urlscan.io logo urlscan.io
SecurityTrails logo

shrp.platloonia.com Open in urlscan Pro
2606:4700:3036::681c:15de  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track-eb.mymetalroots.com/campaigns/mailclick/Mjg0/NTcz/NTUzMzY5NA==/aHR0cHM6Ly9zaHJwLnBsYXRsb29uaWEuY29tL3Y3dT9ycz1aNE53b...
Effective URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Submission: On July 13 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3036::681c:15de, located in United States and belongs to CLOUDFLARENET, US. The main domain is shrp.platloonia.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 25th 2019. Valid for: a year.
This is the only time shrp.platloonia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.159.70.19 12876 (Online SAS)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
28 7
1    51.159.70.19 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: l-host1.wanbokqk.com
track-eb.mymetalroots.com
13    2606:4700:3036::681c:15de (United States)

ASN13335 (CLOUDFLARENET, US)
shrp.platloonia.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
measurements-api.wonderpush.com
1    2606:4700:20::681a:64 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
Domain Requested by
13 shrp.platloonia.com shrp.platloonia.com
cdn.by.wonderpush.com
8 cdn.by.wonderpush.com shrp.platloonia.com
cdn.by.wonderpush.com
3 fonts.gstatic.com shrp.platloonia.com
1 get.geojs.io cdn.by.wonderpush.com
1 measurements-api.wonderpush.com cdn.by.wonderpush.com
1 fonts.googleapis.com shrp.platloonia.com
1 cdnjs.cloudflare.com shrp.platloonia.com
1 track-eb.mymetalroots.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
mtp.capitalrtv.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-25 -
2020-10-09		 a year crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
by.wonderpush.com
Let's Encrypt Authority X3		 2020-05-30 -
2020-08-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
measurements-api.wonderpush.com
GTS CA 1D2		 2020-07-03 -
2020-10-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Frame ID: D68A1A0259A4DCFB48B3EC230BC2EF25
Requests: 22 HTTP requests in this frame

Frame: https://shrp.platloonia.com/wonderpush.min.html
Frame ID: 51793D0C25D529D74F885A6A75BD1E17
Requests: 5 HTTP requests in this frame

Frame: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.html
Frame ID: 7BC451078A1C47C3F936885370B12749
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://track-eb.mymetalroots.com/campaigns/mailclick/Mjg0/NTcz/NTUzMzY5NA==/aHR0cHM6Ly9zaHJwLnBsYXRsb29uaWEuY... HTTP 302
    https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytine... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

28
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

542 kB
Transfer

1397 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track-eb.mymetalroots.com/campaigns/mailclick/Mjg0/NTcz/NTUzMzY5NA==/aHR0cHM6Ly9zaHJwLnBsYXRsb29uaWEuY29tL3Y3dT9ycz1aNE53bFdwcWFtS2NsWDkxbEhCcWFIWnhZS0NEb21aM3BaYVZsYnl0eTVwZmEyVmZwbjF4a0EvaGVsZW5hLmx5eXRpbmVuQGZpLmFiYi5jb20= HTTP 302
    https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v7u
shrp.platloonia.com/
Redirect Chain
  • https://track-eb.mymetalroots.com/campaigns/mailclick/Mjg0/NTcz/NTUzMzY5NA==/aHR0cHM6Ly9zaHJwLnBsYXRsb29uaWEuY29tL3Y3dT9ycz1aNE53bFdwcWFtS2NsWDkxbEhCcWFIWnhZS0NEb21aM3BaYVZsYnl0eTVwZmEyVmZwbjF4a0Ev...
  • https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.1
Resource Hash
d3172f27085db0e9460f5445bfc754bc48b7081a16ffa79a6bc48d6419c18615

Request headers

:method
GET
:authority
shrp.platloonia.com
:scheme
https
:path
/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 13 Jul 2020 06:15:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d983409ff07c4d5fb2d84652a313004241594620945; expires=Wed, 12-Aug-20 06:15:45 GMT; path=/; domain=.platloonia.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.2.1
cf-cache-status
DYNAMIC
cf-request-id
03e869bb360000178a591d3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b20df0b8a73178a-FRA
content-encoding
br

Redirect headers

Date
Mon, 13 Jul 2020 06:15:44 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.6
X-Powered-By
PHP/7.4.6
Location
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Content-Length
0
Content-Type
text/html; charset=UTF-8
X-Cache
MISS from half.god1.afrinewsly.com
X-Cache-Lookup
MISS from half.god1.afrinewsly.com:80
Via
1.1 half.god1.afrinewsly.com (squid/3.5.20)
Connection
keep-alive
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13566397
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03e869bf840000d6cd24356200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
W/"5afd4910-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b20df126cbdd6cd-FRA
expires
Sat, 03 Jul 2021 06:15:46 GMT
bootstrap.min.css
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/bootstrap.min.css
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 08:56:49 GMT
server
cloudflare
etag
W/"1d970-5aa12858160a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5b20df126fb3178a-FRA
cf-request-id
03e869bf840000178a5920a200000001
custome-bb.css
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/custome-bb.css
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc7f7adad1e7d2f20a80d073e2909a4d11957a35deb532ed7e5364f3788ba6e

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 10:44:43 GMT
server
cloudflare
etag
W/"6876-5aa140764f9a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5b20df126fb5178a-FRA
cf-request-id
03e869bf850000178a5920b200000001
jquery.min.js
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/jquery.min.js
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 08:56:49 GMT
server
cloudflare
etag
W/"1538e-5aa128582a8c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5b20df126fb6178a-FRA
cf-request-id
03e869bf850000178a5920c200000001
bootstrap.min.js
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/bootstrap.min.js
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 08:56:49 GMT
server
cloudflare
etag
W/"90b5-5aa1285834cd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5b20df126fba178a-FRA
cf-request-id
03e869bf850000178a5920d200000001
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d04227042ef943bef3df983f822e597c6ef6d5089462f0df3feac85cc48a8c

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
81315
x-cache
Hit from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
494
cf-request-id
03e869bfe9000097165bb85200000001
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 07:40:03 GMT
server
cloudflare
etag
"ce904ae320d3aa33ab885727729329e9ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
FRA54
accept-ranges
bytes
cf-ray
5b20df1309719716-FRA
x-amz-cf-id
PcJyMvoX9Hp1vTQuwd0cK9NgB5xEw1wADBYwT4eSLS-1zgWjlx9vYg==
log-bb.webp
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/log-bb.webp
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413b40b69bfa3b826dd3d0ea5b8a9669b356521db01627da547fe6e7b6f9b786

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 10:44:43 GMT
server
cloudflare
etag
"1e30-5aa1407661e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df126fbd178a-FRA
content-length
7728
cf-request-id
03e869bf850000178a5920e200000001
bnr-bb.gif
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/bnr-bb.gif
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931c129708fb88a46be880ba5e02ad3c61f2bd1e9e97dc338f12000e55f68b61

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 10:44:43 GMT
server
cloudflare
etag
"1d50c-5aa1407672454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df126fbe178a-FRA
content-length
120076
cf-request-id
03e869bf850000178a5920f200000001
i11-green.png
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/i11-green.png
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934039bf88dd590d00d5dbb39e55f16f7ec2528fa9c0d9af3d9c7cb570b2a814

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:47 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 10:44:43 GMT
server
cloudflare
etag
"93e7-5aa1407657a8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df127fc2178a-FRA
content-length
37863
cf-request-id
03e869bf870000178a59211200000001
s20.png
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/s20.png
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b089e4a6cafdce794d6d00e2dfa1dc80122b2e7d5d367fdcf77ad495c635d301

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:48 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 10 Jul 2020 10:44:43 GMT
server
cloudflare
etag
"fbe1-5aa1407669f84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df127fc4178a-FRA
content-length
64481
cf-request-id
03e869bf870000178a59212200000001
delivery-bb.png
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/delivery-bb.png
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fdcb34e5b4f7aa28dd9b83eb23e6a97dcc106c0a063a9eb60f59711a81d5add

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:48 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 10:57:06 GMT
server
cloudflare
etag
"1255-5aa1433abefa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df127fcb178a-FRA
content-length
4693
cf-request-id
03e869bf870000178a59213200000001
social-icon.png
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/social-icon.png
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d07dc950069456f7216f32a6f5d5d299948b021d64035edca161089bf8edc1d

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 08:56:49 GMT
server
cloudflare
etag
"2558-5aa12857f7c45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df127fcc178a-FRA
content-length
9560
cf-request-id
03e869bf870000178a59214200000001
ssl.png
shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/ssl.png
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5efbd155f5f4ff8ef070debc54e7630f495edda4610e5f5b4e2d3b4c00eb62c

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Jul 2020 08:56:49 GMT
server
cloudflare
etag
"1d09-5aa1285802055"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5b20df127fce178a-FRA
content-length
7433
cf-request-id
03e869bf870000178a59215200000001
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Jul 2020 04:54:35 GMT
server
ESF
date
Mon, 13 Jul 2020 06:15:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Jul 2020 06:15:46 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin
https://shrp.platloonia.com

Response headers

date
Thu, 11 Jun 2020 05:23:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
2767963
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Fri, 11 Jun 2021 05:23:03 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin
https://shrp.platloonia.com

Response headers

date
Thu, 09 Jul 2020 01:03:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
364348
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 09 Jul 2021 01:03:18 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin
https://shrp.platloonia.com

Response headers

date
Thu, 11 Jun 2020 05:02:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
2769195
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 11 Jun 2021 05:02:31 GMT
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.24.9/ 		386 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354d5e99bc7636ded93efa865e92db329cd92a2e85f833bdb99a3530b9b0b13a

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1463731
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94479
cf-request-id
03e869c029000097165bb88200000001
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 07:39:59 GMT
server
cloudflare
etag
"292a7629e6b8bfb75def5cd4f4a47a78ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
cf-ray
5b20df1379b09716-FRA
x-amz-cf-id
fTXcUaDXhgQQn9VzwHBn2xhSIzjAZG9ezXg0KZQv8aO1RTbnLS3qcQ==
41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
cdn.by.wonderpush.com/config/webkeys/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f49be23c64193b4c30b829b8ba61855ba97175c9c95ea7c1bc565c9591185b4

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
866
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
663
cf-request-id
03e869c1290000c2c741af4200000001
access-control-allow-origin
*
last-modified
Mon, 22 Jun 2020 15:35:20 GMT
server
cloudflare
etag
"1bd6bd54171b7d1826920d9839e8a0e2ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/json
via
1.1 6c635014c5e34cfe71b5baa57a471bdb.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
ATL56-C2
accept-ranges
bytes
cf-ray
5b20df150ef2c2c7-FRA
x-amz-cf-id
_S0hDuZHp1eeADthvoCAcqRyV8jiFReWuCPjL3VCNm_9uUsDyxAxLA==
wonderpush.min.html
shrp.platloonia.com/ Frame 5179 		594 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://shrp.platloonia.com/wonderpush.min.html
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46

Request headers

:method
GET
:authority
shrp.platloonia.com
:scheme
https
:path
/wonderpush.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d983409ff07c4d5fb2d84652a313004241594620945
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com

Response headers

status
200
date
Mon, 13 Jul 2020 06:15:49 GMT
content-type
text/html; charset=UTF-8
last-modified
Fri, 27 Mar 2020 05:50:23 GMT
cf-cache-status
DYNAMIC
cf-request-id
03e869c1450000178a59232200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b20df153d34178a-FRA
content-encoding
br
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1780813
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1055
cf-request-id
03e869c14a000097165bb95200000001
access-control-allow-origin
*
last-modified
Mon, 22 Jun 2020 15:30:23 GMT
server
cloudflare
etag
"eade35070a4a96bcbeb77c55c1856e96ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 50584ad285d5f627ddebae74efdd0771.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
OSL50-C1
accept-ranges
bytes
cf-ray
5b20df154ad39716-FRA
x-amz-cf-id
20um1NkDIzY8WTsYdtY3Lw7Rpv_Br6dbhU0LP8tkl4t8AzS30VB60A==
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ Frame 5179 		881 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: shrp.platloonia.com
URL: https://shrp.platloonia.com/wonderpush.min.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d04227042ef943bef3df983f822e597c6ef6d5089462f0df3feac85cc48a8c

Request headers

Referer
https://shrp.platloonia.com/wonderpush.min.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
81318
x-cache
Hit from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
494
cf-request-id
03e869ca57000097165bbeb200000001
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 07:40:03 GMT
server
cloudflare
etag
"ce904ae320d3aa33ab885727729329e9ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
FRA54
accept-ranges
bytes
cf-ray
5b20df23bbc49716-FRA
x-amz-cf-id
PcJyMvoX9Hp1vTQuwd0cK9NgB5xEw1wADBYwT4eSLS-1zgWjlx9vYg==
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.24.9/ Frame 5179 		386 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354d5e99bc7636ded93efa865e92db329cd92a2e85f833bdb99a3530b9b0b13a

Request headers

Referer
https://shrp.platloonia.com/wonderpush.min.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1463734
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94479
cf-request-id
03e869ca68000097165bbec200000001
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 07:39:59 GMT
server
cloudflare
etag
"292a7629e6b8bfb75def5cd4f4a47a78ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
cf-ray
5b20df23dbd09716-FRA
x-amz-cf-id
fTXcUaDXhgQQn9VzwHBn2xhSIzjAZG9ezXg0KZQv8aO1RTbnLS3qcQ==
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ Frame 5179 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

Referer
https://shrp.platloonia.com/wonderpush.min.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1780816
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1055
cf-request-id
03e869cafd000097165bbf3200000001
access-control-allow-origin
*
last-modified
Mon, 22 Jun 2020 15:30:23 GMT
server
cloudflare
etag
"eade35070a4a96bcbeb77c55c1856e96ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 50584ad285d5f627ddebae74efdd0771.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
OSL50-C1
accept-ranges
bytes
cf-ray
5b20df24cc619716-FRA
x-amz-cf-id
20um1NkDIzY8WTsYdtY3Lw7Rpv_Br6dbhU0LP8tkl4t8AzS30VB60A==
events
measurements-api.wonderpush.com/v1/ Frame 5179 		21 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://measurements-api.wonderpush.com/v1/events
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://shrp.platloonia.com/wonderpush.min.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Jul 2020 06:15:50 GMT
server
Google Frontend
status
202
content-type
application/json
access-control-allow-origin
https://shrp.platloonia.com
x-cloud-trace-context
199e363fdbbf825f02905c7b3659719c
access-control-allow-credentials
true
content-length
21
geo.json
get.geojs.io/v1/ip/ 		304 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cddd2f68d75962d7685fc9ce22823afe813a133d37399afb096ce2890d3dc0bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 13 Jul 2020 06:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03e869cb2f0000dff780acb200000001
x-request-id
7705dec20c2de08bb522a73b5fc0dd56-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
5b20df25180edff7-FRA
wonderpush.min.html
cdn.by.wonderpush.com/sdk/1.1.24.9/ Frame 7BC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.html
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.24.9/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.by.wonderpush.com
:scheme
https
:path
/sdk/1.1.24.9/wonderpush.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com

Response headers

status
200
date
Mon, 13 Jul 2020 06:15:49 GMT
content-type
text/html
content-length
380
set-cookie
__cfduid=da834bdf8b2d3761ae7588b066e52f6121594620949; expires=Wed, 12-Aug-20 06:15:49 GMT; path=/; domain=.wonderpush.com; HttpOnly; SameSite=Lax
last-modified
Fri, 26 Jun 2020 07:39:58 GMT
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
content-encoding
gzip
access-control-allow-origin
*
access-control-allow-methods
HEAD, GET
access-control-max-age
86400
etag
"201e40aaf96efdd107b815b102c31d7bed6e"
x-cache
Miss from cloudfront
via
1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA54
x-amz-cf-id
o7q4lLqSQ5388seUetMtX1uwCcn5G4YJfWc3uWS-7qkrGDoGp0QP0A==
cf-cache-status
HIT
age
1463732
accept-ranges
bytes
cf-request-id
03e869cb28000097165bbf6200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5b20df250c839716-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| WonderPush function| chkvali function| partstep function| toSimpleJson object| titleAry object| favcon number| idx number| interval function| setTitle function| startTimer function| what

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'top' of undefined TypeError: Cannot read property 'top' of undefined at HTMLDocument.<anonymous> (https://shrp.platloonia.com/v7u?rs=Z4NwlWpqamKclX91lHBqaHZxYKCDomZ3pZaVlbyty5pfa2Vfpn1xkA/helena.lyytinen@fi.abb.com:318:34) at l (https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/jquery.min.js:2:29375) at c (https://shrp.platloonia.com/allcustomfiles/AU-Vodafone-July20/jquery.min.js:2:29677) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
measurements-api.wonderpush.com
shrp.platloonia.com
track-eb.mymetalroots.com
2001:4860:4802:36::15
2606:4700:20::681a:64
2606:4700:3036::681c:15de
2606:4700::6810:85e5
2606:4700::6812:13b7
2a00:1450:4001:800::200a
2a00:1450:4001:815::2003
51.159.70.19
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46
2d07dc950069456f7216f32a6f5d5d299948b021d64035edca161089bf8edc1d
2fdcb34e5b4f7aa28dd9b83eb23e6a97dcc106c0a063a9eb60f59711a81d5add
354d5e99bc7636ded93efa865e92db329cd92a2e85f833bdb99a3530b9b0b13a
413b40b69bfa3b826dd3d0ea5b8a9669b356521db01627da547fe6e7b6f9b786
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
7f49be23c64193b4c30b829b8ba61855ba97175c9c95ea7c1bc565c9591185b4
931c129708fb88a46be880ba5e02ad3c61f2bd1e9e97dc338f12000e55f68b61
934039bf88dd590d00d5dbb39e55f16f7ec2528fa9c0d9af3d9c7cb570b2a814
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b089e4a6cafdce794d6d00e2dfa1dc80122b2e7d5d367fdcf77ad495c635d301
b5efbd155f5f4ff8ef070debc54e7630f495edda4610e5f5b4e2d3b4c00eb62c
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9d04227042ef943bef3df983f822e597c6ef6d5089462f0df3feac85cc48a8c
cdc7f7adad1e7d2f20a80d073e2909a4d11957a35deb532ed7e5364f3788ba6e
cddd2f68d75962d7685fc9ce22823afe813a133d37399afb096ce2890d3dc0bb
d3172f27085db0e9460f5445bfc754bc48b7081a16ffa79a6bc48d6419c18615
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c