urlscan.io logo urlscan.io
SecurityTrails logo

frusiya-ticketing.paas5.v2.sa Open in urlscan Pro
185.230.211.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://frusiya-ticketing.paas5.v2.sa/
Effective URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 10 HTTP transactions. The main IP is 185.230.211.221, located in Saudi Arabia and belongs to CLOUDSIGMA-AS, CH. The main domain is frusiya-ticketing.paas5.v2.sa.
TLS certificate: Issued by (STAGING) Artificial Apricot R3 on August 30th 2022. Valid for: 3 months.
This is the only time frusiya-ticketing.paas5.v2.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 185.230.211.221 50837 (CLOUDSIGM...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 51.210.32.132 16276 (OVH)
10 4
Apex Domain
Subdomains		 Transfer
8 v2.sa
frusiya-ticketing.paas5.v2.sa
117 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
169 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12331
89 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
30 KB
10 4
Domain Requested by
8 frusiya-ticketing.paas5.v2.sa 2 redirects frusiya-ticketing.paas5.v2.sa
2 cdnjs.cloudflare.com frusiya-ticketing.paas5.v2.sa
cdnjs.cloudflare.com
1 i.ibb.co frusiya-ticketing.paas5.v2.sa
1 code.jquery.com frusiya-ticketing.paas5.v2.sa
10 4

This site contains no links.

Subject Issuer Validity Valid
frusiya-ticketing.paas5.v2.sa
(STAGING) Artificial Apricot R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
ibb.co
R3		 2022-08-07 -
2022-11-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://frusiya-ticketing.paas5.v2.sa/panel/login
Frame ID: D6BCB9777CABCCB12B6FE09D74B8AA13
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JCSA

Page URL History Show full URLs

  1. https://frusiya-ticketing.paas5.v2.sa/ HTTP 302
    https://frusiya-ticketing.paas5.v2.sa/panel HTTP 302
    https://frusiya-ticketing.paas5.v2.sa/panel/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

40 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

403 kB
Transfer

561 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://frusiya-ticketing.paas5.v2.sa/ HTTP 302
    https://frusiya-ticketing.paas5.v2.sa/panel HTTP 302
    https://frusiya-ticketing.paas5.v2.sa/panel/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
frusiya-ticketing.paas5.v2.sa/panel/
Redirect Chain
  • https://frusiya-ticketing.paas5.v2.sa/
  • https://frusiya-ticketing.paas5.v2.sa/panel
  • https://frusiya-ticketing.paas5.v2.sa/panel/login
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
67990efbfeeecb9e4600b7a471038287c9e63daaee2b935772c877d86130bb00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Upgrade, close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 07:57:22 GMT
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, private
Connection
Upgrade, close
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 07:57:21 GMT
Location
https://frusiya-ticketing.paas5.v2.sa/panel/login
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2
loginstyle.css
frusiya-ticketing.paas5.v2.sa/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frusiya-ticketing.paas5.v2.sa/css/loginstyle.css?id=4f14f60c57b63d93b4fbe727db75e283
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
d03aa734da16bf7f8f6ce0d4544a0a16bb447f5dd93e1452ea455b401706a4b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://frusiya-ticketing.paas5.v2.sa/panel/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 07:57:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 14:58:32 GMT
Server
Apache
ETag
"3eba-5e685370a1600-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1871
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://frusiya-ticketing.paas5.v2.sa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 07:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1778950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17041
timing-allow-origin
*
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"623a082a-4291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzkzOsGt6jCC1KhdQYfH3fCRHDA3hJp16ev0NZmTEkuQaYy%2BHnp%2FY5oYPNpsNriKXn1XnpZg2emIyZSXMS0s0xTxCsTRK4me5gVg%2BYw6yiYdf%2Fk1tBn%2Fc4f89wZ%2Fu%2FDjU5pE4tsEdaORJiqVU%2FqivR0y"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
742bf9a999aa9055-FRA
expires
Sun, 20 Aug 2023 07:57:22 GMT
stylesheet.css
frusiya-ticketing.paas5.v2.sa/fonts/metropolis/ 		4 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/stylesheet.css
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
3a8299badbd6fb8adcf4110c6732102b42431328cbad8271d1d4404c7d4bca0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://frusiya-ticketing.paas5.v2.sa/panel/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 07:57:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 14:58:32 GMT
Server
Apache
ETag
"10b0-5e685370a1600-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
388
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://frusiya-ticketing.paas5.v2.sa/
Origin
https://frusiya-ticketing.paas5.v2.sa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 07:57:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1661846242.dop053.fr8.t,1661846242.cds166.fr8.hn,1661846242.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
logo.png
frusiya-ticketing.paas5.v2.sa/images/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frusiya-ticketing.paas5.v2.sa/images/logo.png
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/panel/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
f98fff639a3cbd06bc93fc40e7df8985c6976bc0b4e2642af07c1fc428a2dfd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://frusiya-ticketing.paas5.v2.sa/panel/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 07:57:23 GMT
Last-Modified
Thu, 18 Aug 2022 14:58:32 GMT
Server
Apache
ETag
"14a8b-5e685370a1600"
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
84619
equestrian-club-of-riyadh.jpg
i.ibb.co/mFPk6ct/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/mFPk6ct/equestrian-club-of-riyadh.jpg
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/css/loginstyle.css?id=4f14f60c57b63d93b4fbe727db75e283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172604.ip-51-210-32.eu
Software
nginx /
Resource Hash
8c91be72840550e7766b393b623c06c41b510e3be50a08b4d565a597b2eaf6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://frusiya-ticketing.paas5.v2.sa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 07:57:23 GMT
last-modified
Thu, 09 Jun 2022 15:18:17 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
90313
expires
Thu, 31 Dec 2037 23:55:55 GMT
Metropolis-Regular.woff2
frusiya-ticketing.paas5.v2.sa/fonts/metropolis/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/Metropolis-Regular.woff2
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
b300115964ed05e17da32b8aca4ac9807f631035ee08d98244837f14d54fb13b

Request headers

Referer
https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/stylesheet.css
Origin
https://frusiya-ticketing.paas5.v2.sa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 07:57:23 GMT
Last-Modified
Thu, 18 Aug 2022 14:58:32 GMT
Server
Apache
ETag
"32bc-5e685370a1600"
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Length
12988
Metropolis-Bold.woff2
frusiya-ticketing.paas5.v2.sa/fonts/metropolis/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/Metropolis-Bold.woff2
Requested by
Host: frusiya-ticketing.paas5.v2.sa
URL: https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.230.211.221 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
Software
Apache /
Resource Hash
21ec6c0f0626f8168840001ff9c60855eef2da1775b41d900115ac77034c5f47

Request headers

Referer
https://frusiya-ticketing.paas5.v2.sa/fonts/metropolis/stylesheet.css
Origin
https://frusiya-ticketing.paas5.v2.sa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 07:57:23 GMT
Last-Modified
Thu, 18 Aug 2022 14:58:32 GMT
Server
Apache
ETag
"32d0-5e685370a1600"
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Length
13008
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d7854a5e060542337a731983a1f0c053e1d7412dd69b4ffdebc37e9028eeac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Origin
https://frusiya-ticketing.paas5.v2.sa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 07:57:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
558645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
154228
timing-allow-origin
*
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"623a082a-25a74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgh0eFJQoYg6En8t7x%2FTMUEW5r6ldFiB3q9v7ou1%2B3x%2BcWzEM%2FCH%2BdWbbyGd%2BGwTNUQGabM2YEaHQR7ozzqHjdZGLjzPK1p%2B10%2BYWACGxvPPxLTuBZ%2BswL3LoHMB%2BRvWXHR3ArzfBNdivas%2BLQiVwbxF"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
742bf9ab7b5d5c74-FRA
expires
Sun, 20 Aug 2023 07:57:23 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
frusiya-ticketing.paas5.v2.sa/ Name: XSRF-TOKEN
Value: eyJpdiI6Iko3b2ZUOVVOL2hlZDMxTldyUmlvYVE9PSIsInZhbHVlIjoiVlJZellmTXl0TU92a3lmUk5WR2J2ejZSVGJYMkh4a0gyVzduQjh0clZlSDY3bHdIeDBrUHFBNUNHRmpjSzcraUdSRGdWNStQZUVjS3FhQnpocktJRWRhdXFaSVQ5VTBZTlJZZHpMZHpCb1VzOXVqT3RGZHJEdDNzWEpDVk03V2kiLCJtYWMiOiJkMTdmMjc4MWUwMjQ3ZDY4MWEwZjZjZDBlNjY3ZjdkYWZjZWZlNDZkNjQyNTQ1ZjA5ODU0Y2NjYjkzNmI5YWVmIiwidGFnIjoiIn0%3D
frusiya-ticketing.paas5.v2.sa/ Name: jcsa_ticketing_system_session
Value: eyJpdiI6IjZMOVpxRGVEVUFYeFJncW1kZUZZcHc9PSIsInZhbHVlIjoiT2ZVb2c4ZUltaUd2NlQ5S28wdjZHdjJZcEVKYXZRUzJJSkFHN2J5TitKWlFMUmJvVURuekYyZ09YZVpXOCs0R0FHUkU4Sy9lTDBKZDcrOU1MeUMyZkc1SURsRmRia3M0dGZCdTZSNlFpeCsrZEVXZVdjVmF2UFFzQ3k4czZNblUiLCJtYWMiOiIzZTA0N2M0MmI4YjkzZWEzY2VhYTZlMDdjYmIyYTMxMmI3ZjgwM2Y0YzkyNzlhZmU3ZmVmYTViM2RiNTkxM2NiIiwidGFnIjoiIn0%3D