urlscan.io logo urlscan.io
SecurityTrails logo

payments.galls.com Open in urlscan Pro
2606:4700::6810:c9e8  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.galls.com/
Submission Tags: falconsandbox
Submission: On May 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6810:c9e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.galls.com.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.
This is the only time payments.galls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
20 5
15    2606:4700::6810:c9e8 (United States)

ASN13335 (CLOUDFLARENET, US)
payments.galls.com
static2.galls.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 galls.com
payments.galls.com
static2.galls.com
126 KB
3 gstatic.com
fonts.gstatic.com
46 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
911 B
20 5
Domain Requested by
14 payments.galls.com 1 redirects payments.galls.com
static.cloudflareinsights.com
3 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com payments.galls.com
1 static2.galls.com payments.galls.com
1 cdnjs.cloudflare.com payments.galls.com
1 fonts.googleapis.com payments.galls.com
20 6

This site contains no links.

Subject Issuer Validity Valid
galls.com
GTS CA 1P5		 2024-04-08 -
2024-07-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://payments.galls.com/
Frame ID: 9ECEF6878CE3E1CA555FA3DDA7C58D8F
Requests: 17 HTTP requests in this frame

Frame: https://payments.galls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: EB426D6FE907F04009656122C83683B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Galls Payment PortalGalls Payment Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

186 kB
Transfer

630 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://payments.galls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://payments.galls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.galls.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c0c86646bbba5fc78ab9ebbdcdd8db0d834616ce4a68de5144dbb9756019b1
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cachecontrol
no-cache
cf-cache-status
DYNAMIC
cf-ray
88b99ae67a5a8fe0-FRA
content-encoding
br
content-type
text/html; charset=ISO-8859-1
date
Wed, 29 May 2024 21:34:10 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-frame-options
sameorigin
css
fonts.googleapis.com/ 		3 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:500,600,700
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b49e1641955629198144c11cba3c7279266ab6d54619a18806a67eb1ff00efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 May 2024 21:34:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 May 2024 21:34:10 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZfkAEDvzBc5MIyx9Wba21nwstT5nDdQTXwEbG8F9tNl%2B9gySk%2BtbRDkZn%2BYn%2FcU3MF0vseq6DqS7dGUgdIOVa%2FFXE4817ouViU2horQ1TV55iPy5sLn9M0plKMlh3a%2B%2B6XdhgTFlIjggXgvycgvxUPK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88b99b6368d41947-FRA
expires
Mon, 19 May 2025 21:34:10 GMT
vendor.css
payments.galls.com/css/ 		154 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/css/vendor.css?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e7d01747fcb4b9dead1d26be90e559546cefa6e8903de10b5bd7ac5928ce76
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 26 Jun 2020 19:56:18 GMT
server
cloudflare
cf-polished
status=cannot_optimize
etag
W/"2668e-5a9021a30fc80-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css; charset=windows-1252
cache-control
public, max-age=86400
cf-ray
88b99b635e7e8fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
autoSuggest.css
payments.galls.com/css/ 		3 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/css/autoSuggest.css?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca93fd6069f4bcdfe3e0ad2bf37e93cfd1f285b818dd2fe7a53f1304bc32d1b
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 17 Jan 2020 15:40:02 GMT
server
cloudflare
cf-polished
origSize=3202
etag
W/"c82-59c57c1427880-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css; charset=windows-1252
cache-control
public, max-age=86400
cf-ray
88b99b635e7f8fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
iosOverlay.css
payments.galls.com/css/ 		2 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/css/iosOverlay.css?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc79526f88ea5875e60ec407f11edea94c130dc97944642895fa11538a4c223
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Aug 2013 02:55:48 GMT
server
cloudflare
etag
W/"9a8-4e41bd81ef500-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css; charset=windows-1252
cache-control
public, max-age=86400
cf-ray
88b99b635e808fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
styles.css
payments.galls.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/css/styles.css?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c3fdb4f37d235ba5a84dd0f1c4355dd50693eb76122a3c9adea7cf0bd517f2
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 26 Jun 2020 20:05:05 GMT
server
cloudflare
cf-polished
origSize=5032
etag
W/"13a8-5a902399a5e40-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css; charset=windows-1252
cache-control
public, max-age=86400
cf-ray
88b99b635e818fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
logo-w.png
static2.galls.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.galls.com/images/logo-w.png
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66441334bb6f6d2d1599688d5f8b59df3e10258cd08f2b606c9732d20deb991f
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4046
content-disposition
inline; filename="logo-w.webp"
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Apr 2017 14:28:31 GMT
server
cloudflare
etag
W/"fce-54e26c564e1c0"
vary
Accept
x-frame-options
sameorigin
content-type
image/webp
access-control-allow-origin
ionic://localhost
cache-control
public, max-age=86400
cf-ray
88b99b639ea58fe0-FRA
expires
Thu, 30 May 2024 21:34:10 GMT
rocket-loader.min.js
payments.galls.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:33 GMT
server
cloudflare
etag
W/"6650ac81-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
88b99b637e8e8fe0-FRA
expires
Fri, 31 May 2024 21:34:10 GMT
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Origin
https://payments.galls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88b99b6389e53a85-FRA
LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pb0EPOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://payments.galls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:51:38 GMT
x-content-type-options
nosniff
age
110552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15084
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:51:38 GMT
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://payments.galls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:46:43 GMT
x-content-type-options
nosniff
age
427647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15732
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 22:46:43 GMT
LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FvOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://payments.galls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 14:47:07 GMT
x-content-type-options
nosniff
age
370023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 14:47:07 GMT
main.js
payments.galls.com/js/ 		252 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/js/main.js?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae26c3b3c45f223f2e917bb07f586e71132ea1746b5a93196e1a401b2a96d5e6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Apr 2020 21:52:47 GMT
server
cloudflare
etag
W/"3ef2b-5a3bfeb6689c0-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
88b99b64ffb88fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
jqueryv3.2.1.js
payments.galls.com/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/js/jqueryv3.2.1.js?20200626-01
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2017 18:30:14 GMT
server
cloudflare
etag
W/"15287-55cdbf22a3980-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
88b99b64ffba8fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:10 GMT
main.js
payments.galls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame EB42
Redirect Chain
  • https://payments.galls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://payments.galls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/
Protocol
H3
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9feaa1ea4570051c546c111767f6e7eb00ac3a7819cc8a70410b9f41067ab36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88b99b650fd08fe0-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 29 May 2024 21:34:10 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
88b99b64ffbd8fe0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
88b99ae67a5a8fe0
payments.galls.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EB42 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/cdn-cgi/challenge-platform/h/b/jsd/r/88b99ae67a5a8fe0
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
server
cloudflare
cf-ray
88b99b6588348fe0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
favicon.ico
payments.galls.com/ 		196 B
349 B 		Other
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f5cc24315a8e0e3f22d9f7f84968ca91e432f47d27c0cc744701f01847ee1a
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:34:11 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
cf-ray
88b99b6598398fe0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 21:34:11 GMT
88b99ae67a5a8fe0
payments.galls.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EB42 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/cdn-cgi/challenge-platform/h/b/jsd/r/88b99ae67a5a8fe0
Requested by
Host: payments.galls.com
URL: https://payments.galls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
server
cloudflare
cf-ray
88b99b6668f18fe0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
rum
payments.galls.com/cdn-cgi/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.galls.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c9e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://payments.galls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 May 2024 21:34:10 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://payments.galls.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88b99b6678f78fe0-FRA

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| __cfBeacon function| $ function| jQuery boolean| asnRePrompt function| iosOverlay undefined| lookAheadReq number| lookAheadWordLen string| prevValue object| timeouts string| jsDeleteMsg string| jsDeleteMsgB string| jsDeleteMsgC string| jsDeleteMsgD string| loginmode undefined| GCardCtr undefined| comparing object| addedGC string| HashDelimeter string| recentHash string| PageNo string| SortBy string| perPage string| clicked object| filters object| compStyle number| posCtr number| imgCtr object| boxes string| opv1 string| opv2 string| opv3 undefined| value undefined| desc string| processing undefined| styl string| origDesc1 string| origDesc2 string| origDesc3 undefined| filterHeight object| filteExp boolean| iOS function| VariousMain function| AccountMain function| styleMain function| setpage function| searchMain function| categExpand function| toggleHemming function| toggleHemmingQ function| hideWait function| showWait function| showBckg function| getLookAheadL function| getLookAhead function| resetLookAhead function| hideLookAhead function| clearTimeoutAll function| PlayVideo function| lookAheadMouseEnter function| lookAheadMouseLeave function| submitSearch function| clearCrossScript function| viewList function| adjustClearFix function| adjustClearFix2 function| SetHashValue function| GetHashValue function| checkHash function| BuildUrl function| getFilters function| adjustUrl function| checkFromUrl function| checkBox function| loadPage function| viewListG function| viewGridG function| getSearch function| buildButtons function| syncMtoFull function| adjustleft function| resetCompare function| clearComp function| markCompare function| checkCompare function| format function| comparestyles function| imageListners function| affixSearch function| choices function| choicesQ function| selColr function| colorImage function| setPrevNext function| onlyClear function| addToCart function| showErrors function| loadGcInfo function| togldt function| addGiftCard function| addToCartItem function| addToCartQV function| syncQty function| syncSrce function| syncQtyG function| submit_form function| submit_Rfno undefined| puUser function| headerLogin function| resetPassword function| removeSdno function| addToList function| EditList function| newShopList function| addNewPhone function| addNewShipping function| editPhone function| editShipping function| deletePanos function| deletePnno function| applySrce function| validateGc function| removeGC function| paintTable function| dfltGC function| saveGC function| radioPayment function| addrB function| addrS function| useCC function| showPostalPopup function| hidePostalPopup function| setSIPCARDCHK function| togglePcardButton function| showPaypalPopup function| hidePaypalPopupMsg function| hidePaypalPopup function| loadUpload function| uploadFILE function| setSIRSTRCHK function| openFraud function| closeUpload function| chkRstr function| showRstr function| getTax function| hideRstr function| showPlaceOrder function| placeOrder function| Quickview function| QuickviewNoCLER function| miniCart function| closeMiniCart function| onlyClearQ function| freeChange function| freeItem function| addToCartFree function| optChange function| handleAjaxReply function| addToCartKit function| optChangeKit function| getStock function| prepArray function| THIShandleEnterKeyQty function| THIShandleEnterKeySrce function| EnterActn function| removeUpload function| saddGhng function| baddGhng function| ajaxOnChangeFunc function| create_xmlhttp_resp function| validPass function| handleEnterEventPass function| checkValidPass object| bsn object| _b function| Spinner function| submitPass function| submitUser function| clearFields function| validate function| openThisModal function| init function| cleanup string| userDFMT string| userNFMT boolean| __cfRLUnblockHandlers

2 Cookies

Domain/Path Name / Value
payments.galls.com/ Name: gpymp.COM
Value: 000001482181550191443920224646
.galls.com/ Name: cf_clearance
Value: R2.0C_cjSLCu.3ExEfjXd590Vhj4zk4a8tZ2fgjVPnY-1717018450-1.0.1.1-nDg9Y35HREWH2uVEvfcoJmOPJ0ZSt_hZz4HocUS7V_MAALQgwdQI9wIFCRT8kcclhh9k9UOm5HANazulyXdWUg

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://payments.galls.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://payments.galls.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
payments.galls.com
static.cloudflareinsights.com
static2.galls.com
2606:4700::6810:4f49
2606:4700::6810:c9e8
2606:4700::6811:190e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
11e7d01747fcb4b9dead1d26be90e559546cefa6e8903de10b5bd7ac5928ce76
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
3b49e1641955629198144c11cba3c7279266ab6d54619a18806a67eb1ff00efd
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
66441334bb6f6d2d1599688d5f8b59df3e10258cd08f2b606c9732d20deb991f
6bc79526f88ea5875e60ec407f11edea94c130dc97944642895fa11538a4c223
71c3fdb4f37d235ba5a84dd0f1c4355dd50693eb76122a3c9adea7cf0bd517f2
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
95f5cc24315a8e0e3f22d9f7f84968ca91e432f47d27c0cc744701f01847ee1a
a9feaa1ea4570051c546c111767f6e7eb00ac3a7819cc8a70410b9f41067ab36
aca93fd6069f4bcdfe3e0ad2bf37e93cfd1f285b818dd2fe7a53f1304bc32d1b
ae26c3b3c45f223f2e917bb07f586e71132ea1746b5a93196e1a401b2a96d5e6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4c0c86646bbba5fc78ab9ebbdcdd8db0d834616ce4a68de5144dbb9756019b1
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7