urlscan.io logo urlscan.io
SecurityTrails logo

ext.ascendion.com Open in urlscan Pro
20.127.11.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fext.Ascendion.com%2fconect%2flogin&umid=c2666a02-d191-4...
Effective URL: https://ext.ascendion.com/conect/login
Submission: On October 05 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 11 domains to perform 41 HTTP transactions. The main IP is 20.127.11.192, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ext.ascendion.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 24th 2024. Valid for: a year.
This is the only time ext.ascendion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.245.116.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-116-215.us-west-2.compute.amazonaws.com
ddec1-0-en-ctp.trendmicro.com
10    20.127.11.192 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ext.ascendion.com
apps.ascendion.com
2    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:28b2:ac00:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.refiner.io
3    142.250.80.46 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f14.1e100.net
www.google-analytics.com
1    142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
2    172.217.165.138 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f10.1e100.net
maps.googleapis.com
firebaseremoteconfig.googleapis.com
1    2600:9000:28b2:7000:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.refiner.io
2    54.77.141.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-141-56.eu-west-1.compute.amazonaws.com
api.refiner.io
2    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)
firebaseremoteconfig.googleapis.com
Apex Domain
Subdomains		 Transfer
10 ascendion.com
ext.ascendion.com
apps.ascendion.com
2 MB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
maps.googleapis.com — Cisco Umbrella Rank: 445
ajax.googleapis.com — Cisco Umbrella Rank: 412
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 617
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 558
147 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
4 refiner.io
js.refiner.io — Cisco Umbrella Rank: 44442
api.refiner.io — Cisco Umbrella Rank: 22186
23 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
55 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
264 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
8 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
37 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
32 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
8 KB
1 trendmicro.com
ddec1-0-en-ctp.trendmicro.com
210 B
41 11
Domain Requested by
8 ext.ascendion.com ext.ascendion.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ext.ascendion.com
4 unpkg.com 2 redirects ext.ascendion.com
3 www.googletagmanager.com ext.ascendion.com
www.googletagmanager.com
www.google-analytics.com
2 firebaseremoteconfig.googleapis.com ext.ascendion.com
2 firebaseinstallations.googleapis.com ext.ascendion.com
2 api.refiner.io js.refiner.io
2 apps.ascendion.com ext.ascendion.com
2 js.refiner.io ext.ascendion.com
js.refiner.io
2 maps.googleapis.com ext.ascendion.com
maps.googleapis.com
2 cdnjs.cloudflare.com ext.ascendion.com
2 maxcdn.bootstrapcdn.com ext.ascendion.com
2 fonts.googleapis.com ext.ascendion.com
1 ajax.googleapis.com ext.ascendion.com
1 code.jquery.com ext.ascendion.com
1 use.fontawesome.com ext.ascendion.com
1 ddec1-0-en-ctp.trendmicro.com 1 redirects
41 17

This site contains no links.

Subject Issuer Validity Valid
*.ascendion.com
Go Daddy Secure Certificate Authority - G2		 2024-06-24 -
2025-06-24		 a year crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
js.refiner.io
Amazon RSA 2048 M03		 2024-08-26 -
2025-09-24		 a year crt.sh
api.refiner.io
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ext.ascendion.com/conect/login
Frame ID: F66328B5AE2E54627E7E337298CEC8F2
Requests: 40 HTTP requests in this frame

Frame: https://js.refiner.io/v001/render/index.html
Frame ID: 4F1AEB2BEBB122820C29CB1B8704E31F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ascendion - CONECT

Page URL History Show full URLs

  1. https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fext.Ascendion.com%2fconect%2flogin&... HTTP 302
    https://ext.ascendion.com/conect/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

20
IPs

3
Countries

3098 kB
Transfer

9113 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fext.Ascendion.com%2fconect%2flogin&umid=c2666a02-d191-49a3-88ad-aca64c9566a6&auth=764ac1ebf8525e86559591b5649e04916e63728b-ed94575fb9b6280bb72a7abdddb9cc970de5ef93 HTTP 302
    https://ext.ascendion.com/conect/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://unpkg.com/react@17/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@17.0.2/umd/react.production.min.js
Request Chain 12
  • https://unpkg.com/react-dom@17/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ext.ascendion.com/conect/
Redirect Chain
  • https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fext.Ascendion.com%2fconect%2flogin&umid=c2666a02-d191-49a3-88ad-aca64c9566a6&auth=764ac1ebf8525e86559591b5649e04916e63...
  • https://ext.ascendion.com/conect/login
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e05caf4536233cdb2dd6e90a37eb506bb9220c87235ca1f7fa66a965241564a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2086
content-type
text/html
date
Sat, 05 Oct 2024 04:29:42 GMT
etag
"08bdab5bb14db1:0"
last-modified
Wed, 02 Oct 2024 11:10:38 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 05 Oct 2024 04:29:41 GMT
location
https://ext.Ascendion.com/conect/login
server
istio-envoy
x-envoy-decorator-operation
ctp-web-service.ctp.svc.cluster.local:8080/*
x-envoy-upstream-service-time
16
css2
fonts.googleapis.com/ 		4 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 04:29:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 05 Oct 2024 03:49:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ec3bb52a00e176a7181d454dffaea219"
age
15222407
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 04:29:42 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/31/2023 19:15:06
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c83fee2ffb8cb55535eaeb2520d7c34a
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cdaac1638a336c8-YYZ
access-control-allow-origin
*
cdn-edgestorageid
940
server
cloudflare
cdn-requestcountrycode
US
js
www.googletagmanager.com/gtag/ 		215 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218227874-1
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3288e7dba58425a4406a900e50351cf5bcc5baaeb5cd9afce799e51d188edc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 05 Oct 2024 04:29:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 05 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78848
x-xss-protection
0
server
Google Tag Manager
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
147263
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yw6aRvtEcKim5%2BgDi1bJDkvfjYbEW9r0pZqyx3t0ZUepG323tY8jKaqzv26mVRQ%2FbHjdXkeUACkIavP78s4uAIyKIWOwEU03MVdT8qY7DJi73pT3OBdorFWOrCbHdx%2FTcTo6%2Fwcy"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 04:29:42 GMT
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cdaac161c8ea1ec-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
all.css
use.fontawesome.com/releases/v5.0.8/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.8/css/all.css
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"265a36ec650d63e307e611cdf14d9b89"
age
127402
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybb2ZYslaHHdgvOGav3sb9s1kUExsWWH0ySQiIjFmJCB0mHE7hkAOG1QgO6RunoDxCvOnFyIOHJKtRpG4gh199z%2BlsOiily3rkRLKdO2oHSPhK2Ii7XgXL2d5UH7DPm6r0ODP5rmDNV6nbIy8I72kaKx"}],"group":"cf-nel","max_age":604800}
cf-ray
8cdaac163f58a31a-YUL
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:11 GMT
vary
Accept-Encoding
server
cloudflare
2.9e04a704.chunk.css
ext.ascendion.com/static/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/css/2.9e04a704.chunk.css
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
be7c63eaffeed29c95325c5899654dd81fee7f69834909eb5f7c7d154dd8c76d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

content-encoding
gzip
etag
"e35a1db6bb14db1:0"
accept-ranges
bytes
content-length
7798
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/css
last-modified
Wed, 02 Oct 2024 11:10:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
main.6cd073bb.chunk.css
ext.ascendion.com/static/css/ 		302 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/css/main.6cd073bb.chunk.css
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
561afbcdbed2354f3a4e596005a5f7aaed843e472aca0137d18059b829e30432

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

content-encoding
gzip
etag
"d01f22b6bb14db1:0"
accept-ranges
bytes
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/css
last-modified
Wed, 02 Oct 2024 11:10:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
2.0a9ad58a.chunk.js
ext.ascendion.com/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4639faae9772b9ff4791f6c849788a1ae21678e9a433ef707401ea21430ce4f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

content-encoding
gzip
etag
"f9537b6bb14db1:0"
accept-ranges
bytes
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 11:10:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
main.9f699ca7.chunk.js
ext.ascendion.com/static/js/ 		2 MB
629 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/js/main.9f699ca7.chunk.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2920c6afb477b1845e4f66db2b0d2b3b0b74de71a128d963b8e566fb7e356302

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

content-encoding
gzip
etag
"d63073b6bb14db1:0"
accept-ranges
bytes
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 11:10:39 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
js
maps.googleapis.com/maps/api/ 		348 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDsdICoMVOKlqd4bLCLIl802vhNJpNAm4Q&libraries=geometry,places,visualization
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1b6583408e119ec73330e97280f0eb2aa5dc6025fba19f3c0b1f4a8831db2ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cache-control
public, max-age=1800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114895
date
Sat, 05 Oct 2024 04:29:42 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-169d5"
age
5782293
x-cache
HIT, HIT
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
1254488, 1696954
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21966-LGA, cache-yul1970035-YUL
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1728102583.753845,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
32772
server
nginx
react.production.min.js
unpkg.com/react@17.0.2/umd/
Redirect Chain
  • https://unpkg.com/react@17/umd/react.production.min.js
  • https://unpkg.com/react@17.0.2/umd/react.production.min.js
11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@17.0.2/umd/react.production.min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"2cb0-bAUYnMLQi7KnYJwALwZ1ycZw02I"
age
5484544
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4A0JHYBEJWMJS8D5TZVBG25-yul
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8cdaac166f81a2fe-YUL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/react@17.0.2/umd/react.production.min.js
content-encoding
br
cf-cache-status
HIT
age
366
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8cdaac163f63a2fe-YUL
access-control-allow-origin
*
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J9DEPCPG7HHJD1Y8TVMJCN09-yul
server
cloudflare
react-dom.production.min.js
unpkg.com/react-dom@17.0.2/umd/
Redirect Chain
  • https://unpkg.com/react-dom@17/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js
118 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1d709-vwi4rRrXPBKnycshGSbOI6hh2wc"
age
5480858
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4A431NPJ3J2ZZY1ZF0ACMX4-yul
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8cdaac166f83a2fe-YUL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/react-dom@17.0.2/umd/react-dom.production.min.js
content-encoding
br
cf-cache-status
HIT
age
366
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8cdaac163f66a2fe-YUL
access-control-allow-origin
*
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J9DEPCPGGC4HAM50MRRWNBAA-yul
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
age
8116
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 02:14:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 02:14:26 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
age
13699570
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 04:29:42 GMT
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/31/2023 18:52:14
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e9faa5c5b41167eac60a7bde6d7f6a19
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cdaac1638a136c8-YYZ
access-control-allow-origin
*
cdn-edgestorageid
876
server
cloudflare
cdn-requestcountrycode
US
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.0/jquery.matchHeight-min.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf1f6eb3722c5ed6cbeed9f61ac7b00d24c4b3198c89348e7684a2982536abf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec3-d20"
age
144603
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhskPHd0ToUvwFIzjDKUmRpNrosNYDJYs8pfthSaQMUb1Wrr81rk0fT7er9Rr%2F5zMeVtGzIxVVpvL%2BTbiV4Ok%2FH85jU1xripo5DiBMTrs0eTI4MCj43z4K5TNW4iBafOQQWpqwKb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 04:29:42 GMT
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cdaac161c90a1ec-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1193
server
cloudflare
script.js
ext.ascendion.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/js/script.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

content-length
1245
date
Sat, 05 Oct 2024 04:29:42 GMT
content-type
text/html
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
js
www.googletagmanager.com/gtag/ 		263 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z17PNPWHV7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218227874-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9eee6c075b99175bda5170a614f22479d380272632604fc886cfe6bd0355779c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 05 Oct 2024 04:29:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94288
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218227874-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
age
4087
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 05:21:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 03:21:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z17PNPWHV7&gtm=45je4a20v9125234961za200&_p=1728102582828&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1039880121.1728102583&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1728102583&sct=1&seg=0&dl=https%3A%2F%2Fext.ascendion.com%2Fconect%2Flogin&dt=Ascendion%20-%20CONECT&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1600
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z17PNPWHV7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ext.ascendion.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:43 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2029442798&t=pageview&_s=1&dl=https%3A%2F%2Fext.ascendion.com%2Fconect%2Flogin&ul=en-ca&de=UTF-8&dt=Ascendion%20-%20CONECT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=492120496&gjid=137112027&cid=1039880121.1728102583&tid=UA-218227874-1&_gid=843218343.1728102583&_r=1&gtm=457e4a20za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101403289~101533421~101671035~101747727&jsscut=1&z=287831250
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ext.ascendion.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://ext.ascendion.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/css/main.6cd073bb.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 04:29:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:43 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 05 Oct 2024 03:38:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
client.js
js.refiner.io/v001/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.refiner.io/v001/client.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28b2:ac00:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b4e748789853d6abae76f98f8e1680b6a4dead5bc9d96dba9d4f9aa0577eece

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
x-amz-version-id
5aCZy_zAMB7zB1E7xqgg6Qle38ejc18g
etag
"0d1b437c6385ad3ae4798ecc00f0eefa"
age
695
via
1.1 06b7f1d77ee52f2e46654588c01fafb0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
21123
x-amz-cf-id
CNCEmfoH571kTQ7lBphu1GcbGLqT9Fh5K7THKMwTNxhKpHT6fum1Pg==
date
Sat, 05 Oct 2024 04:18:24 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 07:59:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
gzip
age
4087
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 05:21:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 03:21:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
truncated
/ 		631 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5a785d5334073aacf1e11942885a5cccdd0621235f528eeb0e75768070eaa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Roboto-Regular.a2580627.woff2
ext.ascendion.com/static/media/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/media/Roboto-Regular.a2580627.woff2
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/css/main.6cd073bb.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ext.ascendion.com
Referer
https://ext.ascendion.com/static/css/main.6cd073bb.chunk.css

Response headers

etag
"5295d4b8bb14db1:0"
accept-ranges
bytes
content-length
65916
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 11:10:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2029442798&t=pageview&_s=1&dl=https%3A%2F%2Fext.ascendion.com%2Fconect%2Flogin&dp=%2Fconect%2Flogin&ul=en-ca&de=UTF-8&dt=Ascendion%20-%20CONECT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=102553301&gjid=1553850117&cid=1039880121.1728102583&tid=UA-218473698-1&_gid=843218343.1728102583&_r=1&_slc=1&z=983205799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e1a19cffdec4b5e4a97e929abfcae90d0daa38326dff2705572b83e71f70ce8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ext.ascendion.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://ext.ascendion.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecb09b33dd1032b7009f361b485e5248023590fa2a8dbdc751b06ca9557667de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61c367328e80e30365573a07e3063a13211cb8d264da98f99c3a30c5c366e93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
GetDefaultBanner
apps.ascendion.com/cwa/api/Banner/ 		442 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps.ascendion.com/cwa/api/Banner/GetDefaultBanner
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9d143077c69f105bf9f70c27832a5a4a2fd77a1929d7db42fe66897df17aed1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ext.ascendion.com/

Response headers

access-control-allow-origin
https://ext.ascendion.com
content-length
442
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
application/json; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
access-control-allow-credentials
true
MaintenanceStatus
apps.ascendion.com/cwa/api/ 		321 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps.ascendion.com/cwa/api/MaintenanceStatus
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bd8bec724a3355ea818ba26d89cdef2aaff3eff8ef3b6e36b46312ce189ba025

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ext.ascendion.com/

Response headers

access-control-allow-origin
https://ext.ascendion.com
content-length
321
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
application/json; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
access-control-allow-credentials
true
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2029442798&t=event&_s=2&dl=https%3A%2F%2Fext.ascendion.com%2Fconect%2Flogin&ul=en-ca&de=UTF-8&dt=Ascendion%20-%20CONECT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Index&ea=WEB-OPENED&el=First-PAGE&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1039880121.1728102583&tid=UA-218473698-1&_gid=843218343.1728102583&z=1318448856
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/conect/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

age
57234
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 12:35:53 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XZFYHENNF3&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b955e9c76fc97abca6ba79b63177e34ca1055d86b0ef116acc7f9567f17458d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 05 Oct 2024 04:29:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96193
x-xss-protection
0
server
Google Tag Manager
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDsdICoMVOKlqd4bLCLIl802vhNJpNAm4Q&libraries=geometry,places,visualization
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://ext.ascendion.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Sat, 05 Oct 2024 04:29:47 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
index.html
js.refiner.io/v001/render/ Frame 4F1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.refiner.io/v001/render/index.html
Requested by
Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28b2:7000:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://ext.ascendion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
315
content-encoding
gzip
content-length
304
content-type
text/html; charset=utf-8
date
Sat, 05 Oct 2024 04:24:33 GMT
etag
"2df95c25a91b40d8c5c6c2b1f48b0bc5"
last-modified
Thu, 26 Sep 2024 14:58:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fc34781ab7aa403dba42cfccdb88981a.cloudfront.net (CloudFront)
x-amz-cf-id
XOxwf2tyWRZpmeES1wiJN-XrAl4JKoXmGECdySPXIEdSrxPt7dcdTg==
x-amz-cf-pop
JFK52-P8
x-amz-version-id
aDX_bD8vn7xGN8SH1gIUvYMLs6PlKmUf
x-cache
Hit from cloudfront
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XZFYHENNF3&gtm=45je4a20v9125185867za200&_p=1728102582828&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101529665~101671035~101747727&ul=en-ca&sr=1600x1200&cid=1039880121.1728102583&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fext.ascendion.com%2Fconect%2Flogin&dp=%2Fconect%2Flogin&dt=Ascendion%20-%20CONECT&sid=1728102587&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5821
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZFYHENNF3&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ext.ascendion.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
text/plain
server
Golfe2
ping
api.refiner.io/js-client/v1/9b4e5f20-8065-11ec-8a73-ab99a02d1e7d/ 		209 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.refiner.io/js-client/v1/9b4e5f20-8065-11ec-8a73-ab99a02d1e7d/ping
Requested by
Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-141-56.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
6179e1d2be1f2a7dcb404c8b29f37ac76a57111bb9f53e38712bc4f24157b090
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ext.ascendion.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

content-encoding
gzip
expect-ct
max-age=2147483648
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 04:29:47 GMT
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
cache-control
no-cache, private, max-age=86400, public
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-download-options
noopen
x-ratelimit-remaining
119
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
cross-origin-embedder-policy
unsafe-none
access-control-allow-origin
*
content-length
201
x-xss-protection
1; mode=block
x-ratelimit-limit
120
server
Apache/2.4.52 (Ubuntu)
ping
api.refiner.io/js-client/v1/9b4e5f20-8065-11ec-8a73-ab99a02d1e7d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.refiner.io/js-client/v1/9b4e5f20-8065-11ec-8a73-ab99a02d1e7d/ping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-141-56.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ext.ascendion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-cache, private max-age=86400, public
content-length
0
content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
content-type
application/json
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 05 Oct 2024 04:29:47 GMT
expect-ct
max-age=2147483648
expires
Sun, 06 Oct 2024 04:29:47 GMT
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.52 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
conect-favicon.282fe5c0.ico
ext.ascendion.com/static/media/ 		901 B
966 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ext.ascendion.com/static/media/conect-favicon.282fe5c0.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.127.11.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2fa68d9b85dfefdf6655bd8244649183cb9e3308e6a5f0ccb5bf2486a989e5b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ext.ascendion.com/conect/login

Response headers

etag
"ef84a0b6bb14db1:0"
accept-ranges
bytes
content-length
901
date
Sat, 05 Oct 2024 04:29:47 GMT
content-type
image/x-icon
last-modified
Wed, 02 Oct 2024 11:10:39 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
installations
firebaseinstallations.googleapis.com/v1/projects/collabera-9ddd2/ 		625 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/collabera-9ddd2/installations
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c60208558aa16a2e5b8da0a18f856dbce45c8dd0dc91e6e7ff6ae8507c33d438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyA5KeVajJ2Uwo2ldlxsmhmh8bATcoU0MME
Referer
https://ext.ascendion.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://ext.ascendion.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
date
Sat, 05 Oct 2024 04:29:47 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
installations
firebaseinstallations.googleapis.com/v1/projects/collabera-9ddd2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/collabera-9ddd2/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://ext.ascendion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://ext.ascendion.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 05 Oct 2024 04:29:47 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/collabera-9ddd2/namespaces/ 		1 KB
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/collabera-9ddd2/namespaces/fireperf:fetch?key=AIzaSyA5KeVajJ2Uwo2ldlxsmhmh8bATcoU0MME
Requested by
Host: ext.ascendion.com
URL: https://ext.ascendion.com/static/js/2.0a9ad58a.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
ESF /
Resource Hash
6e502729d6547bb850491d6134531af6703662d66e121e9051e2f969fcef40c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Authorization
FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTM2NzUwNjkxNzE1OndlYjpmMGFlYTU5OWI5ZGU0YTE2YmNiMmI2IiwiZXhwIjoxNzI4NzA3Mzg3LCJmaWQiOiJlN1JDUno1U3Y1VU1zdlBuLWtyRWlaIiwicHJvamVjdE51bWJlciI6MTM2NzUwNjkxNzE1fQ.AB2LPV8wRQIhALZPgpc6MQ6FzxqS08tVu4ZyJi1mGJktBSiOgYMs0s76AiBwAQQQdL8DKzJUJZ7YK6od-kzq5SzxHCiFcAqzGtMc_Q
Referer
https://ext.ascendion.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
private
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
etag
etag-collabera-9ddd2-fireperf-fetch--580499240
x-content-type-options
nosniff
access-control-allow-origin
https://ext.ascendion.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
462
date
Sat, 05 Oct 2024 04:29:47 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/collabera-9ddd2/namespaces/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/collabera-9ddd2/namespaces/fireperf:fetch?key=AIzaSyA5KeVajJ2Uwo2ldlxsmhmh8bATcoU0MME
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://ext.ascendion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://ext.ascendion.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 05 Oct 2024 04:29:47 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| paceOptions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| webpackJsonpcollabera object| _refinerQueue function| _refiner object| regeneratorRuntime object| Pace function| setImmediate function| clearImmediate object| __core-js_shared__ object| PDFJS object| cptable object| xShaders function| requestAnimFrame object| vec3 object| mat3 object| mat4 number| 2f1acc6c3a606b082e5eef5e54414ffb function| winopen function| winopenid function| $ function| jQuery number| counter number| interval object| React object| ReactDOM object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec object| _refinerTracker boolean| _refinerAlreadyBooted

6 Cookies

Domain/Path Name / Value
.ascendion.com/ Name: _ga
Value: GA1.2.1039880121.1728102583
.ascendion.com/ Name: _gid
Value: GA1.2.843218343.1728102583
.ascendion.com/ Name: _gat_gtag_UA_218227874_1
Value: 1
.ascendion.com/ Name: _gat
Value: 1
.ascendion.com/ Name: _ga_Z17PNPWHV7
Value: GS1.1.1728102583.1.0.1728102587.0.0.0
.ascendion.com/ Name: _ga_XZFYHENNF3
Value: GS1.2.1728102587.1.0.1728102587.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://ext.ascendion.com/js/script.js
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://ext.ascendion.com/conect/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.refiner.io
apps.ascendion.com
cdnjs.cloudflare.com
code.jquery.com
ddec1-0-en-ctp.trendmicro.com
ext.ascendion.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
js.refiner.io
maps.googleapis.com
maxcdn.bootstrapcdn.com
unpkg.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
104.18.10.207
142.250.80.46
142.251.41.8
172.217.165.138
20.127.11.192
2600:9000:28b2:7000:1e:14d2:6dc0:93a1
2600:9000:28b2:ac00:1e:14d2:6dc0:93a1
2606:4700:3037::ac43:8ef5
2606:4700::6811:f6cb
2607:f8b0:4006:807::200a
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::200a
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2008
2a04:4e42::649
54.245.116.215
54.77.141.56
1b6583408e119ec73330e97280f0eb2aa5dc6025fba19f3c0b1f4a8831db2ace
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
2920c6afb477b1845e4f66db2b0d2b3b0b74de71a128d963b8e566fb7e356302
2fa68d9b85dfefdf6655bd8244649183cb9e3308e6a5f0ccb5bf2486a989e5b5
3e05caf4536233cdb2dd6e90a37eb506bb9220c87235ca1f7fa66a965241564a
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
4639faae9772b9ff4791f6c849788a1ae21678e9a433ef707401ea21430ce4f9
561afbcdbed2354f3a4e596005a5f7aaed843e472aca0137d18059b829e30432
6179e1d2be1f2a7dcb404c8b29f37ac76a57111bb9f53e38712bc4f24157b090
61c367328e80e30365573a07e3063a13211cb8d264da98f99c3a30c5c366e93b
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
6b4e748789853d6abae76f98f8e1680b6a4dead5bc9d96dba9d4f9aa0577eece
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1f6eb3722c5ed6cbeed9f61ac7b00d24c4b3198c89348e7684a2982536abf
6e502729d6547bb850491d6134531af6703662d66e121e9051e2f969fcef40c3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9eee6c075b99175bda5170a614f22479d380272632604fc886cfe6bd0355779c
a5a785d5334073aacf1e11942885a5cccdd0621235f528eeb0e75768070eaa79
a9d143077c69f105bf9f70c27832a5a4a2fd77a1929d7db42fe66897df17aed1
b955e9c76fc97abca6ba79b63177e34ca1055d86b0ef116acc7f9567f17458d8
bd8bec724a3355ea818ba26d89cdef2aaff3eff8ef3b6e36b46312ce189ba025
be7c63eaffeed29c95325c5899654dd81fee7f69834909eb5f7c7d154dd8c76d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3288e7dba58425a4406a900e50351cf5bcc5baaeb5cd9afce799e51d188edc8
c60208558aa16a2e5b8da0a18f856dbce45c8dd0dc91e6e7ff6ae8507c33d438
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a19cffdec4b5e4a97e929abfcae90d0daa38326dff2705572b83e71f70ce8a
ecb09b33dd1032b7009f361b485e5248023590fa2a8dbdc751b06ca9557667de
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f