B705BCB1EE6EA6B2CD144B25D3BE4C334138E8693CCA5622D49178E6994C5C1BA0091CE00FA30274D8FA00DE62DA69835EC6828BC143B90041DD7E5DB48DC30BB1AEB625D06EA4C4F5563AC6FEE09B046A55DBB6D7E5BAE36C94717F64447A2C1B04B9D688517F699DB55C565AAA8179D56A40A654085946FAA3295ED25D88BC58CA2803A19001FE67C106B9D558A0FCCF18F419CB52435D812A8A82635415A29E10B3CE9D9B738C39CDBC14822B0D3B878D5AD5C92858B81DFBD7ED2A72E0679D1172712950B97A4ED38F1C9AF5CACC9437DDF2232AB18A7E4B168D023067ACCF0ACE8E1BA9A77E0C1E5BB1F4FA20650BD09724AC31F4DB6CCFB47BDC4AB2A5D709D8DC95ACB253A4B44EBEA324675325D7353355C2CEE97B3A63ECD8A1F4A916C0877860C26D6476089D964EEF0CBB9DEDB3E15F6EA676DF0C40BA837D7366958718F585A6967884A2C3D4C14ED394E1241E850616570B5F42219945A7E782B9AA32A112C21B587F321D7A00F4B14B80E4A1CD630111B124927F1036191101454AB02662F8BA2E3A48ECE61FF7084197F4A25C0DAEFC1B29260D98B8B782C086A6D88CF63B1F8CEFBDFAA6A8EDF6CA91594C6B2EEBB7C1C1360B0396A2FD7CF264A6EAD3EB0CB385C96E220F4F4F3A7C6F90F2B34A35C54CEA8F1E0EA45D92E041F77CD037B62BAA868C42E669C1C6CEA9FB29DE39C4214E60EF574444F74A6B5B54127463BCF159CB2D6A33C4FAAE2C2B4EB7595AC8EE95966BCF2E0FA885DF585543AF6C99BDB8AE29C4C6714D235D59A5BB38508FD00D3517AA5EA8D17D4DE2DC3B193CC6032781A12A3A0431D8DCEF8FE95E70610652ED30EFF041F78EEF5742C5446F6F0297B49A1C805FF5D893482CEADFF49E1057C87CA49987D56AC1E730A4DC749BB98C951D3BC864D7B7ADA23084579FA713FACB2C0CF79CEBA85B542351CCC97CBE072757BF5C89977FC024FB6E0958C93F326D2BD284901AB6CABA53347C9F34688126ACF8CFE56A39B501F2553E5EE9711153D9173E10F3D28EE1778364B7BED2D7E54822CB9726E0760C28D81D4786D37A8FF7629D32824BF903D5B8E66E2CC493E7C37F6EAA40FC6CA3A9E7281252433B02718558B88F0789C534766C0FC12F786B35414E769D5FF81DE7BDE2152F0E7386BDB8E0E90ED0140A5131C888790E7617C1166BF5196301ABFB35DEF99E0A0DDFE530E768952A531775A780964401AB67C6D301004F5B92E4CE73AD6C980753449900536971F316F84737180D11E20870A259779C2C9D70A665CFC029600509E93803D84F0E89B8C52FB14058C21A195F431192A569DF0F07BE6C4D55C7DF7AA7EB9408D5772A192855B4502EE823A5201D1051CB4A766B76B57553E0F066FF7A1564C12AE1ADDB0A4B7E73FDFEF804B287E4A1CEB1A40EC119AB26AA3CFD07CF76406AA28ABAFEB0B8CBCCD44803C7613DABD5DB10A094363049B425A0AE6EF7B55D1372477A8E12A2AFD
.mediafly.com/ Name: thermofisher-ejwt-v1
Value: OKlypOduTO9N+sRr1faP6GTFz9gHztumwRQZUikbebYga7XJBVzo74T7UeMyvvZtb7ZdYZDImKTwv9OwPGvKszVjHeYxs0B6XUCtfwSMjaa/gllI6D0R7k3sTLaIvGjMLXHn4x4xLdQ2eY1WQI3uzjdAbNArS9Jmg2JmP626NjkKK18Hxz7ZHWEG0wtxkcof0SVSpT55NALMXVfr9ssj54wg6UYohYK9aIHOnlnnY6AlyAXbi2c5xE864OmHxg8xzedd9xvVjRW7CUwEAI2e8XPetC6AWFxBtkvSF0RPf8dEYiNe60z3dnDuJylxtiPKMtFhpPS3E+3acuj16QpeYp345rWi9DqEu2cKLxk6uh930n4xz4ghWQR5Wko2JHDrTIi27RJs2SEqKka675w1ojwJIktxL9Juzx/jJ7H7MRPO+xalL9MnCG0r1vi1JqpN4UbLZJ0tnQm8KZj2xZh3YBf6xoz/vK1WvWW5TtwcT59D29Ac4urvNQOvGzhX4RMH6pzpXq1JLHckL85QN8rMKm83+5axGdxRKJEj073LtB4=
login.mediafly.com/ Name: XSRF-TOKEN
Value: CfDJ8OHjzNGZmVVJkBZIAOhjiviixY5oNZQ-SamuLB_Ulk_Q6TSAC_POn0Nfi-3oxNWkBxTCYcmqUq86TmnaqahpEcSDpQiwvDPjtZnE69oULEf-ikwXhbDci7cnDvKRRgsBzBBFse7ir1RGGayCNtYCE0o
login.mediafly.com/ Name: XSRF-TOKEN-VALIDATION
Value: CfDJ8OHjzNGZmVVJkBZIAOhjivgjg3KPd9cURPX7lH_c3DnLfUWMDTAUmQJNQXtRdNoIiYwObqciVOVGP-vUZ36eyngsNYGr_gvVmb68kbjct5r27lPKAlg6H_APqDjy0ODwXPwcP7bkvSAE_ieoWZicfMo
sso.mediafly.com/ Name: rs2
Value: %2F4rINrwh8sz2OHpz9%2BZxA7UMrGzgT%2BKfvW3AVPTLJ4gY14Fo5AY%2F6ZNElDCFSXn2pCHzuQik1oNjE%2BrbfXaP3tPXedqhNxa8FaQNCVEWel%2FGws6VI9%2FvhqhRO32Ho6HTtp2kyrUm0TsESEGXv5a34kUW6on0fIX9mZSexfGrUNRhMD4kgmkyA1Ryx2uFavA4ZCW%2FZVA47rJUZ2EG%2BGs8ulsY159u1fF9j1yNadm9V3%2BVWjC1FQtmFBcwwQ6yKOji52lpe%2BotXT%2FDuWtGxpmQp0K5yee3B4adACNiJdRIj2dof%2BflK7acqfxMabiv1UESOfJMo3iylFWbaue3Y3hKfxk%2BsMD585KU%2B94mvbFg5mz83YSWv2UzCi4N5klKATE67XJYbutNBu3GrGJTtivUGw%3D%3D

2 Console Messages

Source Level URL
Text
network error URL: https://viewer.mediafly.com/api/contentsource
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://login.mediafly.com/api/accounts
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; child-src 'self' blob:; connect-src http: https: wss: *.akamaihd.net *.akamaized.net *.google-analytics.com *.imediafly.com *.mediafly.com mediafly-fineuploader-production-us-west.s3.amazonaws.com; frame-src *; font-src data: 'self' *.imediafly.com *.mediafly.com fonts.googleapis.com fonts.gstatic.com; img-src blob: data: https:; media-src blob: http: https:; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.imediafly.com *.mediafly.com apis.google.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.imediafly.com *.mediafly.com fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.imediafly.com *.mediafly.com; worker-src 'self' blob:; report-uri https://mediafly.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
d24vzrffmnq0aw.cloudfront.net
doqzh3gg3lhpb.cloudfront.net
fonts.googleapis.com
login.mediafly.com
netdna.bootstrapcdn.com
sso.mediafly.com
viewer.mediafly.com
www.bioproductionondemand.com
viewer.mediafly.com
108.138.7.123
13.32.99.108
192.169.216.17
2606:4700::6812:acf
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
34.233.114.188
52.222.236.48
52.222.250.111
1c67c8f4049d28762eaade156f24e858efab3f7151320df9da9e34dc4364d127
2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01
36be0690271b03dc44c76437127db4654dbb98445b10516fce715bf507117e4a
37119ce885eeda90eb2f07ec56b8b53ada23398d7cf16be96ced3fef3afb4bca
3c64ba09a9487ea4181728b5dc6cc1f2132375f8f5669351f7aac9ac4edd6fdb
3ee8554f71d996ace4f8601073f1746805bcc15ad70377bb652ba59730f6766e
47e9b2cfa93d3f2895a9953378a5c7b5c7a34826d72b517a3191741f21bae17e
49900690325f071f647ef89b6c53946fca493fc7c614e5e85e79387a5177903a
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
61ac5857feb130a1dc475db36bbe21604fddf30024110bb2bea9d8b23e8b1b44
6ab699e6aa59bcff7ab945b79ca4856b4cd5633c44fdca53ba66fc6920f5e67e
6f261f170318aa851d577f604a12c045b93ff0fdd9bb8ca3e8c544a11772df84
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
7fa6b779d5f6f3cde351f02d8efc4b3e763c6c25799309e233bed7c70c45978b
835b4f8f9fa87cacc42c6d2fd1ce2a79e851330dee301c0380890a26cf27006a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8cc8d33c2afac0d8c2b75a4beb32c353a010e5e38613e612b3829e70d7e3d9a6
940b4bc5c8330c880d47a27ae0bfb62264349fbbe7b176c2a9b237c8f7706a1c
a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb
ae433cafdd228640febe6c81be5ff33d8e892ed8f5b24e2669a4471e76b5f8d7
d1d747efcc66377bf2537134c47c397bd1e5f0b3b3ed5e30b57df729e41d862e
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
df11d1e8b7cd3deb6954380e8dda511eb79a607157cf6ade726f7d519786e52c