urlscan.io logo urlscan.io
SecurityTrails logo

ttu.secure.force.com Open in urlscan Pro
13.110.89.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNjI1IDcwMTJNMDAwMDAyRzk3SVFBUyBhMHkyTTAwMDAwNkNJaFlRQVcgMDAzM...
Effective URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Submission Tags: falconsandbox
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 13.110.89.100, located in United States and belongs to SALESFORCE, US. The main domain is ttu.secure.force.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 22nd 2021. Valid for: a year.
This is the only time ttu.secure.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.9.63.111 16509 (AMAZON-02)
7 13.110.89.100 14340 (SALESFORCE)
9 52.21.82.185 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
21 5
1    65.9.63.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-111.fra56.r.cloudfront.net
api.targetx.com
7    13.110.89.100 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl10-ncg0-phx3.na96-ph2.force.com
ttu.secure.force.com
9    52.21.82.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-82-185.compute-1.amazonaws.com
ttu.tfaforms.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 tfaforms.net
ttu.tfaforms.net
105 KB
7 force.com
ttu.secure.force.com
134 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181
7 KB
1 targetx.com
api.targetx.com — Cisco Umbrella Rank: 128208
382 B
21 6
Domain Requested by
9 ttu.tfaforms.net ttu.secure.force.com
ttu.tfaforms.net
7 ttu.secure.force.com ttu.secure.force.com
3 fonts.googleapis.com ttu.tfaforms.net
1 fonts.gstatic.com fonts.googleapis.com
1 stackpath.bootstrapcdn.com ttu.tfaforms.net
1 api.targetx.com 1 redirects
21 6

This site contains no links.

Subject Issuer Validity Valid
*.na96.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.tfaforms.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Frame ID: 26BE252F9D8B7D79C27B319C68E5B387
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNjI1IDcwMTJNMDAwMDAyRzk3SVFBUyBhMHkyTTAwM... HTTP 302
    https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

281 kB
Transfer

864 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNjI1IDcwMTJNMDAwMDAyRzk3SVFBUyBhMHkyTTAwMDAwNkNJaFlRQVcgMDAzMk0wMDAwM092ak5LUUFa&link=https%3A%2F%2Fttu.secure.force.com%2Fform%2F%3Fformid%3D217910%26Id%3D0032M00003OvjNKQAZ&tlink=aHR0cHM6Ly90dHUuc2VjdXJlLmZvcmNlLmNvbS9mb3JtLz9mb3JtaWQ9MjE3OTEwJklkPXt7Q29udGFjdC1JZH19 HTTP 302
    https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ttu.secure.force.com/form/
Redirect Chain
  • https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNjI1IDcwMTJNMDAwMDAyRzk3SVFBUyBhMHkyTTAwMDAwNkNJaFlRQVcgMDAzMk0wMDAwM092ak5LUUFa&link=https%3A%2F%2Fttu.secure.force.com%2Fform%2F%3Fformi...
  • https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
5ca8231aacc693ac9c668bc5ee9af452f5dbf4674e215a3fa1504ddead882891
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 02 Mar 2022 18:22:20 GMT
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Security-Policy
upgrade-insecure-requests
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-Powered-By
Salesforce.com ApexPages
P3P
CP="CUR OTR STA"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
origin-trial
AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

content-type
application/json
content-length
2
location
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
date
Wed, 02 Mar 2022 18:22:18 GMT
x-amzn-requestid
6392520a-8c89-48fe-b2c0-3b12d416bf03
x-amz-apigw-id
OXlaPFOyIAMF0cA=
x-amzn-trace-id
Root=1-621fb5da-35258dfc189b4a46659ff45d;Sampled=0
x-cache
Miss from cloudfront
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
1s5WDeweUQfXN-6VidQmCQBCUu_8J7SZtmRq37EQL20vjQVyFfr_lw==
stub.js
ttu.secure.force.com/form/static/111213/js/perf/ 		1 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/static/111213/js/perf/stub.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 06:08:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Dec 2014 19:28:42 GMT
Age
476034
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Strict-Transport-Security
max-age=63072004; includeSubDomains
Accept-Ranges
bytes
Content-Length
618
Expires
Sat, 25 Jun 2022 06:08:28 GMT
NetworkTracking.js
ttu.secure.force.com/form/jslibrary/1635874030236/sfdc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/jslibrary/1635874030236/sfdc/NetworkTracking.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
42dd8dc296f0639d42d5bfbed2b46955b3eee445c257b25e624dd812fdba4f7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 06:08:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Feb 2022 21:31:14 GMT
Age
476034
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Strict-Transport-Security
max-age=63072004; includeSubDomains
Accept-Ranges
bytes
Content-Length
1546
Expires
Sat, 25 Jun 2022 06:08:28 GMT
jquery.min.3.0.0.js
ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/jquery.min.3.0.0.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 06:57:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jan 2022 01:04:18 GMT
Age
473083
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
application/x-javascript
Content-Length
30043
Expires
Mon, 11 Apr 2022 06:57:39 GMT
jquery-ui.min.1.12.0.js
ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/ 		247 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/jquery-ui.min.1.12.0.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 06:24:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jan 2022 01:04:18 GMT
Age
475061
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
application/x-javascript
Content-Length
67970
Expires
Mon, 11 Apr 2022 06:24:41 GMT
wforms-layout.css
ttu.tfaforms.net/dist/form-builder/5.0.0/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/dist/form-builder/5.0.0/wforms-layout.css?v=d741ce5a42c16357bb50af6b5825ec8aaf7537fb
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
abeedae8f57eb3684fb54f5923efc69c4c900fc4a6850f9183a4f4723d34ac93
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:25:34 GMT
server
nginx
etag
W/"621e3aee-7677"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
text/css
x-fa-app
20-110
theme-35.css
ttu.tfaforms.net/uploads/themes/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/uploads/themes/theme-35.css
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9e0637c1d942d8c8e919856ca3d66a477b4c9c60227ad86d5d11c6df1d021b0f
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:21:24 GMT
server
nginx
etag
W/"6144b274-28eb"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
text/css
x-fa-app
20-72
wforms.js
ttu.tfaforms.net/wForms/3.11/js/ 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/wForms/3.11/js/wforms.js?v=d741ce5a42c16357bb50af6b5825ec8aaf7537fb
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c924e4d5c75051b47649ba7b88f37f25029abcd64589cd28816325ad1a588c02
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:35:11 GMT
server
nginx
etag
W/"621e3d2f-33548"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
application/javascript; charset=utf-8
x-fa-app
20-34
kalendae.css
ttu.tfaforms.net/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/css/kalendae.css
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f5f0b0856b1c58a3f1bf8be1170222e4675aab6c46462e2139a9500b06fcd447
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:14:52 GMT
server
nginx
etag
W/"621e386c-1a19"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
text/css
x-fa-app
20-110
kalendae.standalone.min.js
ttu.tfaforms.net/js/kalendae/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/js/kalendae/kalendae.standalone.min.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
aedac53b8f8bbe11707c84b588d36a4e1163a9fa76e0d65272bf6c8b31e5b612
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:14:52 GMT
server
nginx
etag
W/"621e386c-8aa4"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
application/javascript; charset=utf-8
x-fa-app
20-72
wforms_calendar.js
ttu.tfaforms.net/wForms/3.11/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/wForms/3.11/js/wforms_calendar.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7db985a5a5966902cdf0779684abffbf54fbd980676f913c88257cefa2a32e43
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:14:52 GMT
server
nginx
etag
W/"621e386c-e15"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
application/javascript; charset=utf-8
x-fa-app
20-34
localization-en_US.js
ttu.tfaforms.net/wForms/3.11/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/wForms/3.11/js/localization-en_US.js?v=d741ce5a42c16357bb50af6b5825ec8aaf7537fb
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ce6098e1afbd9b04a3051d80e7ed6951ce80e59330bc66f74df78a71b2705a2c
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:14:52 GMT
server
nginx
etag
W/"621e386c-1989"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
application/javascript; charset=utf-8
x-fa-app
20-34
connection.js
ttu.secure.force.com/soap/ajax/23.0/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/soap/ajax/23.0/connection.js
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
0ed3a0bfcf00830e533e021061ceb450286ec359529a3fc84a7839fc4a65ca40
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 06:24:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2017 01:10:04 GMT
Age
475061
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Strict-Transport-Security
max-age=63072004; includeSubDomains
Accept-Ranges
bytes
Content-Length
10467
Expires
Sat, 25 Jun 2022 06:24:41 GMT
jquery-ui.min.css
ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/themes.1.12.0/smoothness/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttu.secure.force.com/form/resource/1642727058000/TargetX_Eventsb__JSresources/themes.1.12.0/smoothness/jquery-ui.min.css
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.89.100 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-phx3.na96-ph2.force.com
Software
/
Resource Hash
6a4cfd71585b7f0362782265aaf92fa97fc65acf985677fc85e3e8c9826c4695
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 13:44:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jan 2022 01:04:18 GMT
Age
448684
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
text/css
Content-Length
7690
Expires
Mon, 11 Apr 2022 13:44:18 GMT
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arial:300,400,700
Requested by
Host: ttu.tfaforms.net
URL: https://ttu.tfaforms.net/uploads/themes/theme-35.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.tfaforms.net/uploads/themes/theme-35.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Requested by
Host: ttu.tfaforms.net
URL: https://ttu.tfaforms.net/uploads/themes/theme-35.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18d0f37f5940fa6d01878635a9818b06f322fef6898594c89e4bdf65cd24107a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.tfaforms.net/uploads/themes/theme-35.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 18:09:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Mar 2022 18:22:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Mar 2022 18:22:23 GMT
css
fonts.googleapis.com/ 		6 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700
Requested by
Host: ttu.tfaforms.net
URL: https://ttu.tfaforms.net/uploads/themes/theme-35.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39b1794c26a6b6606b1f284e1d15a13aa2cc87290e2d379c7713e0077920d6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.tfaforms.net/uploads/themes/theme-35.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 18:08:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Mar 2022 18:22:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Mar 2022 18:22:23 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ttu.tfaforms.net
URL: https://ttu.tfaforms.net/uploads/themes/theme-35.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.tfaforms.net/uploads/themes/theme-35.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
17336543
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4bf37714d98792a250965beae07efa0d
cf-ray
6e5c28537afef91f-MXP
cdn-requestcountrycode
IT
cdn-status
200
cdn-requestpullsuccess
True
wforms-jsonly.css
ttu.tfaforms.net/dist/form-builder/5.0.0/ 		755 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttu.tfaforms.net/dist/form-builder/5.0.0/wforms-jsonly.css?v=d741ce5a42c16357bb50af6b5825ec8aaf7537fb
Requested by
Host: ttu.secure.force.com
URL: https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.secure.force.com/form/?formid=217910&Id=0032M00003OvjNKQAZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 15:25:34 GMT
server
nginx
etag
W/"621e3aee-2f3"
strict-transport-security
max-age=10368001; includeSubDomains
content-type
text/css
x-fa-app
20-110
R36g0213YMaXcWb007vbVB6BbNEC6OxrC8sGwS1Dr91T42fEvdENjjjY8rdWhy4F-thumbnail_SurveyBanner-01.png
ttu.tfaforms.net/forms/get_image/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ttu.tfaforms.net/forms/get_image/2/R36g0213YMaXcWb007vbVB6BbNEC6OxrC8sGwS1Dr91T42fEvdENjjjY8rdWhy4F-thumbnail_SurveyBanner-01.png
Requested by
Host: ttu.tfaforms.net
URL: https://ttu.tfaforms.net/uploads/themes/theme-35.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-82-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
027bfd95ba45f676baf39e51c09064913c62d189b1415031b7969a92c75cbb35
Security Headers
Name Value
Strict-Transport-Security max-age=10368001; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ttu.tfaforms.net/uploads/themes/theme-35.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:22:23 GMT
last-modified
Mon, 09 Dec 2019 20:25:08 GMT
server
nginx
etag
"067745cafc4da2e7fc48398112d9df87"
strict-transport-security
max-age=10368001; includeSubDomains
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
max-age=315360000
x-fa-app
20-110
content-type
image/png
expires
Sat, 28 Feb 2032 18:22:23 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v22/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ttu.secure.force.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 02:25:35 GMT
x-content-type-options
nosniff
age
575808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:13:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 24 Feb 2023 02:25:35 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| PerfConstants object| PerfLogLevel object| Perf object| NetworkTracking object| UITheme function| $ function| jQuery function| getUrlVars function| preventEnterSubmission object| params undefined| newStyle undefined| hideSupportInfoStyle undefined| hideCaptchaActionsStyle function| sizeiFrame object| NREUM object| newrelic function| __nr_require object| base2 boolean| loadIE object| _b function| _i object| StopIteration object| wFORMS function| Kalendae object| cfg object| wFormsNumericLocaleFormattingInfo object| UserContext object| sforce function| makeSchoolpicker function| verifyFieldMatch function| preventPaste function| addSubmitFunc number| fieldCounter undefined| base string| val number| outOfViewMonth

5 Cookies

Domain/Path Name / Value
ttu.secure.force.com/ Name: CookieConsentPolicy
Value: 0:1
ttu.secure.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.force.com/ Name: BrowserId
Value: svpS9ppVEeyyrEXaup5KSQ
.force.com/ Name: BrowserId_sec
Value: svpS9ppVEeyyrEXaup5KSQ
ttu.tfaforms.net/ Name: FORMASSEMBLY
Value: b825447f67b80b043d5c9c8cc147bfd7

1 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css?family=Arial:300,400,700
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072004; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.targetx.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
ttu.secure.force.com
ttu.tfaforms.net
13.110.89.100
2606:4700::6812:acf
2a00:1450:4001:80f::2003
2a00:1450:4001:831::200a
52.21.82.185
65.9.63.111
027bfd95ba45f676baf39e51c09064913c62d189b1415031b7969a92c75cbb35
0ed3a0bfcf00830e533e021061ceb450286ec359529a3fc84a7839fc4a65ca40
18d0f37f5940fa6d01878635a9818b06f322fef6898594c89e4bdf65cd24107a
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a
39b1794c26a6b6606b1f284e1d15a13aa2cc87290e2d379c7713e0077920d6d8
42dd8dc296f0639d42d5bfbed2b46955b3eee445c257b25e624dd812fdba4f7e
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
5ca8231aacc693ac9c668bc5ee9af452f5dbf4674e215a3fa1504ddead882891
6a4cfd71585b7f0362782265aaf92fa97fc65acf985677fc85e3e8c9826c4695
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7db985a5a5966902cdf0779684abffbf54fbd980676f913c88257cefa2a32e43
9e0637c1d942d8c8e919856ca3d66a477b4c9c60227ad86d5d11c6df1d021b0f
abeedae8f57eb3684fb54f5923efc69c4c900fc4a6850f9183a4f4723d34ac93
aedac53b8f8bbe11707c84b588d36a4e1163a9fa76e0d65272bf6c8b31e5b612
c924e4d5c75051b47649ba7b88f37f25029abcd64589cd28816325ad1a588c02
ce6098e1afbd9b04a3051d80e7ed6951ce80e59330bc66f74df78a71b2705a2c
f5f0b0856b1c58a3f1bf8be1170222e4675aab6c46462e2139a9500b06fcd447