urlscan.io logo urlscan.io
SecurityTrails logo

birdeye.com Open in urlscan Pro
54.183.42.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://h2p6g.app.goo.gl/RXG2e
Effective URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184...
Submission: On January 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 54.183.42.117, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is birdeye.com. The Cisco Umbrella rank of the primary domain is 43182.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 17th 2023. Valid for: a year.
This is the only time birdeye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
h2p6g.app.goo.gl
3    54.183.42.117 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-42-117.us-west-1.compute.amazonaws.com
birdeye.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:2491:e400:16:fecd:21c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1azc1qln24ryf.cloudfront.net
1    2400:52e0:1e00::864:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.icomoon.io
2    2600:9000:225e:f600:1:1b91:4f00:21 (United States)

ASN16509 (AMAZON-02, US)
d1py4eyp5hehj0.cloudfront.net
4    13.32.118.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-174.fra60.r.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d1azc1qln24ryf.cloudfront.net
d1py4eyp5hehj0.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
284 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 birdeye.com
birdeye.com — Cisco Umbrella Rank: 43182
31 KB
1 icomoon.io
cdn.icomoon.io — Cisco Umbrella Rank: 12918
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
3 KB
1 goo.gl
h2p6g.app.goo.gl
1 KB
17 7
Domain Requested by
4 d3cnqzq0ivprch.cloudfront.net birdeye.com
4 fonts.googleapis.com birdeye.com
client
3 fonts.gstatic.com fonts.googleapis.com
3 birdeye.com 1 redirects birdeye.com
2 d1py4eyp5hehj0.cloudfront.net birdeye.com
1 cdn.icomoon.io birdeye.com
1 d1azc1qln24ryf.cloudfront.net 1 redirects
1 cdn.jsdelivr.net birdeye.com
1 h2p6g.app.goo.gl 1 redirects
17 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
*.birdeye.com
Go Daddy Secure Certificate Authority - G2		 2023-09-17 -
2024-10-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Frame ID: A3590CE27FA20B8879E29516FC1429EF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refer us

Page URL History Show full URLs

  1. http://h2p6g.app.goo.gl/RXG2e HTTP 307
    https://h2p6g.app.goo.gl/RXG2e HTTP 302
    https://birdeye.com/earnup-inc-168451283588684/referus?rid=23135443963&source=sms&rtype=referral... HTTP 301
    https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referra... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • birdeye\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

94 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

372 kB
Transfer

476 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://h2p6g.app.goo.gl/RXG2e HTTP 307
    https://h2p6g.app.goo.gl/RXG2e HTTP 302
    https://birdeye.com/earnup-inc-168451283588684/referus?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1 HTTP 301
    https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://d1azc1qln24ryf.cloudfront.net/101518/phoenix/style-cf.css?ad5qtt HTTP 302
  • https://cdn.icomoon.io/101518/phoenix/style-cf.css

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
birdeye.com/earnup-inc-168451283588684/referus/
Redirect Chain
  • http://h2p6g.app.goo.gl/RXG2e
  • https://h2p6g.app.goo.gl/RXG2e
  • https://birdeye.com/earnup-inc-168451283588684/referus?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
  • https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
85 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.183.42.117 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-42-117.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f25de640e586bdec5d4e61c45cb9a2af3afb19c1ef39f70f571daf4985e9ce7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 16:14:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Host,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-length
388
content-type
text/html; charset=iso-8859-1
date
Fri, 26 Jan 2024 16:14:54 GMT
expires
Fri, 26 Jan 2024 16:14:54 GMT
location
https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
css
fonts.googleapis.com/ 		5 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 14:16:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:14:55 GMT
url-polyfill.min.js
cdn.jsdelivr.net/npm/url-polyfill@1.1.11/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/url-polyfill@1.1.11/url-polyfill.min.js
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59177e9b5068ed2eb53e277504c092bca8dd3b9d6bf02aac0e123a098fe7cfe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
1.1.11
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220091-FRA, cache-lga21971-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"18e8-IAL4vV6rFecnsmn63APeXB7rnVQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYa7FmAbVFOrz0beBGTez76AukaNM7jz9z%2BqJz2x4C6qzvt4iOGl8tR1oebSpyK5p9C73U1hzbQsxYJ47tlJLAeRqaR0urrk5cVvSSb%2BeZdbYT3Ekpg4%2F3NuoIUDKA1jDTCx74hAfkBKJBKVYEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84ba0d3a2cefbf51-WAW
style-cf.css
cdn.icomoon.io/101518/phoenix/
Redirect Chain
  • https://d1azc1qln24ryf.cloudfront.net/101518/phoenix/style-cf.css?ad5qtt
  • https://cdn.icomoon.io/101518/phoenix/style-cf.css
27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/phoenix/style-cf.css
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
3066a6c6c50298bd8aaaeeebad86251662e42f36e87476effc2d7477c40c2c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:55 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-cachedat
01/11/2024 08:01:48
cdn-pullzone
1460617
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-DE1-864
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"74e3e38e3799c2e8ef49da9d01e0dfc1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
1a67141dbcba1a570e381351e784d988
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Fri, 26 Jan 2024 16:14:55 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
vary
Origin
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cdn.icomoon.io/101518/phoenix/style-cf.css
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
9vjtRD5hOdGhARJN2ov0iTatQic53CjE2f78t-xEJ55ujAv3HEpUkg==
Untitleddesign.png
d1py4eyp5hehj0.cloudfront.net/upload/1117028/1701456697963/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1py4eyp5hehj0.cloudfront.net/upload/1117028/1701456697963/Untitleddesign.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:f600:1:1b91:4f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a64c40a991f6a57dbb8613a79f00752a5ede16bbf47f97782f96736f5364b64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:56 GMT
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 01 Dec 2023 18:51:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"befdd9e35fa4570542302843531f09d6"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
18150
x-amz-cf-id
Pt-kR-YdSbMCPIg1R_ql7tnzXMeuGm5R9ePn3HuXhISfXuL50GTFXA==
Newtemplate.jpeg
d1py4eyp5hehj0.cloudfront.net/upload/1117028/1705595701246/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1py4eyp5hehj0.cloudfront.net/upload/1117028/1705595701246/Newtemplate.jpeg
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:f600:1:1b91:4f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9eb14b1eb486224e4aad2fe2006857276a1117375aaaaac2b1be44345c8b960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:56 GMT
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 16:35:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
etag
"a313690f495fd1cc44533f3296c03029"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
264749
x-amz-cf-id
n2RAAXhMqQBwkhZNg_ewL6qpMDt22bcnYYLhU74D75N8xl4IHroNHA==
text-v2.png
d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/ 		307 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/text-v2.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-174.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ad06c78159a7309c324f2ad139c8e177f57bedeb1dee36b92bd6396a97f28e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:55 GMT
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified
Tue, 13 Jun 2023 00:10:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
3108
x-amz-server-side-encryption
AES256
etag
"a03544bb63c686e820066705bca98ebc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
307
x-amz-cf-id
uUq5GNW4EDNxysw6S7-FplzVONrLPOPC3p3dKgegWpXI8bEzuv595g==
email-v2.png
d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/ 		304 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/email-v2.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-174.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56831fb432063903c67a59f4660c2378987823fbcbad6563f33a0e5d684fe8c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:23:08 GMT
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified
Tue, 13 Jun 2023 00:10:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
3108
etag
"06bd27c0893b73877f6fdf683cca562f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
304
x-amz-cf-id
7gGJ8F1FVmRxYjiTzP1ZNJP63x7geHYIhNZWVwDVueg73l7ohGcWRg==
facebook-v2.png
d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/ 		350 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/reviews/css/images/email/referral/facebook-v2.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-174.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66d284659df2818049e95c5d0825eaf836d8d80b7bc7b8e9fbcc3da2a3ac99f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:55 GMT
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified
Tue, 13 Jun 2023 00:10:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
67479
x-amz-server-side-encryption
AES256
etag
"49433da0abe12bbd0b7aeaafea650145"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
350
x-amz-cf-id
F7Gg1SNvzrT2Uv2u0MUtf9csMixMMmUr5wGXB-_iH3oHmnwcFZx0hw==
logo.svg
d3cnqzq0ivprch.cloudfront.net/prod/css/images/themes/christmas/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/prod/css/images/themes/christmas/logo.svg
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-174.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d9a515b08a65940082b3b8db49f5ad9a981f625c1ffe52c2474f5d3d3e4def6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:14:56 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jun 2023 23:01:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"85a6222d31d47170beaa029de48eeb12"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
O_PluPLYvQmfWnvaeb-br7j5yMyGa67zoBH5dqiaeTKdnvxIti22tQ==
css
fonts.googleapis.com/ 		9 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:37:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:14:55 GMT
css
fonts.googleapis.com/ 		2 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 14:20:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:14:55 GMT
css
fonts.googleapis.com/ 		8 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
210e7b9452ec5d9fbd671bb83b58cfed2014dfcd1a7e0ca1162dde5a2d8bb227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:47:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:14:55 GMT
truncated
/ 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9704045ed894fbb975a1ab62cd2b4b310b4af277ff55df4e3b5c0fbb67fb9da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
emailclick
birdeye.com/papi/customer/ 		309 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/papi/customer/emailclick?rtype=referral&rid=23135443963&click_type=1&bId=168451283588684&source=mobile&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&event_id=d41d8cd98f00b204e9800998ecf8427e&template_id=1620184&enc=1
Requested by
Host: birdeye.com
URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.183.42.117 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-42-117.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
000d051876d6a24fd5d236bed5202270d676fb3e4a34a1b0892311bfea86af52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=utf-8

Response headers

date
Fri, 26 Jan 2024 16:14:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
272
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
server
Apache
vary
Host,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
expires
Thu, 19 Nov 1981 08:52:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:28:52 GMT
x-content-type-options
nosniff
age
233163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:28:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
603334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:39:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:01:51 GMT
x-content-type-options
nosniff
age
317584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:01:51 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __core-js_shared__ object| core object| referralData object| businessData string| DOMAIN string| BIRDEYE_FB_APPID

1 Cookies

Domain/Path Name / Value
birdeye.com/ Name: sid
Value: behb2mdsoiiukohevv6vpqe0q5

2 Console Messages

Source Level URL
Text
security warning URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1
Message:
Mixed Content: The page at 'https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1' was loaded over HTTPS, but requested an insecure element 'http://d3cnqzq0ivprch.cloudfront.net/prod/css/images/themes/christmas/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1(Line 109)
Message:
Mixed Content: The page at 'https://birdeye.com/earnup-inc-168451283588684/referus/?rid=23135443963&source=sms&rtype=referral&templateId=1620184&custId=T7Y%2BDWW7xVawIRorPAHMNg%3D%3D&enc=1' was loaded over HTTPS, but requested an insecure element 'http://d3cnqzq0ivprch.cloudfront.net/prod/css/images/themes/christmas/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

birdeye.com
cdn.icomoon.io
cdn.jsdelivr.net
d1azc1qln24ryf.cloudfront.net
d1py4eyp5hehj0.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
h2p6g.app.goo.gl
13.32.118.174
2400:52e0:1e00::864:1
2600:9000:225e:f600:1:1b91:4f00:21
2600:9000:2491:e400:16:fecd:21c0:21
2606:4700::6810:5814
2a00:1450:4001:801::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
54.183.42.117
000d051876d6a24fd5d236bed5202270d676fb3e4a34a1b0892311bfea86af52
0ad06c78159a7309c324f2ad139c8e177f57bedeb1dee36b92bd6396a97f28e7
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
1a64c40a991f6a57dbb8613a79f00752a5ede16bbf47f97782f96736f5364b64
210e7b9452ec5d9fbd671bb83b58cfed2014dfcd1a7e0ca1162dde5a2d8bb227
3066a6c6c50298bd8aaaeeebad86251662e42f36e87476effc2d7477c40c2c87
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
56831fb432063903c67a59f4660c2378987823fbcbad6563f33a0e5d684fe8c7
59177e9b5068ed2eb53e277504c092bca8dd3b9d6bf02aac0e123a098fe7cfe6
66d284659df2818049e95c5d0825eaf836d8d80b7bc7b8e9fbcc3da2a3ac99f2
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
9704045ed894fbb975a1ab62cd2b4b310b4af277ff55df4e3b5c0fbb67fb9da0
9d9a515b08a65940082b3b8db49f5ad9a981f625c1ffe52c2474f5d3d3e4def6
f25de640e586bdec5d4e61c45cb9a2af3afb19c1ef39f70f571daf4985e9ce7b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9eb14b1eb486224e4aad2fe2006857276a1117375aaaaac2b1be44345c8b960