urlscan.io logo urlscan.io
SecurityTrails logo

unit-pms-disconnected.frontend.vega.vero.lease Open in urlscan Pro
18.66.112.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Submission: On April 24 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 18.66.112.80, located in United States and belongs to AMAZON-02, US. The main domain is unit-pms-disconnected.frontend.vega.vero.lease.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 24th 2024. Valid for: a year.
This is the only time unit-pms-disconnected.frontend.vega.vero.lease was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 18.66.112.80 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 35.186.194.58 15169 (GOOGLE)
1 3.161.82.55 16509 (AMAZON-02)
1 3.161.82.129 16509 (AMAZON-02)
1 2600:1f18:24e... 14618 (AMAZON-AES)
18 8
8    18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net
unit-pms-disconnected.frontend.vega.vero.lease
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    3.161.82.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
js.stripe.com
1    3.161.82.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-129.fra56.r.cloudfront.net
js.stripe.com
1    2600:1f18:24e6:b902:1e96:6a11:3ff0:a98d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
8 vero.lease
unit-pms-disconnected.frontend.vega.vero.lease
4 MB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2169
rs.fullstory.com — Cisco Umbrella Rank: 2172
76 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1162
148 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
163 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2496
345 B
18 6
Domain Requested by
8 unit-pms-disconnected.frontend.vega.vero.lease unit-pms-disconnected.frontend.vega.vero.lease
2 js.stripe.com unit-pms-disconnected.frontend.vega.vero.lease
js.stripe.com
2 edge.fullstory.com unit-pms-disconnected.frontend.vega.vero.lease
edge.fullstory.com
2 www.googletagmanager.com unit-pms-disconnected.frontend.vega.vero.lease
www.googletagmanager.com
2 fonts.googleapis.com unit-pms-disconnected.frontend.vega.vero.lease
1 rum.browser-intake-datadoghq.com unit-pms-disconnected.frontend.vega.vero.lease
1 rs.fullstory.com edge.fullstory.com
18 7

This site contains no links.

Subject Issuer Validity Valid
*.unit-pms-disconnected.frontend.vega.vero.lease
Amazon RSA 2048 M03		 2024-04-24 -
2025-05-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-03-07 -
2024-06-05		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-03-05 -
2024-06-03		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://unit-pms-disconnected.frontend.vega.vero.lease/
Frame ID: D6188D166AC88D689158043B77B7C3C5
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B3CE0AAF93A49C654E030EF7E14A8580
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VERO

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

4272 kB
Transfer

16586 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unit-pms-disconnected.frontend.vega.vero.lease/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a3da969829f36f8a942ce6d2caf90f3df3892f8ec8e4e16bab3b5ab4b9f480f

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Wed, 24 Apr 2024 23:09:15 GMT
etag
W/"3eace6a1dd6684f040892feeb73479dc"
last-modified
Wed, 24 Apr 2024 19:47:20 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id
dDmEnA3DNbekqtPPM11RVbCEjahWO67aHopfW2mwnjJsGcAWZr_bFg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
css
fonts.googleapis.com/ 		5 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:200,400,500,600&display=swap
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d22faf38a745a59d1ba63b29b5c792e563304d82ab34f38661a3c8689ce6f419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 23:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:09:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 23:09:15 GMT
2.fd23e5f6.chunk.css
unit-pms-disconnected.frontend.vega.vero.lease/static/css/ 		135 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/static/css/2.fd23e5f6.chunk.css
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f87d2728852ecab5cec35a10ff381bd062e6f37031ed351e37f9e733705d8194

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"823bd55375ffbbbd31ac7648b897606d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
CTvQglsM_y7yDpWfTjfG_sfNceRhSiSzcAgVA3lawYzJAgkLnfMvDA==
2.css
unit-pms-disconnected.frontend.vega.vero.lease/ 		135 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/2.css
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d21af3215bdc5f48844bce2e58ccbf295cca94abfe7ccdd63b4d5d7ab352e109

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:15 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"630bec39bfbe7c60dc2f70852e02aadf"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7QtqqnKitWWmJsiVlcZw2igdau2Ap3FoMQo_wGYeG5aCpqaaIpOezA==
main.1db83b3d.chunk.css
unit-pms-disconnected.frontend.vega.vero.lease/static/css/ 		1 MB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/static/css/main.1db83b3d.chunk.css
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c26797186579f31017955fdeb17c73fcd013872bca12330243aab137cce8be84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"c3d792d3a0c80d7d69c5af0551fb9f87"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZLBSMtCPDNXYyN1acYsR2uB5X-QKQhU3ut-xIzzFtLY9qh8_zQ4oBw==
main.css
unit-pms-disconnected.frontend.vega.vero.lease/ 		1 MB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/main.css
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a59cdb0542dd26a40b7a7406b1020c7f788a0e25d4af5deebf87215853bb84c9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:15 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"31a9208d0600e482d1bd8a14eabe9f60"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
viJ46YXtlzg_NVr8hhNTYowbBtKLWAKlduoxfpwo9UdRaNUc_FLwUw==
2.b3a010a3.chunk.js
unit-pms-disconnected.frontend.vega.vero.lease/static/js/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/static/js/2.b3a010a3.chunk.js
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3af780d24370849450e4bb327374998a57c050f842ed7ebe3aa89c825e6134b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"7f03745c5a33caae1df771c80cffab71-2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KNoxPUuBktXJvUIbyPt1a0KKV9D1lSsyn2CmyHE8QeYunz5sb24NfA==
main.ff8edfb3.chunk.js
unit-pms-disconnected.frontend.vega.vero.lease/static/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/static/js/main.ff8edfb3.chunk.js
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bba33df95a20498096c510b58673673aaa1f0e56786c011c8a3546543789b94e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"71e23a417e65b766cf7d2e3715176638"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BBK1pCst79VLqUT7_ikrY3lc9KEjjO33OcmM87IFl7gLQlCOnTU51g==
gtm.js
www.googletagmanager.com/ 		230 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N83D7G5
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
220db6142d39168da49d638e525b0e5d816b29e7a7a58a9301cacf4a77c44d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84594
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 22:17:05 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 23:09:16 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VZMFT58QV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N83D7G5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b80a8777c8a1fadb1866beb0efc0435202c3e25d501538dadf2d519dcfe92378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81607
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 22:17:05 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 23:09:16 GMT
fs.js
edge.fullstory.com/s/ 		270 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Origin
https://unit-pms-disconnected.frontend.vega.vero.lease
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:57:48 GMT
content-encoding
br
age
688
x-guploader-uploadid
ABPtcPrwJdCdFVFpeAWoMIFilvQ_fOZQ9PAXuFHChhz0mmFTRdN7PApwG-XXDvvAPhxiGL4W47cOogJzlw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74572
last-modified
Wed, 24 Apr 2024 15:55:38 GMT
server
UploadServer
etag
"9568c49933648165a4b57d6134954fb0"
vary
Accept-Encoding
x-goog-generation
1713974138368602
x-goog-hash
crc32c=TIbhRA==, md5=lWjEmTNkgWWktX1hNJVPsA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
74572
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 24 Apr 2024 23:57:48 GMT
web
edge.fullstory.com/s/settings/18XBYY/v1/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/18XBYY/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d45fa7b17592b1b7e12adbf8f57ce8e70cddfe98e66253484bf77d638889b3d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrTzk_YXWgwK_cusQO8Wv3-990-TQBxKR0aJIaewiJ5egs0cXoNZLIOhJjZu3_c8WbD-HY09fQmYw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1793
last-modified
Wed, 24 Apr 2024 23:04:35 GMT
server
UploadServer
etag
"bb7b34e25d8a9cb96f981690b40d3bdb"
x-goog-generation
1713999875196948
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=8a8aGA==, md5=u3s04l2KnLlvmBaQtA072w==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1793
accept-ranges
bytes
expires
Wed, 24 Apr 2024 23:24:16 GMT
css
fonts.googleapis.com/ 		5 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600&display=swap
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35d2c456f294886a44c285ea268c95866d5a3565db780c80f8b7698678885195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 23:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:09:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 23:09:16 GMT
page
rs.fullstory.com/rec/ 		82 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
08340a3dae63d9ffe3cfabb3f112fa0f1c5acea16bdab5227239a20aa7e9908e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Apr 2024 23:09:16 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://unit-pms-disconnected.frontend.vega.vero.lease
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
v3
js.stripe.com/ 		605 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/static/js/2.b3a010a3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c678eb6075444e6900a93bbabbe43842cea3042ff153d4c194b54e9cea2f9347
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:10 GMT
content-encoding
br
via
1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
9
x-amz-cf-pop
FRA56-P10
x-cache
Hit from cloudfront
last-modified
Wed, 24 Apr 2024 22:49:38 GMT
server
Cloudfront
etag
W/"889cd333c072def16ccd664ba98308f8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
-5qInUQ-JMPPmMqDNbNZX4IuUuNEHb06pc1UDrS6ebmjRUiN0iubKg==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B3CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-129.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
466
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 23:01:38 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 22 Apr 2024 20:08:56 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
x-amz-cf-id
gNGCxrgBauheqclQIqJxfSF_6vffs4kV0y9rPUode9kQz3Ln2DFpRg==
x-amz-cf-pop
FRA56-P10
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
unit-pms-disconnected.frontend.vega.vero.lease/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://unit-pms-disconnected.frontend.vega.vero.lease/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2594ff7464e813c5be8ed8bbc9507da1519c3caabff73a4c565497172985134

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:09:19 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 19:47:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"c9511eb3336c72b0bbbd98ec3245e966"
x-cache
Miss from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
15406
x-amz-cf-id
R_V8xvodAtCBb0ggnhiIDP28BCdAHVq1Cw_AlmbJ1w22aSqhYTwZsQ==
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Atest%2Cservice%3Afrontend%2Cversion%3Af860d48b1286be650ead9af7ddc7838c42d8c0a3&dd-api-key=pub78f1abf5f57057de217829c1d6e1619b&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=9bd68e45-59b0-415b-9e48-1d7696140f68&batch_time=1714000159439
Requested by
Host: unit-pms-disconnected.frontend.vega.vero.lease
URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:1e96:6a11:3ff0:a98d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c0e4c4153c87e8e75939500edf45db7418cfe4315a9a14e6dd50e1afae0b99b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://unit-pms-disconnected.frontend.vega.vero.lease/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 23:09:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
9bd68e45-59b0-415b-9e48-1d7696140f68

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| google_tag_manager object| google_tag_data boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown object| webpackJsonpvero-front-end object| regeneratorRuntime object| DD_RUM function| setImmediate function| clearImmediate object| __core-js_shared__ function| _ object| core number| 2f1acc6c3a606b082e5eef5e54414ffb object| PDFJS object| cptable object| xShaders function| requestAnimFrame object| vec3 object| mat3 object| mat4 boolean| _fs_initialized object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: ff079fc2-4c85-4ba8-b41c-01d5aa1fff6fa4c0d8
.unit-pms-disconnected.frontend.vega.vero.lease/ Name: __stripe_mid
Value: b14f17b9-56a3-4c48-9cb6-1581ab88a9787a0e8e
.unit-pms-disconnected.frontend.vega.vero.lease/ Name: __stripe_sid
Value: e7420d51-da15-4982-bc86-a509a3fb92c0d4db67
.vero.lease/ Name: _dd_s
Value: rum=2&id=c2635618-2ee0-4f3a-af9f-b23f71a98018&created=1714000157449&expire=1714001057449

1 Console Messages

Source Level URL
Text
other warning URL: https://unit-pms-disconnected.frontend.vega.vero.lease/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

edge.fullstory.com
fonts.googleapis.com
js.stripe.com
rs.fullstory.com
rum.browser-intake-datadoghq.com
unit-pms-disconnected.frontend.vega.vero.lease
www.googletagmanager.com
18.66.112.80
2600:1f18:24e6:b902:1e96:6a11:3ff0:a98d
2a00:1450:4001:811::200a
2a00:1450:4001:81d::2008
3.161.82.129
3.161.82.55
35.186.194.58
35.201.112.186
08340a3dae63d9ffe3cfabb3f112fa0f1c5acea16bdab5227239a20aa7e9908e
0a3da969829f36f8a942ce6d2caf90f3df3892f8ec8e4e16bab3b5ab4b9f480f
220db6142d39168da49d638e525b0e5d816b29e7a7a58a9301cacf4a77c44d41
35d2c456f294886a44c285ea268c95866d5a3565db780c80f8b7698678885195
3af780d24370849450e4bb327374998a57c050f842ed7ebe3aa89c825e6134b4
714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385
a59cdb0542dd26a40b7a7406b1020c7f788a0e25d4af5deebf87215853bb84c9
b80a8777c8a1fadb1866beb0efc0435202c3e25d501538dadf2d519dcfe92378
bba33df95a20498096c510b58673673aaa1f0e56786c011c8a3546543789b94e
c0e4c4153c87e8e75939500edf45db7418cfe4315a9a14e6dd50e1afae0b99b5
c26797186579f31017955fdeb17c73fcd013872bca12330243aab137cce8be84
c678eb6075444e6900a93bbabbe43842cea3042ff153d4c194b54e9cea2f9347
d21af3215bdc5f48844bce2e58ccbf295cca94abfe7ccdd63b4d5d7ab352e109
d22faf38a745a59d1ba63b29b5c792e563304d82ab34f38661a3c8689ce6f419
d45fa7b17592b1b7e12adbf8f57ce8e70cddfe98e66253484bf77d638889b3d8
e2594ff7464e813c5be8ed8bbc9507da1519c3caabff73a4c565497172985134
f87d2728852ecab5cec35a10ff381bd062e6f37031ed351e37f9e733705d8194