urlscan.io logo urlscan.io
SecurityTrails logo

ns.myappterms.com Open in urlscan Pro
13.38.120.206  Public Scan

Go To Rescan Add Verdict Report
URL: https://ns.myappterms.com/
Submission: On April 22 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 36 HTTP transactions. The main IP is 13.38.120.206, located in Paris, France and belongs to AMAZON-02, US. The main domain is ns.myappterms.com.
TLS certificate: Issued by R3 on April 22nd 2022. Valid for: 3 months.
This is the only time ns.myappterms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.38.120.206 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.114 16509 (AMAZON-02)
1 143.204.103.120 16509 (AMAZON-02)
2 143.204.103.41 16509 (AMAZON-02)
1 54.71.192.93 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 143.204.98.47 16509 (AMAZON-02)
1 151.101.1.195 54113 (FASTLY)
9 151.101.65.195 54113 (FASTLY)
6 18.198.8.101 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.198.23.205 ()
36 14
2    13.38.120.206 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-120-206.eu-west-3.compute.amazonaws.com
ns.myappterms.com
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:174f (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.arengu.com
1    143.204.98.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-114.fra50.r.cloudfront.net
checkout.stripe.com
1    143.204.103.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com
2    143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net
cdn.segment.com
1    54.71.192.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-192-93.us-west-2.compute.amazonaws.com
api.segment.io
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
1    143.204.98.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net
iifqhs.sdk.froged.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
sdk.froged.com
9    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
widget-v2.froged.com
6    18.198.8.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
api.froged.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.198.23.205 (None, )

ASN- ()
r.lr-ingest.io
Apex Domain
Subdomains		 Transfer
17 froged.com
iifqhs.sdk.froged.com
sdk.froged.com — Cisco Umbrella Rank: 750068
widget-v2.froged.com — Cisco Umbrella Rank: 750886
api.froged.com — Cisco Umbrella Rank: 695169
708 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
4 KB
2 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 9904
r.lr-ingest.io
161 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1657
26 KB
2 arengu.com
sdk.arengu.com
95 KB
2 myappterms.com
ns.myappterms.com
36 MB
1 gstatic.com
fonts.gstatic.com
33 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1081
175 B
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 10001
19 KB
1 stripe.com
checkout.stripe.com — Cisco Umbrella Rank: 7208
23 KB
0 Failed
function sub() { [native code] }. Failed
36 11
Domain Requested by
9 widget-v2.froged.com iifqhs.sdk.froged.com
widget-v2.froged.com
6 api.froged.com widget-v2.froged.com
5 fonts.googleapis.com ns.myappterms.com
iifqhs.sdk.froged.com
client
2 cdn.segment.com ns.myappterms.com
cdn.segment.com
2 sdk.arengu.com ns.myappterms.com
2 ns.myappterms.com ns.myappterms.com
1 r.lr-ingest.io cdn.lr-ingest.io
1 fonts.gstatic.com fonts.googleapis.com
1 sdk.froged.com
1 iifqhs.sdk.froged.com 1 redirects
1 cdn.lr-ingest.io
1 api.segment.io cdn.segment.com
1 cdn.auth0.com ns.myappterms.com
1 checkout.stripe.com ns.myappterms.com
0 172.31.46.73 Failed
0 localhost Failed
36 16

This site contains no links.

Subject Issuer Validity Valid
ns.myappterms.com
R3		 2022-04-22 -
2022-07-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
*.auth0.com
Amazon		 2022-03-26 -
2023-04-24		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
tradepostusa.xtend.community
GTS CA 1D4		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.froged.com
Amazon		 2022-04-19 -
2023-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
api.logrocket.com
R3		 2022-03-27 -
2022-06-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ns.myappterms.com/
Frame ID: 0C31D66F2F95766DB8F9350603047214
Requests: 19 HTTP requests in this frame

Frame: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Frame ID: 34CF936D8FBA3C6804F81E4D2D22E9F0
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Next Scenario

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

36
Requests

89 %
HTTPS

29 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

37591 kB
Transfer

41237 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://iifqhs.sdk.froged.com/ HTTP 302
  • https://sdk.froged.com/

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ns.myappterms.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ns.myappterms.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.38.120.206 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-38-120-206.eu-west-3.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
ed8f113227aba86adcbe32adc2e86f125bc57a97ca48e17c895607392aab63bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Apr 2022 08:41:43 GMT
ETag
W/"c7b-raRGrZpNeoBSnuvXUBbCPxrHhgo"
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i,700,700i&display=swap
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
edf790ad4af7f732683db988a8a3b1a9010165a55b1de9c387b42f29fe1e68ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 08:11:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:41:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:41:43 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900&display=swap
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
635595c3498345fc71ebe3900e45390b3a2d4ea43992bed004da61ff1015fe7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 08:41:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:41:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:41:43 GMT
forms.js
sdk.arengu.com/ 		316 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.arengu.com/forms.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:174f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db6e60e9c84380e70e8c4abb9387db82250f2005cf0ab19e85220624925d0004

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:41:43 GMT
content-encoding
gzip
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvQaUnQN-Z78pvxE708eIpqQ_ZGxM0Zb99WU8qpAQjqUR6LROW3ysg7OISrqeQ3ecoagTcu_HFLvs8dYOxmCqCW4o64MP8S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
93292
x-sdk-file
/forms-standard.js
last-modified
Fri, 15 Apr 2022 11:16:12 GMT
server
cloudflare
content-language
en
etag
"c432d152a6d92612766822d73dac4b1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zQB6oQ==, md5=xDLRUqbZJhJ2aCLXPaxLHQ==
x-goog-generation
1650021372568739
access-control-allow-origin
*
cache-control
private, max-age=3600,no-transform
x-goog-stored-content-length
93292
accept-ranges
bytes
cf-ray
6ffd0fe089e93fef-CDG
expires
Fri, 22 Apr 2022 09:41:43 GMT
modal.js
sdk.arengu.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.arengu.com/modal.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:174f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8106313168e5843b53f81384ff8822f641f4392a04504c80a954bb092a4600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:41:43 GMT
content-encoding
gzip
cf-cache-status
MISS
x-guploader-uploadid
ADPycds-J1R1JGrV9pX3vu-YHcRsfvTAitlR0NVJol5sxwOQg87AJuXnNUy0I2ADdtiF0iILq5QFCfEhFFdSN5ubPmz0MrKKlILE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 20 Apr 2020 16:47:42 GMT
server
cloudflare
etag
W/"c1053fe96a674dd7ae0813b72ca57c21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=tKQx2A==, md5=wQU/6WpnTdeuCBO3LKV8IQ==
x-goog-generation
1587401262312691
cache-control
private, max-age=3600
x-goog-stored-content-length
6791
cf-ray
6ffd0fe089eb3fef-CDG
expires
Fri, 22 Apr 2022 09:41:43 GMT
checkout.js
checkout.stripe.com/ 		86 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.stripe.com/checkout.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
434919408794eea7abacf5f0545c24e069b91cb624faafe54e9452cd64160d5e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Feb 2022 18:54:09 GMT
server
Cloudfront
age
24
date
Fri, 22 Apr 2022 08:41:20 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BRq6PzNUaxPGiC8WbWnPQZE8BqfVL0V5CMSS_tbKrSNxOBeEzQD-fg==
etag
W/"15d2c1f61839981c3ba0fff3394fec24"
auth0-7.4.min.js
cdn.auth0.com/w2/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/w2/auth0-7.4.min.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-120.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e54d909cc1896e24bb4f8cf7c8eaa38c18da6b482c32ee6d1996288b68fd2b90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
k1aJJAZwLXgJmke4jdgBteFgeWN3yg3t
content-encoding
gzip
last-modified
Tue, 01 Nov 2016 22:02:56 GMT
server
AmazonS3
age
29
etag
W/"d84a56b5771ff7b5533d6dce16745f9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
public, max-age=300
date
Fri, 22 Apr 2022 08:41:43 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZSqMv1hsMKstSVLuXWwaA26JrBUSyVP8ucSQ_K9eUmDkChc2NF6HaQ==
app.js
ns.myappterms.com/ 		36 MB
36 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ns.myappterms.com/app.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.38.120.206 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-38-120-206.eu-west-3.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
9c43778e1c90f9a239b70ba34babf4a423523a045036093dd1e563a5003227b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 08:41:43 GMT
ETag
W/"23aa3d1-7jsTaHGHBZ77Tmew26MDwUaC6eg"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37397457
analytics.min.js
cdn.segment.com/analytics.js/v1/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/ 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/analytics.min.js
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-41.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
626ac0ff881126b4fec1cf650bc56bf9d5bce45600598b5f6fec94c59c766a0c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Lh9eMdS9qUMlm6JUdZuXsGl60nW0HlZE
content-encoding
br
etag
W/"5da770ef3c3b416fb3b4bd94b22965e3"
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 23:37:57 GMT
server
AmazonS3
date
Fri, 22 Apr 2022 08:41:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
gu5XsKJ5WH4azHpcwV71dQBTTac2Ob6dFXwcECZDeDsGYAs4TILXkw==
settings
cdn.segment.com/v1/projects/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/ 		595 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-41.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5112dbe4264624fa13a9e0e5b8fde08322b63506699646bcdb9b67a26d52241d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:26:22 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age
923
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
595
last-modified
Tue, 22 Feb 2022 21:18:57 GMT
server
AmazonS3
etag
"c565cb80426d4223eed7d73966e76b2d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
S8jSlVaZo_R3PqcuMafAXidzCs9rjfbL
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/json; charset=utf-8
x-amz-cf-id
dMjDW23154LbjPi3rPs5WO-Kl-Mt-hRsGlUyCUPlwsSuEURLP8VBkQ==
p
api.segment.io/v1/ 		21 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/eKSzNgWRTQOzOoy15PiFD0CwlxIneQd3/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.192.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-192-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ns.myappterms.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ns.myappterms.com
date
Fri, 22 Apr 2022 08:41:45 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
logger-1.min.js
cdn.lr-ingest.io/ 		777 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host:
URL: webpack-internal:///./node_modules/logrocket/dist/build.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
312c01ac26449fb9a0d731c5f6071477c1014518dfcd9fccc824341971d1d3f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:41:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
253
x-cache
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-cdg20732-CDG
last-modified
Thu, 21 Apr 2022 20:33:56 GMT
server
cloudflare
x-timer
S1650573248.235679,VS0,VE143
etag
W/"186815593e1d6c80a4634c6fcbd3e9b1dafdc1d4081d50f01d7c9944d73323d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RPtEzzjTIuymZTZ%2BS17Yvxnuz8JXeD035HBbS5vdBme5gTd8VDX4tOWL2exgdgKADQzqUh2V1%2BcCyPrvplDcszA5cfSRT6PwN9IbgSvTDp%2BW4WskFfxutB8E0BSaoWQLC8hUUoTAurowctsCul6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6ffd0fedebe23a1d-CDG
x-cache-hits
0
info
localhost/sockjs-node/ 		0
0
info
172.31.46.73/sockjs-node/ 		0
0
f4b9b2c1-730f-4826-a7fe-8229c33616fb
https://ns.myappterms.com/ 		436 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ns.myappterms.com/f4b9b2c1-730f-4826-a7fe-8229c33616fb
Requested by
Host: ns.myappterms.com
URL: https://ns.myappterms.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5db60ad711dfb0c017dd56b4ddb48666e68300b058b874fc8194e0fe19cca817

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
446968
/
sdk.froged.com/
Redirect Chain
  • https://iifqhs.sdk.froged.com/
  • https://sdk.froged.com/
95 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.froged.com/
Protocol
H2
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa5f419d2aa8c0464785ad5ad8df8accb09f81a0babe5732bca1a503038da8a5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:47:16 GMT
x-timer
S1650616907.397699,VS0,VE0
etag
"d2f3ee43ee18600a818fcc0f1b4712062b3fd59a46feca8cda36f30ba5e7f6ba-br"
x-served-by
cache-cdg20733-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
16955
x-cache-hits
25

Redirect headers

date
Fri, 22 Apr 2022 08:41:47 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://sdk.froged.com/
cache-control
max-age=1800
content-length
0
x-amz-cf-id
O3Gn37W6lzFK43QgpbMIlEt7JQMuqfft5WX1z7BrhJSYz5osta0k6g==
css2
fonts.googleapis.com/ 		7 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,300;0,400;0,600;0,700;0,800;1,400;1,700&display=swap
Requested by
Host: iifqhs.sdk.froged.com
URL: https://iifqhs.sdk.froged.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
338455765df6afc904d183156a2dc5a317563cb3d9842d0f5be54a9aa820d65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 08:41:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:41:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:41:47 GMT
/
widget-v2.froged.com/ Frame 34CF 		966 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Requested by
Host: iifqhs.sdk.froged.com
URL: https://iifqhs.sdk.froged.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ee78fd712aba1681be13081093ced89f7c53ff3b490137f8d970b1c37dea170
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://ns.myappterms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1
content-encoding
br
content-length
290
content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 08:41:47 GMT
etag
"bc93452d69872df4bebabdff249c0ba07eaa9279ce9c2cbf10df0d65da7e43ef-br"
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cdg20769-CDG
x-timer
S1650616908.526134,VS0,VE134
ficon.min.css
widget-v2.froged.com/assets/fonts/ficon/ Frame 34CF 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
689ffee8cbc5f35754a8c093bc4438820e8c31980b71deaf87c38f399690c78b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.693714,VS0,VE0
etag
"64fefa5333f648e67175eb0b5e1e7eacf251b44325f6d58900c5697dbead8261-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
5230
x-cache-hits
2
styles.fa687140d741b6442ffc.css
widget-v2.froged.com/ Frame 34CF 		157 B
197 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/styles.fa687140d741b6442ffc.css
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d50dfda0339a2089abb65fb20420c393ea14a4b1400360478bb9d91ec4c9683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.693862,VS0,VE0
etag
"9c39c1fbdd91b5594a81a5bccd3aee2b12b8106e2ed6606d15eaa602bcd62f73-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
87
x-cache-hits
2
runtime-es2015.24d21334deabeb291184.js
widget-v2.froged.com/ Frame 34CF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/runtime-es2015.24d21334deabeb291184.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dcef15d0a06422288ce07772b68ae5db346876015b756edebd3894f8d0a7dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Origin
https://widget-v2.froged.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.693992,VS0,VE0
etag
"243810d81a13518cc353021bfa3aff55ec1dace789bdacae3b718888ba1df577-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
1082
x-cache-hits
2
polyfills-es2015.619664eb7994220368e2.js
widget-v2.froged.com/ Frame 34CF 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/polyfills-es2015.619664eb7994220368e2.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef2c6fd7967e395d99ad0fa189b3e4fe20d19ffc4f51ad8dc5d3c105e5b3767e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Origin
https://widget-v2.froged.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.694113,VS0,VE0
etag
"1a30b803f957818e2583cf449730e396cfebbbf20a30d9d618bfaeb74346a114-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
11228
x-cache-hits
2
main-es2015.78a1312269aadd3e91f6.js
widget-v2.froged.com/ Frame 34CF 		2 MB
393 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/main-es2015.78a1312269aadd3e91f6.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99fa885a6c16cf07fa9ee1c35cb9833a51bd11334f3619665532203b87410a44
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
Origin
https://widget-v2.froged.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.694262,VS0,VE1
etag
"de2c28149610afb3e858c77257be42afd51562cef28c251099f3179c95e7f50a-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
402214
x-cache-hits
1
css2
fonts.googleapis.com/ Frame 34CF 		5 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35edb9417b9293a398f35afd7591552a24217f27c4c63d5286539c631effa695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget-v2.froged.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 08:41:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:41:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:41:47 GMT
css2
fonts.googleapis.com/ Frame 34CF 		5 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8220bc236223ba701d5d1ae6e814ad9ef879c91479ada739d1a5836bf58cfbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget-v2.froged.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 08:21:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:41:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:41:47 GMT
7-es2015.f293cd7fb60c41c3b2ca.js
widget-v2.froged.com/ Frame 34CF 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/7-es2015.f293cd7fb60c41c3b2ca.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/runtime-es2015.24d21334deabeb291184.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0284d60b82d9312504fca6ea6c7aa93f1f23b2f0e43243ef82cce0e8d9e86379
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget-v2.froged.com/?slug=y6tdof&sesionId=new&sdob=e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.878895,VS0,VE0
etag
"f78503951e268b1f58b89ef962f6cfb6655a2eade9e8629a1f1332425f8a81e2-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
3847
x-cache-hits
2
ficon.ttf
widget-v2.froged.com/assets/fonts/ficon/ Frame 34CF 		418 KB
141 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/assets/fonts/ficon/ficon.ttf
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cf2c0287fbc6eb3ea518651e85a71c15081deed34725c8da51d09f678cc6b53
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Origin
https://widget-v2.froged.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616908.919787,VS0,VE1
etag
"4b50d3c36241e401f3435882abc5a9b682b8ec7c481a7bb14a306c4c11c331fa-br"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:47 GMT
accept-ranges
bytes
content-length
143848
x-cache-hits
1
slim
api.froged.com/sdkBoot/y6tdof/new/boot/ Frame 34CF 		17 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdkBoot/y6tdof/new/boot/slim
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.619664eb7994220368e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash
daed0e974d4e50456d1ac4d2d685c851cac8aa93954e3e80f7864a73b87bd7d0

Request headers

Referer
https://widget-v2.froged.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
token
content-type
application/json

Response headers

date
Fri, 22 Apr 2022 08:41:48 GMT
server
nginx/1.20.0
x-powered-by
Express
etag
W/"42f0-UWb7+hUUDlpT0/Ju4QtENrNH8wk"
x-ratelimit-remaining
999
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1650616956
x-ratelimit-limit
1000
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
17136
slim
api.froged.com/sdkBoot/y6tdof/new/boot/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdkBoot/y6tdof/new/boot/slim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
POST
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 22 Apr 2022 08:41:48 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-powered-by
Express
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v19/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v19/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ns.myappterms.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:51:15 GMT
x-content-type-options
nosniff
age
208233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:56:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:51:15 GMT
notifications
api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/automessages/ Frame 34CF 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/automessages/notifications
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.619664eb7994220368e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash
938c1c1a525a71ca05a68ff042b206535d62fd415dc6812422ee86aa835a8f07

Request headers

Referer
https://widget-v2.froged.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
token
content-type
application/json

Response headers

date
Fri, 22 Apr 2022 08:41:48 GMT
server
nginx/1.20.0
x-powered-by
Express
etag
W/"549-b9vh20MBV8+0a/klhMmAvMx8Zyw"
x-ratelimit-remaining
999
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1650616933
x-ratelimit-limit
1000
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
1353
notifications
api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/automessages/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/automessages/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
PATCH
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 22 Apr 2022 08:41:48 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-powered-by
Express
on_pageView
api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/track/on_pageView
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
POST
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 22 Apr 2022 08:41:48 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-powered-by
Express
on_pageView
api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/track/ Frame 34CF 		63 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.froged.com/sdk/y6tdof/521e9945-3cdf-4d80-932a-01404d2607e9/track/on_pageView
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.619664eb7994220368e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-8-101.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash
79f4a34dfc6017277886a9e7c9b7c4a19c6eabb965be77c777ffd75ccac01d39

Request headers

Referer
https://widget-v2.froged.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
token
content-type
application/json

Response headers

date
Fri, 22 Apr 2022 08:41:48 GMT
server
nginx/1.20.0
x-powered-by
Express
etag
W/"3f-8DAPpTHeGoUB/F/MG43Afcj+2D8"
x-ratelimit-remaining
999
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1650616915
x-ratelimit-limit
1000
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
63
undock.wav
widget-v2.froged.com/assets/audio/ Frame 34CF 		115 KB
116 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v2.froged.com/assets/audio/undock.wav
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce4a42b64fed5690bedb1273f3b23b8e37062ab2ccfe29d476931acf0b881244
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/transition?slug=y6tdof&sesionId=new&sdob=e30%3D
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=31556926
last-modified
Thu, 21 Apr 2022 15:36:58 GMT
x-timer
S1650616909.021449,VS0,VE1
etag
"b77f3209cd89d04b6f984a8fe3380f7cc516f27be76fbd43188000c4c2afebf7"
x-served-by
cache-cdg20769-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
audio/wav
Content-Range
bytes 0-118093/118094
cache-control
max-age=1
date
Fri, 22 Apr 2022 08:41:49 GMT
accept-ranges
bytes
Content-Length
118094
x-cache-hits
0
i
r.lr-ingest.io/ 		78 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=lv9rbu%2Fnextscenario&r=5-544e1fb2-e0fe-40d9-afc1-2e493bab2506&t=b6f85241-1cbd-44f5-97bf-04e3d8594fbf&s=0&rs=0%2Cu
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ns.myappterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:41:53 GMT
etag
W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA"
x-powered-by
Express
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
localhost
URL
https://localhost/sockjs-node/info?t=1650616907173
Domain
172.31.46.73
URL
https://172.31.46.73:8082/sockjs-node/info?t=1650616907174

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackJsonpArenguForms object| ArenguForms object| ArenguModal object| StripeCheckout object| StripeButton function| Auth0 object| analytics object| frogedSettings function| Froged object| fg_data object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| AnalyticsNext function| webpackHotUpdate object| __core-js_shared__ object| core function| _lrMutationObserver object| __SDKCONFIG__ object| __VUE_HOT_MAP__ object| regeneratorRuntime function| Hammer function| _lrXMLHttpRequest function| _LRLogger boolean| _lr_loaded object| frogedPopup_dom_listener_dismissed object| frogedPopup_dom_listener_button_clicked undefined| frogedTooltip_dom_listener_tooltip_destroyed undefined| frogedTooltip_dom_listener_tooltip_located undefined| frogedTooltip_dom_listener_tooltip_dismissed undefined| frogedTooltip_dom_listener_tooltipPointed_clicked undefined| frogedTooltip_dom_listener_tooltipPointed_removed undefined| frogedTooltip_dom_listener_button_clicked object| frogedBus object| frogedEnv object| frogedPalette object| frogedUrl object| frogedModal object| frogedModalNot object| frogedPopup object| frogedTooltip object| frogedAutoClick object| frogedAutomessages object| frogedAutoScroll object| frogedAutoSet object| frogedBubble object| frogedCookies object| frogedDocument object| frogedFinder object| frogedFlow object| frogedFlows object| frogedHooks object| frogedLightbox object| frogedMessage object| frogedNavigation object| frogedNotification object| frogedNps object| frogedPicker object| frogedUpdates object| frogedWidget function| getFroged function| fg_start object| fg_styleSheet function| fg_version object| fg_styleSheet_custom

5 Cookies

Domain/Path Name / Value
.myappterms.com/ Name: ajs_anonymous_id
Value: 8b1fc000-b6d2-4e34-be1a-b7c3d5ef3583
ns.myappterms.com/ Name: _lr_tabs_-lv9rbu%2Fnextscenario
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-544e1fb2-e0fe-40d9-afc1-2e493bab2506%22%2C%22lastActivity%22:1650616907212}
ns.myappterms.com/ Name: _lr_hb_-lv9rbu%2Fnextscenario
Value: {%22heartbeat%22:1650616907212}
ns.myappterms.com/ Name: _lr_uf_-lv9rbu
Value: 485ec24d-79c7-45c9-8c4e-42dcee8ce254
.myappterms.com/ Name: fgSesionId_y6tdof
Value: 521e9945-3cdf-4d80-932a-01404d2607e9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

172.31.46.73
api.froged.com
api.segment.io
cdn.auth0.com
cdn.lr-ingest.io
cdn.segment.com
checkout.stripe.com
fonts.googleapis.com
fonts.gstatic.com
iifqhs.sdk.froged.com
localhost
ns.myappterms.com
r.lr-ingest.io
sdk.arengu.com
sdk.froged.com
widget-v2.froged.com
172.31.46.73
localhost
104.198.23.205
13.38.120.206
143.204.103.120
143.204.103.41
143.204.98.114
143.204.98.47
151.101.1.195
151.101.65.195
18.198.8.101
2606:4700::6812:174f
2a00:1450:4001:801::2003
2a00:1450:4001:811::200a
2a06:98c1:3121::7
54.71.192.93
0284d60b82d9312504fca6ea6c7aa93f1f23b2f0e43243ef82cce0e8d9e86379
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
0cf2c0287fbc6eb3ea518651e85a71c15081deed34725c8da51d09f678cc6b53
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1d50dfda0339a2089abb65fb20420c393ea14a4b1400360478bb9d91ec4c9683
312c01ac26449fb9a0d731c5f6071477c1014518dfcd9fccc824341971d1d3f8
338455765df6afc904d183156a2dc5a317563cb3d9842d0f5be54a9aa820d65e
35edb9417b9293a398f35afd7591552a24217f27c4c63d5286539c631effa695
3a8106313168e5843b53f81384ff8822f641f4392a04504c80a954bb092a4600
3dcef15d0a06422288ce07772b68ae5db346876015b756edebd3894f8d0a7dd2
434919408794eea7abacf5f0545c24e069b91cb624faafe54e9452cd64160d5e
5112dbe4264624fa13a9e0e5b8fde08322b63506699646bcdb9b67a26d52241d
5db60ad711dfb0c017dd56b4ddb48666e68300b058b874fc8194e0fe19cca817
626ac0ff881126b4fec1cf650bc56bf9d5bce45600598b5f6fec94c59c766a0c
635595c3498345fc71ebe3900e45390b3a2d4ea43992bed004da61ff1015fe7d
689ffee8cbc5f35754a8c093bc4438820e8c31980b71deaf87c38f399690c78b
79f4a34dfc6017277886a9e7c9b7c4a19c6eabb965be77c777ffd75ccac01d39
7ee78fd712aba1681be13081093ced89f7c53ff3b490137f8d970b1c37dea170
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
938c1c1a525a71ca05a68ff042b206535d62fd415dc6812422ee86aa835a8f07
99fa885a6c16cf07fa9ee1c35cb9833a51bd11334f3619665532203b87410a44
9c43778e1c90f9a239b70ba34babf4a423523a045036093dd1e563a5003227b7
a8220bc236223ba701d5d1ae6e814ad9ef879c91479ada739d1a5836bf58cfbd
aa5f419d2aa8c0464785ad5ad8df8accb09f81a0babe5732bca1a503038da8a5
ce4a42b64fed5690bedb1273f3b23b8e37062ab2ccfe29d476931acf0b881244
daed0e974d4e50456d1ac4d2d685c851cac8aa93954e3e80f7864a73b87bd7d0
db6e60e9c84380e70e8c4abb9387db82250f2005cf0ab19e85220624925d0004
e54d909cc1896e24bb4f8cf7c8eaa38c18da6b482c32ee6d1996288b68fd2b90
ed8f113227aba86adcbe32adc2e86f125bc57a97ca48e17c895607392aab63bc
edf790ad4af7f732683db988a8a3b1a9010165a55b1de9c387b42f29fe1e68ed
ef2c6fd7967e395d99ad0fa189b3e4fe20d19ffc4f51ad8dc5d3c105e5b3767e