urlscan.io logo urlscan.io
SecurityTrails logo

login.giftedby.us Open in urlscan Pro
34.226.37.144  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.giftedby.us/
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 34.226.37.144, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.giftedby.us.
TLS certificate: Issued by R3 on September 20th 2021. Valid for: 3 months.
This is the only time login.giftedby.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 34.226.37.144 14618 (AMAZON-AES)
4 104.19.148.8 13335 (CLOUDFLAR...)
1 142.250.184.202 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
2 6 18.66.139.90 16509 (AMAZON-02)
1 54.76.72.179 16509 (AMAZON-02)
20 6
8    34.226.37.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-37-144.compute-1.amazonaws.com
login.giftedby.us
4    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
6    18.66.139.90 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    54.76.72.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-72-179.eu-west-1.compute.amazonaws.com
d.adroll.com
Domain Requested by
8 login.giftedby.us login.giftedby.us
6 s.adroll.com 2 redirects login.giftedby.us
s.adroll.com
4 script.crazyegg.com login.giftedby.us
script.crazyegg.com
2 fonts.gstatic.com fonts.googleapis.com
1 d.adroll.com s.adroll.com
1 fonts.googleapis.com login.giftedby.us
20 6

This site contains no links.

Subject Issuer Validity Valid
login.giftedby.us
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.giftedby.us/
Frame ID: 211791EA79F0F3AE6CB943D1BD654A3E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Increase Sales and Leads

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

441 kB
Transfer

514 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://s.adroll.com/j/exp/3VMS4JRXINCETL7FMIRCAM/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 16
  • https://s.adroll.com/j/pre/3VMS4JRXINCETL7FMIRCAM/O56UAHOSNJHYLE3WD3JDSL/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
login.giftedby.us/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
76fbd38de64c14c3ceed8cd3ab73c9265df2d9f07db77e651c4aa4ec15b45a9e

Request headers

Host
login.giftedby.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
X-Powered-By
PHP/5.6.40
Set-Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Length
3850
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
7190.js
script.crazyegg.com/pages/scripts/0097/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0097/7190.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0840242d460b372e3d9574e31b2ec2e8cef6a26564e1d569f0aa40daea6b3d0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:05:21 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
691f0a98caa6fb5c-DUS
ce-version
11.1.331
content-length
1855
last-modified
Tue, 21 Sep 2021 00:05:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.css
login.giftedby.us/assets/css/ 		152 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/css/bootstrap.min.css
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:29:26 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"2606e-5b926016200a4"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
155758
css
fonts.googleapis.com/ 		4 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600&display=swap
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
0f334da460abbd2499d5f315918eddc40a343949f7f041a1a56b8aff122974ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 22:56:56 GMT
server
ESF
date
Tue, 21 Sep 2021 00:05:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 00:05:21 GMT
style.css
login.giftedby.us/assets/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/css/style.css
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
f505f3d22de466e8c9b11bf584f19330ed8eccbe9baddbe54d98a1a315464fbc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:34:30 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"83d-5b926137ded8c"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2109
jquery.min.js
login.giftedby.us/assets/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/js/jquery.min.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:29:26 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"152b5-5b926016319e1"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86709
popper.min.js
login.giftedby.us/assets/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/js/popper.min.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:29:26 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"520c-5b926016319e1"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21004
bootstrap.min.js
login.giftedby.us/assets/js/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/js/bootstrap.min.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:29:26 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"e2d8-5b9260162faa1"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
58072
bootstrapValidator.js
login.giftedby.us/assets/js/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/js/bootstrapValidator.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
5c0d19a023b2f087d108d7fdb7a44e59779350328de22ed397b0cb1eb7e93d71

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Last-Modified
Mon, 18 Jan 2021 05:29:26 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"d994-5b92601630a41"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
55700
main.js
login.giftedby.us/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.giftedby.us/assets/js/main.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.37.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-37-144.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
76fbd38de64c14c3ceed8cd3ab73c9265df2d9f07db77e651c4aa4ec15b45a9e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://login.giftedby.us/
Cookie
PHPSESSID=kbprn6h0pgqrd886np0dvaa0t5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 00:05:21 GMT
Server
Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
X-Powered-By
PHP/5.6.40
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
3850
Expires
Thu, 19 Nov 1981 08:52:00 GMT
7190.json
script.crazyegg.com/pages/data-scripts/0097/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0097/7190.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/7190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837fcfebe4aeac136c151886bcd170e09581f8a2fc536f12498c5cdc8a78e421

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:05:21 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
691f0a9b094c8741-DUS
ce-version
11.1.331
content-length
1165
last-modified
Tue, 21 Sep 2021 00:05:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:04:31 GMT
x-content-type-options
nosniff
age
439250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 22:04:31 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.giftedby.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:13:09 GMT
x-content-type-options
nosniff
age
589932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:13:09 GMT
11.1.331.js
script.crazyegg.com/pages/versioned/common-scripts/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/7190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 00:05:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 25 Aug 2021 14:00:21 GMT
server
cloudflare
age
290888
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
691f0a9bfc8ffb5c-DUS
content-length
21512
7190.json
script.crazyegg.com/pages/sampling-data-scripts/0097/ 		194 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0097/7190.json?t=453384
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfb2d7de1955260e33a09794d40922bd6ea3faba4893cd63197fb60625655f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:05:22 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
691f0a9c2a0c8741-DUS
ce-version
11.1.331
content-length
163
last-modified
Tue, 21 Sep 2021 00:05:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
roundtrip.js
s.adroll.com/j/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: login.giftedby.us
URL: https://login.giftedby.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
jmFs7KywGuBDQQS_2esYMgDw6mfwd1hF
Content-Encoding
gzip
Etag
W/"2441168df9ddcfa64f2b072ba490993a"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 30 Aug 2021 22:12:49 GMT
Server
AmazonS3
Date
Mon, 20 Sep 2021 23:29:57 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
CcAL8weWiI8-Cyf9tcZSqBgRdXgZapD3wvYvWVrQw2TQg1vvwbF8wQ==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/3VMS4JRXINCETL7FMIRCAM/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 19:29:29 GMT
Via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 19 Jul 2021 22:23:14 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
1jvZEmFX6rvhNhsfYpiXTK0XwV2YSL_DZDOR3OriDV5F-nQJxpiYOg==

Redirect headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Cache
Error from cloudfront
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Origin
*
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
vPq9YyZ7eRlHaCVNFP79Vj6CgRHjAhngH2uaTz8xQHpeyd-nh_wlgQ==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/3VMS4JRXINCETL7FMIRCAM/O56UAHOSNJHYLE3WD3JDSL/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 19:29:30 GMT
Via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
s1CM5M645xxp16UzxvvsDMZ6b0ODp5fav76GAxZJ9pU31WUHJRJ6EQ==

Redirect headers

Date
Tue, 21 Sep 2021 00:05:21 GMT
Via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Cache
Error from cloudfront
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Origin
*
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
kCOMZflsWfOqdNHeFrAYhM0jIdCN4KMlqg_FlxgmxrtNp7zoE5OkAA==
index.js
s.adroll.com/j/pre/3VMS4JRXINCETL7FMIRCAM/O56UAHOSNJHYLE3WD3JDSL/ 		0
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/3VMS4JRXINCETL7FMIRCAM/O56UAHOSNJHYLE3WD3JDSL/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 00:05:23 GMT
Via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Mon, 20 Sep 2021 05:00:02 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
zIBcvHnD5wCGFylzmo9L_kf.ufVRLOAo
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aWri_f4Yt9QgE1Yhc7ilAQgyzBQLPXj7Zsi7KN8LYXc9isQ_Wome4g==
3VMS4JRXINCETL7FMIRCAM
d.adroll.com/consent/check/ 		396 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/3VMS4JRXINCETL7FMIRCAM?arrfrr=https%3A%2F%2Flogin.giftedby.us%2F&_s=14c1faa8170fb952118e5a9b154b106f&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-179.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
8d271651ab738decccbf7a51cb841950491145afe5d76684f38a13b523071601

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.giftedby.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:05:22 GMT
server
nginx/1.20.0
content-length
396
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| $ function| jQuery function| Popper object| bootstrap string| adroll_adv_id string| adroll_pix_id string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| CE2BH boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list

1 Cookies

Domain/Path Name / Value
login.giftedby.us/ Name: PHPSESSID
Value: kbprn6h0pgqrd886np0dvaa0t5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
login.giftedby.us
s.adroll.com
script.crazyegg.com
104.19.148.8
142.250.184.202
142.250.185.67
18.66.139.90
34.226.37.144
54.76.72.179
0840242d460b372e3d9574e31b2ec2e8cef6a26564e1d569f0aa40daea6b3d0b
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0f334da460abbd2499d5f315918eddc40a343949f7f041a1a56b8aff122974ee
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
5c0d19a023b2f087d108d7fdb7a44e59779350328de22ed397b0cb1eb7e93d71
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
76fbd38de64c14c3ceed8cd3ab73c9265df2d9f07db77e651c4aa4ec15b45a9e
837fcfebe4aeac136c151886bcd170e09581f8a2fc536f12498c5cdc8a78e421
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8cfb2d7de1955260e33a09794d40922bd6ea3faba4893cd63197fb60625655f0
8d271651ab738decccbf7a51cb841950491145afe5d76684f38a13b523071601
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f505f3d22de466e8c9b11bf584f19330ed8eccbe9baddbe54d98a1a315464fbc
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52