urlscan.io logo urlscan.io
SecurityTrails logo

shift-app-jgray-update--5a1hgi.shift-localhost.io Open in urlscan Pro
54.84.169.173  Public Scan

Go To Rescan Add Verdict Report
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Submission: On June 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 20 HTTP transactions. The main IP is 54.84.169.173, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is shift-app-jgray-update--5a1hgi.shift-localhost.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 24th 2020. Valid for: 3 months.
This is the only time shift-app-jgray-update--5a1hgi.shift-localhost.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.84.169.173 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.224.198.8 16509 (AMAZON-02)
1 13.224.191.114 16509 (AMAZON-02)
1 152.199.21.2 15133 (EDGECAST)
1 3.223.249.113 14618 (AMAZON-AES)
3 52.73.219.109 14618 (AMAZON-AES)
1 1 13.224.198.39 16509 (AMAZON-02)
3 13.225.87.104 16509 (AMAZON-02)
20 9
5    54.84.169.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-169-173.compute-1.amazonaws.com
shift-app-jgray-update--5a1hgi.shift-localhost.io
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.224.198.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-8.fra2.r.cloudfront.net
static.shiftplatform.io
1    13.224.191.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-114.fra2.r.cloudfront.net
api.tiles.mapbox.com
1    152.199.21.2 (United States)

ASN15133 (EDGECAST, US)
hello.myfonts.net
1    3.223.249.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-249-113.compute-1.amazonaws.com
shrub.shift.io
3    52.73.219.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-219-109.compute-1.amazonaws.com
api.shift-localhost.io
1    13.224.198.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-39.fra2.r.cloudfront.net
widget.intercom.io
3    13.225.87.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-104.fra2.r.cloudfront.net
js.intercomcdn.com
Domain Requested by
5 shift-app-jgray-update--5a1hgi.shift-localhost.io shift-app-jgray-update--5a1hgi.shift-localhost.io
3 js.intercomcdn.com js.intercomcdn.com
3 api.shift-localhost.io shift-app-jgray-update--5a1hgi.shift-localhost.io
3 static.shiftplatform.io shift-app-jgray-update--5a1hgi.shift-localhost.io
2 fonts.googleapis.com shift-app-jgray-update--5a1hgi.shift-localhost.io
1 widget.intercom.io 1 redirects
1 shrub.shift.io shift-app-jgray-update--5a1hgi.shift-localhost.io
1 hello.myfonts.net shift-app-jgray-update--5a1hgi.shift-localhost.io
1 api.tiles.mapbox.com shift-app-jgray-update--5a1hgi.shift-localhost.io
20 9

This site contains links to these domains. Also see Links.

Domain
shift.io
Subject Issuer Validity Valid
shift-app-jgray-update--5a1hgi.shift-localhost.io
Let's Encrypt Authority X3		 2020-06-24 -
2020-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
shiftplatform.io
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
api.mapbox.com
Amazon		 2020-03-05 -
2021-04-05		 a year crt.sh
hello.myfonts.net
DigiCert SHA2 Secure Server CA		 2019-06-03 -
2021-06-07		 2 years crt.sh
shrub.shift.io
Let's Encrypt Authority X3		 2020-05-11 -
2020-08-09		 3 months crt.sh
*.shift-localhost.io
Amazon		 2020-03-03 -
2021-04-03		 a year crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Frame ID: FBA2E5193100C1C223D00876C15FF792
Requests: 18 HTTP requests in this frame

Frame: https://shrub.shift.io/hub.html
Frame ID: 0C587DA7FE8A50AA860DEE8DCB9DDA6C
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e9d02ed3.js
Frame ID: EEC47DEF3E510726826C43EBAFD4A1CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

20
Requests

95 %
HTTPS

11 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

11902 kB
Transfer

12323 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://widget.intercom.io/widget/e6apphq3 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.169.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-169-173.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
d48eb0ab5cb5f28bb5242af22843258a3f81cafd7d45d1c86d592b421795792b

Request headers

Host
shift-app-jgray-update--5a1hgi.shift-localhost.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Wed, 24 Jun 2020 13:23:16 GMT
Etag
W/"2423-172e67f35a0"
Content-Type
text/html; charset=UTF-8
Content-Length
9251
Date
Wed, 24 Jun 2020 13:34:08 GMT
Via
1.1 vegur
css
fonts.googleapis.com/ 		3 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=swap
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f0d67a7f300c8d2de526a27459cabfb51969729f152b2b4b7dc06b9d21b9bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Jun 2020 12:36:02 GMT
server
ESF
date
Wed, 24 Jun 2020 13:34:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jun 2020 13:34:08 GMT
Basics.css
static.shiftplatform.io/fonts/Basics/ 		2 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.shiftplatform.io/fonts/Basics/Basics.css
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.198.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f9e3db21e6571ed7ace8ed6380978df7cdd9a75841252ab49acbe5ca4ef55d1

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 12:03:59 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 15:46:31 GMT
server
AmazonS3
age
5410
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
e5lerHbX3uHQe41fmDgNKNbQJ1g0SIp4IIZ75rHK6MP_VQs-ElyTBw==
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v1.1.1/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v1.1.1/mapbox-gl.css
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.191.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-191-114.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
02a13b666f2af6399b527878146f0c218e778f4819bf9807aef06491ecc04a16

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 15 Feb 2020 19:28:50 GMT
content-encoding
gzip
etag
"4e32dfebe9cc16b5fc92f8b14a3add23"
last-modified
Tue Jul 16 2019 23:32:30 GMT+0000 (Coordinated Universal Time)
age
11210717
status
200
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
HxGk26ZgPrEUxXXFmo0NI7U9SZ1qgVKaEA86NivIdyfFMbTdPwt-dw==
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
1.e6f15ab508cf3016c969.css
shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/1.e6f15ab508cf3016c969.css
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.169.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-169-173.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
fce8ad98d959da0eacafef7741c57d22e75ea695c7db95b7dfb34f6bba57292e

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 13:34:08 GMT
Via
1.1 vegur
Etag
W/"35e2-172e67f35a0"
Last-Modified
Wed, 24 Jun 2020 13:23:16 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13794
app.ecef3c809bcd1dece5f1.css
shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		152 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/app.ecef3c809bcd1dece5f1.css
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.169.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-169-173.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
e4d5dcb92d3e04242bde9adf13fada6137bf0144bb105a1b816cfd4a01fb168b

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 13:34:08 GMT
Via
1.1 vegur
Etag
W/"25eca-172e67f35a0"
Last-Modified
Wed, 24 Jun 2020 13:23:16 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155338
css
fonts.googleapis.com/ 		129 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cormorant+Unicase:400,700|Gugi|Heebo:400,700|Just+Another+Hand|Lato|Lora:400,700|Merriweather|Montserrat:400,700|Muli:400,700|Noto+Sans:400,700|Open+Sans+Condensed:300,700|Open+Sans:400,700|Oswald:400,700|PT+Sans:400,700|PT+Serif:400,700|Playfair+Display:400,700|Poppins:400,700|Raleway:400,700|Roboto+Condensed:400,700|Roboto+Mono:400,700|Roboto+Slab:400,700|Roboto:400,700|Slabo+27px|Sofia|Source+Sans+Pro:400,700|Ubuntu:400,700
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f905acf1af5d0ce9644be3a7bc88c00e57e6f85e79500cd3e528e42446da7ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Jun 2020 13:34:08 GMT
server
ESF
date
Wed, 24 Jun 2020 13:34:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jun 2020 13:34:08 GMT
vendor.e6f15ab508cf3016c969.js
shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		8 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.169.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-169-173.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
87e9e657a68f0cf27b16a1b50e1096c2b945cb20386119762fbd530067373e17

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 13:34:08 GMT
Via
1.1 vegur
Etag
W/"7ba839-172e67f35a0"
Last-Modified
Wed, 24 Jun 2020 13:23:16 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8103993
app.e6f15ab508cf3016c969.js
shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/app.e6f15ab508cf3016c969.js
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.169.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-169-173.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
73c5b89fc50e58c5c319fd46eb0c4ce8f8c796e345dea2bc8a62b7b82114b20c

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 13:34:08 GMT
Via
1.1 vegur
Etag
W/"379412-172e67f35a0"
Last-Modified
Wed, 24 Jun 2020 13:23:16 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3642386
3bb2ba
hello.myfonts.net/count/ 		0
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/3bb2ba
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AB7) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 13:34:08 GMT
last-modified
Fri, 17 Apr 2020 15:38:14 GMT
server
ECAcc (ama/8AB7)
age
5437273
etag
"3364556309"
status
200
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
expires
Wed, 24 Jun 2020 13:34:07 GMT
65c83c08-518f-4fd0-8da4-95a7fb96462d
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://shift-app-jgray-update--5a1hgi.shift-localhost.io/65c83c08-518f-4fd0-8da4-95a7fb96462d
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
hub.html
shrub.shift.io/ Frame 0C58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shrub.shift.io/hub.html
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.249.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-249-113.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash

Request headers

Host
shrub.shift.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/

Response headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Vary
Origin
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Wed, 20 Feb 2019 23:07:08 GMT
Etag
W/"89-1690d29a960"
Content-Type
text/html; charset=UTF-8
Content-Length
137
Date
Wed, 24 Jun 2020 13:34:10 GMT
Via
1.1 vegur
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
account
api.shift-localhost.io/v3/ 		77 B
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shift-localhost.io/v3/account
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.219.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-219-109.compute-1.amazonaws.com
Software
/
Resource Hash
9660ac6b3da3fb036d700c916ee26999af3a7cd53f1fd53e78f5537153e8667d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
n1
undefined
Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 13:34:11 GMT
access-control-allow-headers
n1, cookie, mediasilohostcontext, x-requested-with, mediasilosessionkey, Origin, Content-Type, Authorization, WWW-Authenticate, X-Api-Client-ID, X-Api-Key, X-Api-Domain, x-csrf-token, X-Api-Device, shift-link-protocol, signup-token
status
401
x-frame-options
SAMEORIGIN
access-control-allow-methods
OPTIONS, GET, POST, DELETE, PUT
content-type
text/plain
access-control-allow-origin
https://shift-app-jgray-update--5a1hgi.shift-localhost.io
access-control-expose-headers
link, total-results, x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, shiftssolocation
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains;
client-ip-address
82.102.19.136
content-length
77
x-xss-protection
1; mode=block
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/e6apphq3
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b75ca150d329c4a5c110e54edecf5ec9a80d94804e049f6f970ba8a47d39ae3c

Request headers

Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 13:31:27 GMT
content-encoding
gzip
age
165
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2909
last-modified
Wed, 24 Jun 2020 12:41:13 GMT
server
AmazonS3
etag
"6e60c2885584c378013437a9ae51d40f"
content-type
application/javascript; charset=UTF-8
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ssH5nvaVsklRj3qtdqe4XTdTt_G-hLO7llyiC003EgOFrmDptcXOVA==

Redirect headers

date
Mon, 25 May 2020 09:16:40 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
server
AmazonS3
age
2607452
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA2-C1
content-length
0
x-amz-cf-id
Y9vqip4MkIYUeJn8iaKeIAbnY3kvuhMa_Wg47K-iTo6olG7EQlWUfw==
frame-modern.e9d02ed3.js
js.intercomcdn.com/ Frame EEC4 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e9d02ed3.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be389cf000c78b78f0400de8dd9e62cd33265a6cd38d7a92a7e7069684cf0894

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 12:41:20 GMT
content-encoding
gzip
age
3171
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
63159
last-modified
Wed, 24 Jun 2020 12:37:03 GMT
server
AmazonS3
etag
"1d0f6595ad1769554f687d92d8623718"
content-type
application/javascript; charset=UTF-8
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
i1Zk1jmHuVoy_lUiDCRpeoLp01lBQBFCfjD9e2BA1FFIjYGLO5OS7Q==
vendor-modern.e4af3a80.js
js.intercomcdn.com/ Frame EEC4 		172 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.e4af3a80.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb518324c349eb7ea9aab8fe22e0bfa751ab372a1809fd901959ed2ee40c118e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 12:36:47 GMT
content-encoding
gzip
age
3445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
52330
last-modified
Wed, 24 Jun 2020 12:19:34 GMT
server
AmazonS3
etag
"b6eefddfcdeba3c64b0c93d204263b2d"
content-type
application/javascript; charset=UTF-8
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
lb2niXPpnlZyanUsoqebsr_pxm1-NBFrlncAiQ_lI3XEx-ZkAb23bg==
refresh
api.shift-localhost.io/authenticate/ 		27 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shift-localhost.io/authenticate/refresh
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.219.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-219-109.compute-1.amazonaws.com
Software
/
Resource Hash
b41fef95ed74aaa31bdeb26dd7723d3061bcd3eb8e1f0ac489e98fe66d59935f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
n1
undefined
Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 13:34:11 GMT
access-control-allow-headers
n1, cookie, mediasilohostcontext, x-requested-with, mediasilosessionkey, Origin, Content-Type, Authorization, WWW-Authenticate, X-Api-Client-ID, X-Api-Key, X-Api-Domain, x-csrf-token, X-Api-Device, shift-link-protocol, signup-token
status
401
x-frame-options
SAMEORIGIN
access-control-allow-methods
OPTIONS, GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://shift-app-jgray-update--5a1hgi.shift-localhost.io
access-control-expose-headers
link, total-results, x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, shiftssolocation
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains;
client-ip-address
82.102.19.136
content-length
27
x-xss-protection
1; mode=block
remember-me
api.shift-localhost.io/authenticate/ 		27 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shift-localhost.io/authenticate/remember-me
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.219.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-219-109.compute-1.amazonaws.com
Software
/
Resource Hash
b41fef95ed74aaa31bdeb26dd7723d3061bcd3eb8e1f0ac489e98fe66d59935f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
n1
undefined
Referer
https://shift-app-jgray-update--5a1hgi.shift-localhost.io/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 13:34:11 GMT
access-control-allow-headers
n1, cookie, mediasilohostcontext, x-requested-with, mediasilosessionkey, Origin, Content-Type, Authorization, WWW-Authenticate, X-Api-Client-ID, X-Api-Key, X-Api-Domain, x-csrf-token, X-Api-Device, shift-link-protocol, signup-token
status
401
x-frame-options
SAMEORIGIN
access-control-allow-methods
OPTIONS, GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://shift-app-jgray-update--5a1hgi.shift-localhost.io
access-control-expose-headers
link, total-results, x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, shiftssolocation
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains;
client-ip-address
82.102.19.136
content-length
27
x-xss-protection
1; mode=block
font.woff2
static.shiftplatform.io/fonts/Basics/webFonts/ProximaNova-Regular/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.shiftplatform.io/fonts/Basics/webFonts/ProximaNova-Regular/font.woff2
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.198.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dddb2004a7b1ebb0d3e3f3d3584b4344ff4f28c42c17ef5f6923268259d2294d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://static.shiftplatform.io/fonts/Basics/Basics.css
Origin
https://shift-app-jgray-update--5a1hgi.shift-localhost.io

Response headers

date
Wed, 24 Jun 2020 13:34:13 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
content-length
56344
last-modified
Wed, 10 Jun 2020 15:40:06 GMT
server
AmazonS3
etag
"5c482790ba54283f269db9bcfff3a91d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
DOQsfxiO8A5l5q-JP4hQ-Iq51pP8L-r7d7BcTnUyxvRGpFKVcU3DsQ==
font.woff2
static.shiftplatform.io/fonts/Basics/webFonts/ProximaNova-Semibold/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.shiftplatform.io/fonts/Basics/webFonts/ProximaNova-Semibold/font.woff2
Requested by
Host: shift-app-jgray-update--5a1hgi.shift-localhost.io
URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.198.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e31b33d80abfa32de51727a342467550f697d20ffee08c557c63afc4bdb072d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://static.shiftplatform.io/fonts/Basics/Basics.css
Origin
https://shift-app-jgray-update--5a1hgi.shift-localhost.io

Response headers

date
Wed, 24 Jun 2020 13:34:13 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
content-length
55312
last-modified
Wed, 10 Jun 2020 15:40:07 GMT
server
AmazonS3
etag
"c17db265775c31a9f14edb780c6a0207"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
jVpgI1uq8PnQO0-D8-sKdl174bJ7oA94Im6iOU6HRFtp1XUJf87tHQ==

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Intercom object| analytics object| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| AWS object| scCGSHMRCache function| Mousetrap function| _ function| webpackJsonpjwplayer function| jwplayer object| vttjs function| WebVTT function| Pusher object| store

0 Cookies

3 Console Messages

Source Level URL
Text
console-api warning URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js(Line 269)
Message:
@babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning.
console-api warning URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js(Line 269)
Message:
getAccountsToLoginSaga error: Not logged in or session expired
console-api error URL: https://shift-app-jgray-update--5a1hgi.shift-localhost.io/vendor.e6f15ab508cf3016c969.js(Line 269)
Message:
Tracking not yet initialized

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.shift-localhost.io
api.tiles.mapbox.com
fonts.googleapis.com
hello.myfonts.net
js.intercomcdn.com
shift-app-jgray-update--5a1hgi.shift-localhost.io
shrub.shift.io
static.shiftplatform.io
widget.intercom.io
13.224.191.114
13.224.198.39
13.224.198.8
13.225.87.104
152.199.21.2
2a00:1450:4001:808::200a
3.223.249.113
52.73.219.109
54.84.169.173
02a13b666f2af6399b527878146f0c218e778f4819bf9807aef06491ecc04a16
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1f0d67a7f300c8d2de526a27459cabfb51969729f152b2b4b7dc06b9d21b9bf6
6f9e3db21e6571ed7ace8ed6380978df7cdd9a75841252ab49acbe5ca4ef55d1
73c5b89fc50e58c5c319fd46eb0c4ce8f8c796e345dea2bc8a62b7b82114b20c
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
87e9e657a68f0cf27b16a1b50e1096c2b945cb20386119762fbd530067373e17
9660ac6b3da3fb036d700c916ee26999af3a7cd53f1fd53e78f5537153e8667d
b41fef95ed74aaa31bdeb26dd7723d3061bcd3eb8e1f0ac489e98fe66d59935f
b75ca150d329c4a5c110e54edecf5ec9a80d94804e049f6f970ba8a47d39ae3c
be389cf000c78b78f0400de8dd9e62cd33265a6cd38d7a92a7e7069684cf0894
d48eb0ab5cb5f28bb5242af22843258a3f81cafd7d45d1c86d592b421795792b
dddb2004a7b1ebb0d3e3f3d3584b4344ff4f28c42c17ef5f6923268259d2294d
e31b33d80abfa32de51727a342467550f697d20ffee08c557c63afc4bdb072d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d5dcb92d3e04242bde9adf13fada6137bf0144bb105a1b816cfd4a01fb168b
f905acf1af5d0ce9644be3a7bc88c00e57e6f85e79500cd3e528e42446da7ed0
fb518324c349eb7ea9aab8fe22e0bfa751ab372a1809fd901959ed2ee40c118e
fce8ad98d959da0eacafef7741c57d22e75ea695c7db95b7dfb34f6bba57292e