d2azzjh44kieyo.cloudfront.net Open in urlscan Pro
2600:9000:21a2:2000:1f:e970:1000:93a1  Public Scan

URL: https://d2azzjh44kieyo.cloudfront.net/
Submission: On January 01 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2600:9000:21a2:2000:1f:e970:1000:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d2azzjh44kieyo.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d2azzjh44kieyo.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 cloudfront.net
d2azzjh44kieyo.cloudfront.net
694 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
4 galaxy.tf
image-tc.galaxy.tf — Cisco Umbrella Rank: 88258
cdn.galaxy.tf — Cisco Umbrella Rank: 116160
tc.galaxy.tf — Cisco Umbrella Rank: 129435
51 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
171 KB
1 gstatic.com
fonts.gstatic.com
33 KB
29 6
Domain Requested by
13 d2azzjh44kieyo.cloudfront.net d2azzjh44kieyo.cloudfront.net
6 fonts.googleapis.com d2azzjh44kieyo.cloudfront.net
3 www.google-analytics.com www.googletagmanager.com
d2azzjh44kieyo.cloudfront.net
www.google-analytics.com
2 tc.galaxy.tf cdn.galaxy.tf
2 www.googletagmanager.com d2azzjh44kieyo.cloudfront.net
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.galaxy.tf d2azzjh44kieyo.cloudfront.net
1 image-tc.galaxy.tf d2azzjh44kieyo.cloudfront.net
29 8

This site contains links to these domains. Also see Links.

Domain
www.amadeus.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
image-tc.galaxy.tf
Cloudflare Inc ECC CA-3
2023-05-08 -
2024-05-07
a year crt.sh
cdn.galaxy.tf
Cloudflare Inc ECC CA-3
2023-04-06 -
2024-04-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.galaxy.tf
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://d2azzjh44kieyo.cloudfront.net/
Frame ID: D4A0291FF9D91BFAED2E653F2F2FC949
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

GP - Login Page | The Fleece at CirencesterMenuClose menuclose booking maskclose booking maskMenuClose menuclose booking maskclose booking maskMenuClose menuclose booking maskarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plustripadvisorinstagrampauseplaycrossquote-opensunMenumailmarkerclockcheckpinterestyoutubewechatlinkedintiktokline-msgwhatsappweibogallery-videotrianglehotelhotel-airlogoutarrow-downxingpersontriangle-rulerbedfloorplangoogleuploadclosecalendarguestsearchremovehotelmap-viewlist-viewvideo-playvideo-pausezoom-magnifychain-linkalertheightdimensionsmax-capacitystarreview-usertrashtagcircle-enlargecircle-videoprinterBack to top

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

8
IPs

1
Countries

975 kB
Transfer

3679 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
d2azzjh44kieyo.cloudfront.net/
30 KB
8 KB
Document
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
af4c055706f49447736aab49d8f5ccf7daa297269254bc8e4f2f4b66f685a4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 Jan 2024 07:46:28 GMT
etag
W/"76f0a0d3ab1d6080c8a33b967bc0f495"
last-modified
Fri, 13 Oct 2023 07:57:16 GMT
referrer-policy
no-referrer-when-downgrade
server
GLXD
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-amz-cf-id
wIAQ4NczOXwFHw2oFVD8SwroWcwW-g5s4ihGMk3HD0G47U23e2BdfQ==
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2423117a1b28d4cecb1f7d421773e7acf9570525fcaae83220302c9d67a4e723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:29:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
css
fonts.googleapis.com/
7 KB
759 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:27:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
css
fonts.googleapis.com/
2 KB
561 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04b827c190dd0b7d46933eb7ee1df0166ba069e5e69d290b79e8b342d2e6fe66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:46:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
main.css
d2azzjh44kieyo.cloudfront.net/css/custom/7225/1/main/61cff8c669be073fcca832ad882fe0ec/
745 KB
100 KB
Stylesheet
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/css/custom/7225/1/main/61cff8c669be073fcca832ad882fe0ec/main.css
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
a572ead286be8a4b2d3aa8c61c2388518a7ed496ddf885e15dadb264279c05c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 07:57:23 GMT
server
GLXD
etag
W/"80477784ec2e54bd401a08ea754e659b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
eSQKmJT2ldEFtgT96_bIqFw_lO-fug74x5E3kQtRnUHWuQVtc9PNdA==
css
fonts.googleapis.com/
7 KB
725 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2423117a1b28d4cecb1f7d421773e7acf9570525fcaae83220302c9d67a4e723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:29:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
css
fonts.googleapis.com/
7 KB
759 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:12:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
css
fonts.googleapis.com/
2 KB
538 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04b827c190dd0b7d46933eb7ee1df0166ba069e5e69d290b79e8b342d2e6fe66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 07:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 07:46:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 07:46:28 GMT
main.css
d2azzjh44kieyo.cloudfront.net/css/custom/7225/307/main/38de409a59191a6a9ec9e9196d67cfc7/
4 KB
1 KB
Stylesheet
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/css/custom/7225/307/main/38de409a59191a6a9ec9e9196d67cfc7/main.css
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
604470d99692e86ed183d0aa33906d211515d873f59ec53ce8a6b3856bae5096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 07:57:33 GMT
server
GLXD
etag
W/"42f40ab2ede8b86ce9a32f17a88c20d2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
fNFSMXh77qu_6tzlklLEjKgtFAD-ypKEQhdULEMOi42gxOiGLD-Q-A==
gtm.js
www.googletagmanager.com/
285 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b51d2d87e3673918e6e8d16a604f7f54fc3b89692dd6f574368ff47c2f1afc9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88878
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Jan 2024 07:46:29 GMT
fleece-155x55.svg
image-tc.galaxy.tf/wisvg-ujjdbqlzek6mde159hm9p7r7/
13 KB
5 KB
Image
General
Full URL
https://image-tc.galaxy.tf/wisvg-ujjdbqlzek6mde159hm9p7r7/fleece-155x55.svg?width=500
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d085d8d9c38766d5ba092f1cb044364e1250ddedaad3a88c0c5a207050c3818
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:29 GMT
x-amz-version-id
1GO9eZ4kcPh7EhqrxzCoYMCGQuEWWBPQ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 ec1b46a9bc28e57dd5c602e080468132.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
MSP50-C2
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Aug 2023 12:40:13 GMT
server
cloudflare
etag
W/"0e54a54b58f45eb1520f2afafb4c0483"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding
cf-ray
83e9261359e04bc6-BUF
x-amz-cf-id
BCWv8gVIplNKG5ZAAPShv0cGqzBLV7MQjngnbkxc_9N7TWHBkE2nNQ==
gms-latest.min.js
cdn.galaxy.tf/asset-galaxy/js/
149 KB
46 KB
Script
General
Full URL
https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:29 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Dec 2023 10:34:07 GMT
server
cloudflare
etag
W/"253b9-60d7b56b5404a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
cf-ray
83e926135d584bc1-BUF
alt-svc
h3=":443"; ma=86400
expires
Mon, 08 Jan 2024 07:46:29 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d2azzjh44kieyo.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:27:30 GMT
x-content-type-options
nosniff
age
130739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 19:27:30 GMT
main.bundle.js
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/js/
207 KB
65 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
5be40a25502750fcea8a3c3a7b05053eed840ba2006cff3135d4889c06a7826e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:46 GMT
server
GLXD
etag
W/"98b3d5ea0bf694fa252e148078e5e6f2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
gVD4fi5MvDIuuoBcAqUfixZt8wdO8gFHJEkLZ04omlS4lnaVqq0Irw==
svg-icons.svg
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/svg/
61 KB
20 KB
Image
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:36 GMT
server
GLXD
etag
W/"96cd63c6bf3583f2d0af06fc988fc564"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
x-amz-cf-id
j_qj1JGghTVjYkxrgbsGPX2Ac-DBwVoIAF8kbEVlwSYJKe3YUEXOxQ==
main.css
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/css/
97 KB
17 KB
Stylesheet
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/css/main.css?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
23389ade8da2559ee3c1813b024a5432047652981bb8e2e84e3a943b967a1385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:47 GMT
server
GLXD
etag
W/"90e26334849fecf19b80bb5c84fd3c8d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
2-XJ870KV697DCqTbmSA51VDncSLIokOnedI3mXEdZHrjdiUMoBE0g==
authorization.bundle.js
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/js/
72 KB
23 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/shared-gms-v2/js/authorization.bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
0723cea0b2dc4a53f4f1c8a8e515973a0326b6c0cb419c1af38c30a03306845c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:21 GMT
server
GLXD
etag
W/"1dec4ad9db7219900f26f7e5028d8b50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
OuNJS6bRajivSF-Gc04D-tmGNKSaeFSqAq_6NPMrM-SqVva8O5838w==
galaxy-helpers.js
d2azzjh44kieyo.cloudfront.net/frontend/galaxy-helpers/public/
56 KB
20 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-83a6bae3-bc07-4df7-9d4e-1af6f01211d9
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:26 GMT
server
GLXD
etag
W/"ef1febd8b777272d6178f74661f8347e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
rWPxjnBqayz1l1BboMoN4Py2rR9a2XNWUMrMqskXENgqHK7bGEVTyQ==
bundle.js
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/
1 MB
382 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
6c7d025836da3da42ced1490c2f17501af9f539655e2d000fac1eaf1584e9f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 07:57:08 GMT
server
GLXD
etag
W/"e60f34748d6cc63129badccce92bf927"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
hDmmiC1xT80vHahONU87AJDBs6VpnSkKZro75tyfkiu8BN_Fn-xsyg==
7334-38dae3079e129b2fcea4.js
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/chunk/
5 KB
2 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/chunk/7334-38dae3079e129b2fcea4.js
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
c5843509cb5d8c6a299a23ecf46ceb93b74f071c9b3d4dab42a38b544ff494fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 07:57:13 GMT
server
GLXD
etag
W/"f4d4f6b68394b39e00f7bdf65c380355"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
WoipOxoXQJEIdb11Gk_hyBTepQ79rwe-HR-t39JxSOF_HhTZ61g4eg==
svg-icons.svg
d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/svg/
61 KB
20 KB
XHR
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/integration/tc-theme/public/js/bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:36 GMT
server
GLXD
etag
W/"96cd63c6bf3583f2d0af06fc988fc564"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
x-amz-cf-id
yo1nMn__Qz95HBBV5BMlh8H-wUDxEoLYNcBNZdk58mG1AvHnqF4yiQ==
bundle.js
d2azzjh44kieyo.cloudfront.net/integration/tc-ext-integrated-datalayer/public/js/
22 KB
6 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-ext-integrated-datalayer/public/js/bundle.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
b20b417cdae0e8801a7975454e327353cd63e1ce4827ff4c8475ba01ff6ae9a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2azzjh44kieyo.cloudfront.net/
Origin
https://d2azzjh44kieyo.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 14:34:29 GMT
server
GLXD
etag
W/"7c05145a539073690aed5840dae5296a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
k_8kYJcp7QsutSc4ymscL4zN4KGbvcTRmfCcgzrTf3ieJ4yJqw3Hwg==
bundle-ext-currency-switcher.js
d2azzjh44kieyo.cloudfront.net/integration/tc-ext-currency-switcher/public/js/
93 KB
32 KB
Script
General
Full URL
https://d2azzjh44kieyo.cloudfront.net/integration/tc-ext-currency-switcher/public/js/bundle-ext-currency-switcher.js?vdd0d06e14c182918a6f91c5cae89f26c
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:2000:1f:e970:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
42ee45a32ed75c639fa1e512d63533ea365aeb64843d5c87e4c6929707b1eb98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2azzjh44kieyo.cloudfront.net/
Origin
https://d2azzjh44kieyo.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-C1
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 07:57:24 GMT
server
GLXD
etag
W/"c5295ee8d9f319e7cdd0b0609fcdecbf"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
X7ZsUHuvKxzv6PCRGxihB-eXD3jn-i0Ws2hhgDYb1XmJ59JHcUUZXQ==
gms
tc.galaxy.tf/token/oauth2/
0
0
Preflight
General
Full URL
https://tc.galaxy.tf/token/oauth2/gms
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.188.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-188-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-galaxy-key
Access-Control-Request-Method
GET
Origin
https://d2azzjh44kieyo.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT
access-control-allow-origin
*
apigw-requestid
Q2YZkh-XIAMEPcg=
date
Mon, 01 Jan 2024 07:46:30 GMT
gms
tc.galaxy.tf/token/oauth2/
0
120 B
XHR
General
Full URL
https://tc.galaxy.tf/token/oauth2/gms
Requested by
Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?vdd0d06e14c182918a6f91c5cae89f26c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.188.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-188-96.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2azzjh44kieyo.cloudfront.net/
X-Galaxy-Key
d863f476dab27809044e6c4912f29838
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Jan 2024 07:46:30 GMT
content-length
0
apigw-requestid
Q2YZkhGBIAMEPXQ=, Q2YZkiwQIAMEPBQ=
js
www.googletagmanager.com/gtag/
244 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb4ec2aa927970e59cc3d3e42479a09f48e5876caad845764d280abde46e9418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 07:46:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85787
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 07:46:30 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jan 2024 06:43:21 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3789
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Jan 2024 08:43:21 GMT
collect
www.google-analytics.com/g/
0
181 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je3bt0v888369804z8830021505&_p=1704095188474&gcd=11l1l1l1l1&dma=0&cid=2091486754.1704095191&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fd2azzjh44kieyo.cloudfront.net%2F&sid=1704095190&sct=1&seg=0&dt=GP%20-%20Login%20Page%20%7C%20The%20Fleece%20at%20Cirencester&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=The%20Fleece%20at%20Cirencester&ep.hotel_id=76100&ep.hotel_bid=not_applicable&ep.hotel_brand_name=Daniel%20Thwaites&ep.hotel_chain_id=not_applicable&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=Daniel%20Thwaites&ep.hotel_booking_engine=iHotelier%20(BE5)&ep.page_has_tvs=no&ep.page_footer=be5&ep.page_header=be2&ep.page_language=en&ep.page_section=group_property-&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=essentials&ep.page_template=th1&ep.site_tvs=tvs_no&ep.hotel_property_type=group_property&ep.hotel_star_rating=0&epn.hotel_room_types_count=0&epn.site_number_of_languages=1&ep.site_global_product=guest_portal&ep.page_content_group=not_applicable&ep.site_be_version=be5&epn.hotel_brands_count=21&ep.hotel_gms_type=not_applicable&ep.hotel_has_gms=yes&ep.page_tvs_videos_count=0&ep.site_be_config_enhancements=enabled-not_mandatory&epn.site_be_design_features_desktop_calendar=2&ep.site_be_design_features_enhancements_layout=four_columns&ep.site_be_design_features_lead_rate=enabled&ep.site_be_design_features_prices_by=avg_per_night&ep.site_be_design_features_results_filter=enabled-2%2C3%2C9%2C7%2C4%2C6%2C8&ep.site_be_design_features_results_grid_type=rooms-list&ep.item_type=hotel&up.user_logged_in=no&tfd=2767
Requested by
Host: d2azzjh44kieyo.cloudfront.net
URL: https://d2azzjh44kieyo.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2azzjh44kieyo.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 07:46:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2azzjh44kieyo.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
93 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1635950599&t=pageview&_s=1&dl=https%3A%2F%2Fd2azzjh44kieyo.cloudfront.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GP%20-%20Login%20Page%20%7C%20The%20Fleece%20at%20Cirencester&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=1734110255&gjid=45964809&cid=2091486754.1704095191&tid=UA-162681275-1&_gid=478874484.1704095191&_r=1&_slc=1&gtm=45He3bt0n81TL2MM4Bv830021505&cg1=guest_portal&cg2=group_property-&cg3=group_property&cd1=not_applicable&cd2=not_applicable&cd3=Daniel%20Thwaites&cd4=Daniel%20Thwaites&cd5=76100&cd6=The%20Fleece%20at%20Cirencester&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=be2&cd16=be5&cd19=tvs_no&cd20=iHotelier%20(BE5)&cd21=group_property&cd22=0&cd23=0&cd24=1&cd25=en&cd26=guest_portal&cd27=group_property-&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fd2azzjh44kieyo.cloudfront.net%2F&cd39=not_applicable&cd40=thefleececirencester.ihotelier.com&cd41=GTM-TL2MM4B&cd42=75&cd54=be5&cd55=21&cd56=7309&cd57=not_applicable&cd58=yes&cd59=0&cd60=enabled-not_mandatory&cd61=2&cd62=four_columns&cd63=enabled&cd64=avg_per_night&cd65=enabled-2%2C3%2C9%2C7%2C4%2C6%2C8&cd66=rooms-list&cd67=hotel&gcd=11l1l1l1l1&dma=0&z=1444810649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2azzjh44kieyo.cloudfront.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 07:46:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2azzjh44kieyo.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| galaxyInfo object| galaxyGMS string| BIDnumber object| GLXExtensions number| websiteID number| cms string| ts_roll_up_tracking object| ts_analytics object| dl object| dataLayer string| _dynamic_base object| websiteGlobalVariables string| gmsUrlReservation boolean| gmsUrlReservationTarget string| endpointBase string| tokenEndpoint string| reservationUrl string| gmsModifyBookingURL string| language string| gmsLoginURL string| gmsHomeURL string| gmsSignUpURL string| gmsResetPasswordURL string| gmsSignUpSuccessURL string| gmsResetPasswordCodeSuccessURL string| gmsDateFormat string| gmsDatePlaceholder object| gmsCalendars string| gmsDefaultTierColor string| gmsDefaultTierColorText string| gmsMembershipBgColor string| gmsMembershipTxtColor string| gmsPointsBgColor string| gmsPointsTxtColor object| gmsConfigObject string| gmsHotelsData boolean| gmsSDKSession string| gmsJSPath function| setImmediate function| clearImmediate object| GMS function| base64 function| isLocalStorageAvailable object| GMSVendor object| tcGuestPortalAuthPopupProps object| cms_configs string| GMS_required_status object| google_tag_manager object| google_tag_data object| webpackJsonp object| regeneratorRuntime object| tcGMSHelpers object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction object| picturefillCFG function| picturefill boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| lazySizes object| BM boolean| ga4_events_template function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery number| _tc_pv_cnt object| _tc_tool object| __ga4Redact string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| videosToTrack

4 Cookies

Domain/Path Name / Value
.d2azzjh44kieyo.cloudfront.net/ Name: _ga_3R5SJEDWK4
Value: GS1.1.1704095190.1.0.1704095190.0.0.0
.d2azzjh44kieyo.cloudfront.net/ Name: _ga
Value: GA1.3.2091486754.1704095191
.d2azzjh44kieyo.cloudfront.net/ Name: _gid
Value: GA1.3.478874484.1704095191
.d2azzjh44kieyo.cloudfront.net/ Name: _gat_tct
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://tc.galaxy.tf/token/oauth2/gms
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.galaxy.tf
d2azzjh44kieyo.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
tc.galaxy.tf
www.google-analytics.com
www.googletagmanager.com
2600:9000:21a2:2000:1f:e970:1000:93a1
2606:4700::6811:b83a
2606:4700::6811:b93a
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1f::8a
52.201.188.96
0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251
04b827c190dd0b7d46933eb7ee1df0166ba069e5e69d290b79e8b342d2e6fe66
0723cea0b2dc4a53f4f1c8a8e515973a0326b6c0cb419c1af38c30a03306845c
0d085d8d9c38766d5ba092f1cb044364e1250ddedaad3a88c0c5a207050c3818
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23389ade8da2559ee3c1813b024a5432047652981bb8e2e84e3a943b967a1385
2423117a1b28d4cecb1f7d421773e7acf9570525fcaae83220302c9d67a4e723
42ee45a32ed75c639fa1e512d63533ea365aeb64843d5c87e4c6929707b1eb98
5be40a25502750fcea8a3c3a7b05053eed840ba2006cff3135d4889c06a7826e
5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a
604470d99692e86ed183d0aa33906d211515d873f59ec53ce8a6b3856bae5096
6c7d025836da3da42ced1490c2f17501af9f539655e2d000fac1eaf1584e9f73
a572ead286be8a4b2d3aa8c61c2388518a7ed496ddf885e15dadb264279c05c9
af4c055706f49447736aab49d8f5ccf7daa297269254bc8e4f2f4b66f685a4af
b20b417cdae0e8801a7975454e327353cd63e1ce4827ff4c8475ba01ff6ae9a0
b51d2d87e3673918e6e8d16a604f7f54fc3b89692dd6f574368ff47c2f1afc9e
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5843509cb5d8c6a299a23ecf46ceb93b74f071c9b3d4dab42a38b544ff494fc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4ec2aa927970e59cc3d3e42479a09f48e5876caad845764d280abde46e9418