urlscan.io logo urlscan.io
SecurityTrails logo

frontend-user-app.iam.ca.rokerplus.com Open in urlscan Pro
52.60.40.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://frontend-user-app.rokerplus.com/
Effective URL: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFb...
Submission: On March 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 52.60.40.67, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is frontend-user-app.iam.ca.rokerplus.com.
TLS certificate: Issued by Amazon on July 26th 2021. Valid for: a year.
This is the only time frontend-user-app.iam.ca.rokerplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.64.176 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
1 54.200.96.253 16509 (AMAZON-02)
1 5 52.60.40.67 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 1 108.157.4.79 16509 (AMAZON-02)
3 143.204.98.7 16509 (AMAZON-02)
1 99.83.219.81 16509 (AMAZON-02)
32 11
10    2600:9000:2156:3c00:12:609a:dc80:93a1 (United States)

ASN16509 (AMAZON-02, US)
frontend-user-app.rokerplus.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2156:aa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.200.96.253 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-96-253.us-west-2.compute.amazonaws.com
m.stripe.com
5    52.60.40.67 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-40-67.ca-central-1.compute.amazonaws.com
frontend-user-app.iam.ca.rokerplus.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    108.157.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-79.dus51.r.cloudfront.net
widget.intercom.io
3    143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net
js.intercomcdn.com
1    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
15 rokerplus.com
frontend-user-app.rokerplus.com
frontend-user-app.iam.ca.rokerplus.com
1 MB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 894
q.stripe.com — Cisco Umbrella Rank: 5856
m.stripe.com — Cisco Umbrella Rank: 854
71 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2009
126 KB
3 gstatic.com
fonts.gstatic.com
69 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1998
api-iam.intercom.io — Cisco Umbrella Rank: 2534
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 948
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
29 KB
32 8
Domain Requested by
10 frontend-user-app.rokerplus.com frontend-user-app.rokerplus.com
5 frontend-user-app.iam.ca.rokerplus.com 1 redirects frontend-user-app.rokerplus.com
frontend-user-app.iam.ca.rokerplus.com
3 js.intercomcdn.com widget.intercom.io
3 fonts.gstatic.com fonts.googleapis.com
3 js.stripe.com frontend-user-app.rokerplus.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com frontend-user-app.rokerplus.com
2 fonts.googleapis.com frontend-user-app.rokerplus.com
frontend-user-app.iam.ca.rokerplus.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 code.jquery.com frontend-user-app.iam.ca.rokerplus.com
1 m.stripe.com m.stripe.network
32 12

This site contains links to these domains. Also see Links.

Domain
www.rokerplus.com
Subject Issuer Validity Valid
*.rokerplus.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-01-26 -
2022-05-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-11 -
2022-05-04		 4 months crt.sh
*.iam.ca.rokerplus.com
Amazon		 2021-07-26 -
2022-08-24		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Frame ID: 1F4F946B27BFF873003FDCC52BC30234
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: AC9BDAE89D1BF49756B32489C33BA8D9
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3568B3A995A953E287817C98F8151E63
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e17106a4.js
Frame ID: 0CF36E4B1F74FEC440931B67D1565131
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roker IAM

Page URL History Show full URLs

  1. https://frontend-user-app.rokerplus.com/ Page URL
  2. https://frontend-user-app.iam.ca.rokerplus.com/connect/authorize?client_id=d2318814-5869-4d09-ac0f-ee0fc0397c70&redirect_ur... HTTP 302
    https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

42 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

1592 kB
Transfer

6355 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://frontend-user-app.rokerplus.com/ Page URL
  2. https://frontend-user-app.iam.ca.rokerplus.com/connect/authorize?client_id=d2318814-5869-4d09-ac0f-ee0fc0397c70&redirect_uri=https%3A%2F%2Ffrontend-user-app.rokerplus.com%2Fauth-callback&response_type=code&scope=openid%20profile%20iam&state=a40f5fcebd1144638d3847e413cb982a&code_challenge=n04ZhmtBxQyZVx0VFUCG7o69n6SsJMMyY6UJIb0kJyM&code_challenge_method=S256&response_mode=query HTTP 302
    https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://widget.intercom.io/widget/x9838hmm HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
frontend-user-app.rokerplus.com/ 		850 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
880a39dc65ccd980bb4c21284a6602676d73a1bb3cbae74280941edf25dcd1f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
850
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
accept-ranges
bytes
server
AmazonS3
date
Thu, 17 Mar 2022 06:34:43 GMT
cache-control
no-cache,max-age=604800,s-maxage=604800
etag
"013fe456c7c00cc798688ebe28dba790"
x-cache
RefreshHit from cloudfront
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MeubenbLI5ItvOmRzN0olgKgBxvUySl4xyohCVff7jrCxWEgltvnKQ==
css2
fonts.googleapis.com/ 		3 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38b43a92ed65440109eedcfa1c26295954ca51f1b32ed3329730df8de08ff85c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 06:04:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 06:34:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 06:34:42 GMT
/
js.stripe.com/v3/ 		289 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
afb40334fd3bfc28fa741c0f3cdfb71394fdcc772ece2c43b48518b4a7742d03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
25
x-cache
HIT
content-length
69963
etag
"7bea87cee5df7fa94adf69bc5dec221e"
x-request-id
d49eb89f-831a-43a3-bf03-8f3246587c0d
x-served-by
cache-cdg20732-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Mar 2022 20:35:50 GMT
server
Fastly
date
Thu, 17 Mar 2022 06:34:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
styles.5044b85be159bbca89b4.css
frontend-user-app.rokerplus.com/ 		970 KB
208 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/styles.5044b85be159bbca89b4.css
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cc6b41ebee1756201c582d968e9cf98e4f2e243ad7a66c4f1e1ed270e39c4b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"2361a0ec1d759dc1121924d2391b06e4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
AZADVqBQ1bv092xTJdt2QPlnrwkoFGMPc_MK_YqChgKMdBl5K431kA==
runtime.1ac18b5f632952ff000d.js
frontend-user-app.rokerplus.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/runtime.1ac18b5f632952ff000d.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
371753289847e8c58ee463d8239cf721dc851005cf36e72f2c77729fcd809925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"55307d9549a9e4d97e636e02b092a024"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
DAinU7J-0W0htGByKTFvFqGv31HIBlIyMtLeAowdAPpkSsNA0DSADA==
polyfills.4f2336345ddb12ff0038.js
frontend-user-app.rokerplus.com/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/polyfills.4f2336345ddb12ff0038.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d55e9129ae3661dc6464533c7b381bc1954d3098382e9b0dbe5f4c5170220a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"daf22da2b25c54f77adef5805c6fff89"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
6URxsHdcnzwNyJL5HMMx2CRs-vD2BQN7qBOPrlXrngMsL_9uxhZzRA==
scripts.5762c50b330496672d60.js
frontend-user-app.rokerplus.com/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/scripts.5762c50b330496672d60.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac8b6514fb971791c62f2379b14bf2c27de24e7675ab723179ba0751fc64230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"09fb8e9c3acb5c3f5d1366be4eac9a11"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
PItg8PALeOi7SFjyqrEM_wGmXc5QuBcufi6_xTtwiIY3LLHRx1-HGQ==
main.cf0d7aa25650632afde1.js
frontend-user-app.rokerplus.com/ 		4 MB
941 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/main.cf0d7aa25650632afde1.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fc2c4c241c22232230cc94ba6a9e4382210bb7e5331f13670ce86ec0251d7f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"b5a085e899cc253135978412ca6d2c24"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
PrInX4MU0ebaxjCIgj52SMxJGIlth90WR2nkekJTCJlFkq8Azg6iBg==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frontend-user-app.rokerplus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
39853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:30 GMT
en.json
frontend-user-app.rokerplus.com/assets/i18n/ 		34 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/assets/i18n/en.json
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/polyfills.4f2336345ddb12ff0038.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
213bb78be8614c70838174533c3713cccf66219b023a2c052fe03c36f47a5465

Request headers

Accept
application/json, text/plain, */*
Referer
https://frontend-user-app.rokerplus.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"f628fcebbd619f12302a788b143bfde0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
TQxHsUN0LcfzKym9ZSQaic-rAiDXQK56T4Lskqz2rZLn7TlbEQaArQ==
4.d38209b35a8274200509.js
frontend-user-app.rokerplus.com/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/4.d38209b35a8274200509.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/runtime.1ac18b5f632952ff000d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f8cf99745bf458dbb848e51bf5ce441a371cbb2d9c3d3a082ce985818f1a3e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"f8feb3b76cd3c6b96256f1777d6984cb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
I9eJnwihmHHUH7G4rGs8q4EKBWL9-9cmfF0iA8fcyibE-JTPxA9p7A==
3.3ec9742002f6bf3af740.js
frontend-user-app.rokerplus.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/3.3ec9742002f6bf3af740.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/runtime.1ac18b5f632952ff000d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b10144ad683b2f01095a83bc7f45db4546cea10972cd42f2e0d566f83c240f4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"0fdefb44753d6a75e06085b94b059846"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
pJNxgDWp-J_A71yfZlmL0e0-SNNzcCwCrl2maXOWLNJjKzqPfwT3QQ==
14.f6ae6c3f4a7ad9c019e3.js
frontend-user-app.rokerplus.com/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.rokerplus.com/14.f6ae6c3f4a7ad9c019e3.js
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/runtime.1ac18b5f632952ff000d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:12:609a:dc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd377ca3d778db939e89517ba76cc2d38e619d0c09e5031ba4343266c2c175db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 05:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"600eeec6c44b638eee82232090d34d50"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=604800,s-maxage=604800
x-amz-cf-id
ICm7Ax6fdQsyJSM5ipJ70lR-h5LzyDPR9DUqEyDf-zJcZYQxB8Yq3w==
m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
js.stripe.com/v3/ Frame AC9B 		240 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/

Response headers

last-modified
Mon, 07 Mar 2022 20:11:00 GMT
etag
"9fe86c29346daf61dc2cc0586b4fad18"
cache-control
max-age=31536000
content-type
text/html; charset=utf-8
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 17 Mar 2022 06:34:44 GMT
via
1.1 varnish
age
814958
x-request-id
10cc8f5e-5ba2-4ef4-ad7d-eee6f084fbd3
x-served-by
cache-cdg20732-CDG
x-cache
HIT
x-cache-hits
2781
vary
Accept-Encoding
timing-allow-origin
*
content-length
140
csp-report
q.stripe.com/ Frame AC9B 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-7345858512d328389831b5c353d30a99.js
js.stripe.com/v3/fingerprinted/js/ Frame AC9B 		1 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
30
x-cache
HIT
content-length
645
etag
"d0c7e21ec457b6a134a496f107c3ca93"
x-request-id
90cc5098-560f-4e03-a8e5-7bd0e40a66ba
x-served-by
cache-cdg20732-CDG
access-control-allow-origin
*
last-modified
Mon, 07 Mar 2022 20:10:26 GMT
server
Fastly
date
Thu, 17 Mar 2022 06:34:44 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
inner.html
m.stripe.network/ Frame 3568 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Mon, 07 Mar 2022 19:04:54 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date
Thu, 17 Mar 2022 06:32:44 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wegAM9j5xLg7RuDK0NqscrAPO0WzaDnVocNhoPiL2KNxD9WIt5zl9g==
age
122
csp-report
q.stripe.com/ Frame 3568 		0
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 3568 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
220
x-cache
Hit from cloudfront
date
Thu, 17 Mar 2022 06:31:10 GMT
last-modified
Mon, 07 Mar 2022 19:04:56 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
8-EBotLnIn9-qNA9-ZZXFw634GA-DNxz9IEILIq1U-f9FAezZw7lyg==
6
m.stripe.com/ Frame 3568 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.96.253 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-96-253.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cba6429a99c2a0dff51681fe1c9bb20790bad6a3488d63f88df2719b0788a2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Mar 2022 06:34:45 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
openid-configuration
frontend-user-app.iam.ca.rokerplus.com/.well-known/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.iam.ca.rokerplus.com/.well-known/openid-configuration
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/polyfills.4f2336345ddb12ff0038.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.40.67 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-40-67.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frontend-user-app.rokerplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 06:34:45 GMT
referrer-policy
no-referrer
content-security-policy
default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
content-type
application/json; charset=UTF-8
Primary Request error
frontend-user-app.iam.ca.rokerplus.com/home/
Redirect Chain
  • https://frontend-user-app.iam.ca.rokerplus.com/connect/authorize?client_id=d2318814-5869-4d09-ac0f-ee0fc0397c70&redirect_uri=https%3A%2F%2Ffrontend-user-app.rokerplus.com%2Fauth-callback&response_t...
  • https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLV...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Requested by
Host: frontend-user-app.rokerplus.com
URL: https://frontend-user-app.rokerplus.com/main.cf0d7aa25650632afde1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.40.67 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-40-67.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
a11f5466c7d35966aa4be6b495c64bda9a316fd07593096492febe1d5e59e713
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
Strict-Transport-Security max-age=3600 ;includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Mar 2022 06:34:46 GMT
content-type
text/html; charset=utf-8
referrer-policy
no-referrer
content-security-policy
default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
strict-transport-security
max-age=3600 ;includeSubDomains; preload

Redirect headers

date
Thu, 17 Mar 2022 06:34:45 GMT
content-length
0
location
https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
referrer-policy
no-referrer
content-security-policy
default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
css2
fonts.googleapis.com/ 		3 KB
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: frontend-user-app.iam.ca.rokerplus.com
URL: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38b43a92ed65440109eedcfa1c26295954ca51f1b32ed3329730df8de08ff85c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 05:42:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 06:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 06:34:46 GMT
screen.min.css
frontend-user-app.iam.ca.rokerplus.com/css/ 		253 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-user-app.iam.ca.rokerplus.com/css/screen.min.css
Requested by
Host: frontend-user-app.iam.ca.rokerplus.com
URL: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.40.67 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-40-67.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
780b46d503fe65e5ff7eef1d3f2768bfbbfb5795b0a75a28cb7435b98af733b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:46 GMT
content-encoding
br
referrer-policy
no-referrer
last-modified
Wed, 09 Feb 2022 14:31:06 GMT
etag
"1d81dc1ac0cc274"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
content-security-policy
default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
accept-ranges
bytes
logo-white.svg
frontend-user-app.iam.ca.rokerplus.com/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frontend-user-app.iam.ca.rokerplus.com/assets/images/logo-white.svg
Requested by
Host: frontend-user-app.iam.ca.rokerplus.com
URL: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.40.67 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-40-67.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
6f0dd978b7f6b4c8bddb774dab89b178121ee3d28a930936f5f8fda8b9c88a43
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:46 GMT
referrer-policy
no-referrer
last-modified
Wed, 09 Feb 2022 14:31:06 GMT
etag
"1d81dc1ac0f378b"
content-type
image/svg+xml
cache-control
public,max-age=86400
content-security-policy
default-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;script-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;style-src 'self' 'unsafe-inline' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;img-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com;font-src 'self' www.gravatar.com fonts.googleapis.com fonts.gstatic.com code.jquery.com cdn.jsdelivr.net ajax.aspnetcdn.com stackpath.bootstrapcdn.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io static.intercomassets.com
accept-ranges
bytes
content-length
1675
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: frontend-user-app.iam.ca.rokerplus.com
URL: https://frontend-user-app.iam.ca.rokerplus.com/home/error?errorId=CfDJ8IwLNHOMxyFLn5aDnRrhUVW00XWEHD4fS7vytUTKn9Gcwk3xDymY4TOOFx_1aGhlcPW2JyIFbXxqlQvaJ4pFSJe-r5WU3hqAF0nt9V4LVSm_8mZxrO9vcTuliDYnsLVjbLAUGM0BSxhvnDQkGu1DocQjwwcKgp9wWTEU8Qr4wp3E3EUYqXlpYhhZmgqeNCx8I-qcnv2sRa3E3J4IS_SpuJuZs0FSD5VXfTXibUwco1iocglW5YAMuiIXPx7EOyyQ9FWxIRunqxReIw3PL4USwmg0xFwyqor30qKoRMuqVfHLr7HF75YkLYNRNHbSzEnc4XR_Wjvc8HaPcpPCUi2Xymo9WYtOHUZDci4Kb1HK8yBmex6lsBZEw3XhMtxnaA3E-A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:34:46 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e4a"
vary
Accept-Encoding
x-hw
1647498886.dop011.fr8.t,1647498886.cds237.fr8.hn,1647498886.cds130.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frontend-user-app.iam.ca.rokerplus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
39856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frontend-user-app.iam.ca.rokerplus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options
nosniff
age
39855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:31 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/x9838hmm
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93d2b20c1c3c85715da3880622c6ba09e33fa7b5480dd1d946c8ea90db43a8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 06:32:22 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 15:52:05 GMT
server
AmazonS3
age
145
etag
"2c9940ea5d78d2a79d7cb172218cdf46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6086
x-amz-cf-id
NCqWRYsWexVGubmrLDL0ZPPw4p8BDrIbYX6Sm9nDMuyADpGWmTGUsg==

Redirect headers

date
Thu, 10 Mar 2022 14:32:00 GMT
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
server
AmazonS3
age
576167
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
eP0mhi2sB85is8V_OXV2eR8z2fKQQKoxgBEGN6cJYoY-ZUc0jFVWDg==
frame-modern.e17106a4.js
js.intercomcdn.com/ Frame 0CF3 		299 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e17106a4.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x9838hmm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fd513cb87c1edba562bb984fa4a9b4d7558c4587b66ad626a09af7d28bc1b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 05:52:18 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 15:50:55 GMT
server
AmazonS3
age
2548
etag
"460bd0fd57f9dd3855732952b41154fe"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
81637
x-amz-cf-id
Qmmdh-R7_eM3S6EEm6nQUDo2sQrh3SPw1jILbMGPkYU1Bwbmi_MHJw==
vendor-modern.c8d75f61.js
js.intercomcdn.com/ Frame 0CF3 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.c8d75f61.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x9838hmm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64b33d2bce2b547cbe611c20e06c57f505d659cab83fed932955447d30aca592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 04:37:52 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 14:36:28 GMT
server
AmazonS3
age
7015
etag
"c3eb33b0cce01528a298748d72233c50"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39569
x-amz-cf-id
RXUWcz8D8YYhn9XFdkOZXACNKYdjeXSArmyR9bgCUp1fvHWYkCapCA==
ping
api-iam.intercom.io/messenger/web/ Frame 0CF3 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e17106a4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ab6404d3d6561323ba39b662e33415254ad32bc45866f6d1f2b248f1674f4a72
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 17 Mar 2022 06:34:47 GMT
content-encoding
gzip
x-ami-version
ami-07d4f00940b5d1b3b
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0008s6qrr80shrge4pf0
x-runtime
0.268447
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"ab6404d3d6561323ba39b662e3341525"
x-ratelimit-remaining
13332
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://frontend-user-app.iam.ca.rokerplus.com
x-intercom-version
70a855b596b3c9377ef32451e053603ccd0d62f5
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1647498890
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored undefined| $ function| jQuery string| APP_ID object| intercomSettings function| Intercom function| __intercomAssignLocation

5 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 6476f189-c579-47fa-8eb5-0ea82baaa96dd8304e
.frontend-user-app.rokerplus.com/ Name: __stripe_mid
Value: 37dc2ff3-2272-43fd-83f6-52c27d96ed8d9ea59f
.frontend-user-app.rokerplus.com/ Name: __stripe_sid
Value: 16809907-255d-42a7-91aa-c859f11c76d0cfdb9a
.rokerplus.com/ Name: intercom-id-x9838hmm
Value: 618348c0-4c77-4a1c-97d0-327d7735ae0d
.rokerplus.com/ Name: intercom-session-x9838hmm
Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
frontend-user-app.iam.ca.rokerplus.com
frontend-user-app.rokerplus.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
widget.intercom.io
108.157.4.79
143.204.98.7
151.101.64.176
2001:4de0:ac18::1:a:3a
2600:9000:2156:3c00:12:609a:dc80:93a1
2600:9000:2156:aa00:19:7d10:bd80:93a1
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
52.60.40.67
54.187.119.242
54.200.96.253
99.83.219.81
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0fd513cb87c1edba562bb984fa4a9b4d7558c4587b66ad626a09af7d28bc1b54
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
213bb78be8614c70838174533c3713cccf66219b023a2c052fe03c36f47a5465
371753289847e8c58ee463d8239cf721dc851005cf36e72f2c77729fcd809925
38b43a92ed65440109eedcfa1c26295954ca51f1b32ed3329730df8de08ff85c
5cc6b41ebee1756201c582d968e9cf98e4f2e243ad7a66c4f1e1ed270e39c4b8
64b33d2bce2b547cbe611c20e06c57f505d659cab83fed932955447d30aca592
6f0dd978b7f6b4c8bddb774dab89b178121ee3d28a930936f5f8fda8b9c88a43
780b46d503fe65e5ff7eef1d3f2768bfbbfb5795b0a75a28cb7435b98af733b0
7f8cf99745bf458dbb848e51bf5ce441a371cbb2d9c3d3a082ce985818f1a3e3
880a39dc65ccd980bb4c21284a6602676d73a1bb3cbae74280941edf25dcd1f7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93d2b20c1c3c85715da3880622c6ba09e33fa7b5480dd1d946c8ea90db43a8e5
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9fc2c4c241c22232230cc94ba6a9e4382210bb7e5331f13670ce86ec0251d7f4
a11f5466c7d35966aa4be6b495c64bda9a316fd07593096492febe1d5e59e713
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
aac8b6514fb971791c62f2379b14bf2c27de24e7675ab723179ba0751fc64230
ab6404d3d6561323ba39b662e33415254ad32bc45866f6d1f2b248f1674f4a72
afb40334fd3bfc28fa741c0f3cdfb71394fdcc772ece2c43b48518b4a7742d03
b10144ad683b2f01095a83bc7f45db4546cea10972cd42f2e0d566f83c240f4d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cba6429a99c2a0dff51681fe1c9bb20790bad6a3488d63f88df2719b0788a2c8
d55e9129ae3661dc6464533c7b381bc1954d3098382e9b0dbe5f4c5170220a48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
fd377ca3d778db939e89517ba76cc2d38e619d0c09e5031ba4343266c2c175db