urlscan.io logo urlscan.io
SecurityTrails logo

login.ecster.se Open in urlscan Pro
108.157.4.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.ecster.se/
Effective URL: https://login.ecster.se/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 26 HTTP transactions. The main IP is 108.157.4.94, located in United States and belongs to AMAZON-02, US. The main domain is login.ecster.se.
TLS certificate: Issued by Amazon on January 7th 2021. Valid for: a year.
This is the only time login.ecster.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 9 192.176.124.142 3301 (TELIANET-...)
17 108.157.4.94 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
26 5
Domain Requested by
17 login.ecster.se secure.ecster.se
login.ecster.se
9 secure.ecster.se 3 redirects secure.ecster.se
login.ecster.se
2 www.google-analytics.com
1 res.cloudinary.com
26 4

This site contains links to these domains. Also see Links.

Domain
ecster.se
Subject Issuer Validity Valid
secure.ecster.se
DigiCert SHA2 Extended Validation Server CA		 2020-11-19 -
2021-11-23		 a year crt.sh
login.ecster.se
Amazon		 2021-01-07 -
2022-02-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://login.ecster.se/
Frame ID: F30726766E269FB3DDC36E398FE3BE70
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EcsterEcster Logo

Page URL History Show full URLs

  1. https://secure.ecster.se/ HTTP 302
    http://secure.ecster.se/login HTTP 302
    https://secure.ecster.se/login HTTP 302
    https://secure.ecster.se/login/ Page URL
  2. https://login.ecster.se/ Page URL

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

906 kB
Transfer

2947 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.ecster.se/ HTTP 302
    http://secure.ecster.se/login HTTP 302
    https://secure.ecster.se/login HTTP 302
    https://secure.ecster.se/login/ Page URL
  2. https://login.ecster.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://secure.ecster.se/ HTTP 302
  • http://secure.ecster.se/login HTTP 302
  • https://secure.ecster.se/login HTTP 302
  • https://secure.ecster.se/login/

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure.ecster.se/login/
Redirect Chain
  • https://secure.ecster.se/
  • http://secure.ecster.se/login
  • https://secure.ecster.se/login
  • https://secure.ecster.se/login/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ ASP.NET
Resource Hash
2290c783611d0f4ba6dcfccdc78087d523c9b725ba10b742119f44745e12079e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html
Content-Encoding
gzip
Expires
0
Last-Modified
Tue, 30 Mar 2021 06:44:22 GMT
Accept-Ranges
bytes
ETag
"0e7d61d3025d71:0"
Vary
Accept-Encoding
X-Powered-By
ASP.NET
Date
Thu, 18 Nov 2021 14:53:27 GMT
Content-Length
3302

Redirect headers

Location
/login/
Server
BigIP
Connection
close
Content-Length
0
tracking.js
secure.ecster.se/login/ga/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/login/ga/tracking.js
Requested by
Host: secure.ecster.se
URL: https://secure.ecster.se/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ ASP.NET
Resource Hash
7930088f8a45598ab45fb7ef325b8b772f81e61132f5d4c7144345a8c1ca8f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ecster.se/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 14:53:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 11:27:02 GMT
X-Powered-By
ASP.NET
ETag
"0c75f708e24d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
611
main.8c0f3a39.chunk.js
secure.ecster.se/login/static/js/ 		226 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/login/static/js/main.8c0f3a39.chunk.js
Requested by
Host: secure.ecster.se
URL: https://secure.ecster.se/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ ASP.NET
Resource Hash
439ff143d45152864463ee42ed5111ebb2fdc31b8e8b8e90a6336d447de38b1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ecster.se/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 14:53:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 11:27:10 GMT
X-Powered-By
ASP.NET
ETag
"07b24758e24d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
292
analytics.js
secure.ecster.se/login/ga/ 		35 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/login/ga/analytics.js?v=1617017223248
Requested by
Host: secure.ecster.se
URL: https://secure.ecster.se/login/ga/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ecster.se/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 14:53:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 11:27:02 GMT
X-Powered-By
ASP.NET
ETag
"0c75f708e24d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
17928
Primary Request /
login.ecster.se/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/
Requested by
Host: secure.ecster.se
URL: https://secure.ecster.se/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c4807f119d901a160339ef9ea200dc093e7fc8ecac334d06d7f413ddfdd07ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ecster.se/

Response headers

content-type
text/html
last-modified
Tue, 16 Nov 2021 07:09:18 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 18 Nov 2021 07:13:15 GMT
etag
W/"8e0e1347e255655a861a223d883d3bc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
UIP8drgfU0AQEOnffrf93JdbsNO1m_P1641iaIgSpz8AK5ptG3G25A==
age
27613
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=374649802&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.ecster.se%2Flogin%2F&dp=%2Finloggat%2Fwima%2Fredirect&ul=en-us&de=windows-1252&dt=Inloggat%20WIMA%20redirect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUAB~&jid=1823212632&gjid=440427457&cid=663115983.1637247208&tid=UA-127526908-1&_gid=1419683020.1637247208&_r=1&z=1685364695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 14:53:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.js
login.ecster.se/ga/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/ga/tracking.js
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7930088f8a45598ab45fb7ef325b8b772f81e61132f5d4c7144345a8c1ca8f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:18 GMT
server
AmazonS3
age
27613
etag
"391cee31baef1906bd2934bd6daacd76"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
836
x-amz-cf-id
I0TRwqWsRQQeS2V9cELLJwpZ2rK9t0inhUj-vLZRCtW-yxLVaxgV0Q==
ecster-config.js
login.ecster.se/static/ 		111 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/ecster-config.js
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01e97aa626d0b00c3253c93beae4fc4f7a586133f690554e16eedf68f06f94a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 03:48:39 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
39889
etag
"0aa17d40e7185fd3146b19366239e13e"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
111
x-amz-cf-id
ppXIkushaHT_3uNzCw57QFlEDZYtv4ujUU9T6WsnVHUAoLQ4TwzxJw==
2.50acf492.chunk.css
login.ecster.se/static/css/ 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/css/2.50acf492.chunk.css
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b28f2c2ff87ae152e40543c6afca238dd594aeef718eb656940beac7591504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:22 GMT
server
AmazonS3
age
27613
etag
W/"96d895bb90e26842e9e6ef8435f31386"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ucYaGtbnscBrhjyGEV8aS3L0eRBpalhtPeHw7wyUbqyitDrtj7OqMw==
main.0367be74.chunk.css
login.ecster.se/static/css/ 		97 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/css/main.0367be74.chunk.css
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
109e545adacf063c5a791bc58bf7bdc31105fac737ad9f9d0c6bbeca27da23f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 03:48:39 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
39889
etag
W/"8d072b09a6f64a3a3b21dc373078377b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
jda5EPAFJcc17jjFGvCnyBZzMPAxhug4Z5HAEx7pGkaiy1gELdaNtQ==
2.5f1eaad9.chunk.js
login.ecster.se/static/js/ 		1 MB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/js/2.5f1eaad9.chunk.js
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb8d6f84508feafcd705d06d20ed2745533b5108dc4c9f43006e7bc3166887ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
W/"330a5c5b73dce57bc58fe4c3d788df84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
2IxPBVZqqkOuzBJdwwaqyVPLNMdsTiEdbOJHCi4Q6hpqr1nfFoMPcw==
main.25d8165c.chunk.js
login.ecster.se/static/js/ 		762 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/js/main.25d8165c.chunk.js
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
205f50448114fa386d51cdcfdf77e790ce9e650bb407248c1390a218e95c2be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 06:23:39 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
30589
etag
W/"0771d4e61153ea93e8d4dd4fcf2765ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Ryq1DwOrsNN8itQjwonk4WwmmvJf7RKvrXi5XEwlRu4aP9SPkg-Rfg==
analytics.js
login.ecster.se/ga/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/ga/analytics.js?v=1636968915572
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/ga/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
356db2f2de44991bd45e1db681b4fcaa3ec2790070db20cc0eb2aee0c2fd5ba4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:18 GMT
server
AmazonS3
age
27613
etag
W/"beabb5af8f051e1bd216f58078295085"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
BR6rEP1ZWrZ38CiBVmMOQd0TwN8W3XrKn5Z3-HeaeyY5YvtLxw1V9A==
sv-SE.json
login.ecster.se/static/i18n/ 		95 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/i18n/sv-SE.json?v=v3.0.2473
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/js/2.5f1eaad9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6143d4549b14a27f8b9fc0534ae069da1b38d6b7a61cc2b3b2a6a73762a69cf

Request headers

Referer
https://login.ecster.se/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
W/"81aa398bbbaf2aa5d3fc9cdb0f15bd0a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
XzNHHDMq7x8THehaXkBdH-EOLJdv3AKfVTMlRlL4eSge-ovSnbfybw==
sv.json
login.ecster.se/static/i18n/ 		43 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/i18n/sv.json?v=v3.0.2473
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/js/2.5f1eaad9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
693d1fbc99613cd412355616a64ef2d3f9ff4b3b47f7a63a0e16c8d3ec86c4c8

Request headers

Referer
https://login.ecster.se/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"324f342b9e5859a67d17a90b5edf8a76"
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
43
x-amz-cf-id
5Ra1EgOJf0wa5Mj9s-aQmpJJaeN4lY2-pxki3K6H5m3pqtT4ompdzg==
en.json
login.ecster.se/static/i18n/ 		37 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/i18n/en.json?v=v3.0.2473
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/js/2.5f1eaad9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8cc151859e25f17d37216718c11df6e83d5a4648e1f68b072290d6954a6e293

Request headers

Referer
https://login.ecster.se/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 06:23:40 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
30588
etag
"8f678595b467acbf07d4e35809a1cecd"
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
37
x-amz-cf-id
p-cUxh4CmGw2xpLCxLfi3TWCgy3wOQT9FWrMI47ZqjBLKT4FSj5gqQ==
externalsystem
secure.ecster.se/rest/eos/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/rest/eos/v1/externalsystem
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ Servlet/3.1
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-ecster-origin
Origin
https://login.ecster.se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 18 Nov 2021 14:53:28 GMT
X-Powered-By
Servlet/3.1
Allow
GET,OPTIONS,HEAD
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Headers
x-ecster-origin
Access-Control-Allow-Origin
https://login.ecster.se
Content-Length
0
Connection
close
Content-Language
en-US
externalsystem
secure.ecster.se/rest/eos/v1/ 		423 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ecster.se/rest/eos/v1/externalsystem
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/js/2.5f1eaad9.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
192.176.124.142 , Sweden, ASN3301 (TELIANET-SWEDEN Telia Company, SE),
Reverse DNS
secure.ecster.se
Software
/ Servlet/3.1
Resource Hash
2ad56b164cb1760634131a72565ba492d6d109c3e94f03db3dd6b47d87f5d853

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.ecster.se/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-ECSTER-origin
mypages - web-app - mobile - v3.0.2473

Response headers

Date
Thu, 18 Nov 2021 14:53:28 GMT
X-Powered-By
Servlet/3.1
Transfer-Encoding
chunked
Content-Language
en-US
Access-Control-Allow-Origin
https://login.ecster.se
Cache-Control
no-store, no-transform, no-cache=set-cookie
Connection
close
Content-Type
application/json
X-Request-ID
8ab8de66-38a0-4995-9510-2065add81a11
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecster-icons.36a62c54.woff
login.ecster.se/static/media/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/ecster-icons.36a62c54.woff
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f972698b32eabe2d4555c8ef09f24bc3897ddbb4b12d8e64402e6b3226c3e07a

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"96ab05a780916270f9ff79926f53020e"
x-cache
Hit from cloudfront
content-type
application/font-woff
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
21332
x-amz-cf-id
YeLoDimo7SRVM9d9DIeHXZCu7Da2oaewG1OE1YOKST94qIU1x3RU1g==
pt-sans-bold.50871a79.woff2
login.ecster.se/static/media/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/pt-sans-bold.50871a79.woff2
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2bfa7efdf1997c2393a9a1dd409641fc06f566ad5fbe9624cf1daea09c2aa04

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"037e0518d5dfbe42bc1f4d53f6be54d6"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
50664
x-amz-cf-id
JN8pMoXSSgtAc6TbjGCQYPAInQi_4fBqz3kUW5xrJ5n0sh4DM2KVAQ==
campton-bold-webfont.f94035c8.woff2
login.ecster.se/static/media/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/campton-bold-webfont.f94035c8.woff2
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87b64e9ad4d9b724d2605e32a02c15cb3528e0de5df662b1afed7feffde43bf3

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"de6f850854484b1d60a2ec8d6dbf265e"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
27280
x-amz-cf-id
I2rqL__jDfZakaWM9JYyALb-jhGQclrbT9U7-WYk1QZ899RyW1aU3A==
pt-sans-bold-italic.d9acc227.woff2
login.ecster.se/static/media/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/pt-sans-bold-italic.d9acc227.woff2
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6d4afa8699f40f59720b6a3923cefe368f24622f766a84f709e728c48b6f3e4

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:07:58 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27930
etag
"174091c1a60a0e83c630f0dbd49efb8c"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
34464
x-amz-cf-id
fjT7iOVTU5E6bhGahJg4JRBpdmG7IJPgwbiIuL3VJpMngDvNXnxamA==
pt-sans-regular-italic.5577242e.woff2
login.ecster.se/static/media/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/pt-sans-regular-italic.5577242e.woff2
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a8f48c3015c569afc3f44e4f2ab8c59ea383207a500710f3f6d122feafdc966

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"775cd05f8363aa26160e3cba4cced170"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
44648
x-amz-cf-id
Bj8HlmyXcevEQkzQYLFBLdWB3ehzc9OkYKDMyMOmBfQyLBNsxYzHNQ==
pt-sans-regular.5bebdb89.woff2
login.ecster.se/static/media/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.ecster.se/static/media/pt-sans-regular.5bebdb89.woff2
Requested by
Host: login.ecster.se
URL: https://login.ecster.se/static/css/main.0367be74.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4767d047a6c6208dabec5251088cc0b1b23c974a3607a94d4967a82036f341e6

Request headers

Referer
https://login.ecster.se/static/css/main.0367be74.chunk.css
Origin
https://login.ecster.se
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:13:15 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 07:09:23 GMT
server
AmazonS3
age
27613
etag
"e33fc25cffa9ac0db849e9cbac6e9d84"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
47216
x-amz-cf-id
jQk5Q8UdQRdFkdxu6yP-Ok4KxpLMOvbYTIvzkfAqJJQ5SQsjBAE9Ug==
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&aip=1&a=1661408844&t=pageview&_s=1&dl=https%3A%2F%2Flogin.ecster.se%2F&dr=https%3A%2F%2Fsecure.ecster.se%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAUAB~&jid=&gjid=&cid=663115983.1637247208&tid=UA-127526908-1&_gid=1419683020.1637247208&cd3=login-web-app&cd1=SE&cd6=v3.0.2473&cd2=prod&cd4=no&cd5=none&z=377126767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 10:19:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16423
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
login.jpg
res.cloudinary.com/ecster/t_base,f_auto,q_auto:good,dpr_auto,w_1920/v1/backgrounds/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/ecster/t_base,f_auto,q_auto:good,dpr_auto,w_1920/v1/backgrounds/login.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a26b4c5664eb7655b4a60a6c798e3d74b32c2362a2cc7b319f53da12db053842
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.ecster.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:53:28 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="login.webp"
server-timing
fastly;dur=468;cpu=1;start=2021-11-18T14:53:28.135Z;desc=miss,rtt;dur=0,cloudinary;dur=78;start=2021-11-18T14:53:28.377Z
vary
DPR
content-length
71832
last-modified
Fri, 07 Aug 2020 09:22:03 GMT
server
Cloudinary
etag
"ae8db380a0cb56f808ddc8a717178a23"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=2592000, immutable
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| GAConf object| w string| scriptPath string| basePath string| GoogleAnalyticsObject function| ga object| EcsterConfig object| webpackJsonpecster-login object| gaplugins object| gaGlobal object| regeneratorRuntime function| setImmediate function| clearImmediate object| ecKeyValueStorage object| __SENTRY__ function| ecsterI18nLinkOnClick function| ecsterI18nLinkFollowLink object| __SECRET_EMOTION__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| lazySizes object| gaData

5 Cookies

Domain/Path Name / Value
secure.ecster.se/ Name: ECSTER-cookie
Value: !xb3Q3/ZD/nUHgVDlLQAB/zx+tXMUVUVwm3HdO7xCPnB/HRMnuEnhtCxVveMKTkmfcjNodhcnLRekckw=
.ecster.se/ Name: _ga
Value: GA1.2.663115983.1637247208
.ecster.se/ Name: _gid
Value: GA1.2.1419683020.1637247208
.ecster.se/ Name: _gat
Value: 1
login.ecster.se/ Name: locale
Value: "sv-SE"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.ecster.se
res.cloudinary.com
secure.ecster.se
www.google-analytics.com
108.157.4.94
192.176.124.142
2a00:1450:4001:831::200e
2a04:4e42:200::393
01e97aa626d0b00c3253c93beae4fc4f7a586133f690554e16eedf68f06f94a2
109e545adacf063c5a791bc58bf7bdc31105fac737ad9f9d0c6bbeca27da23f2
205f50448114fa386d51cdcfdf77e790ce9e650bb407248c1390a218e95c2be1
2290c783611d0f4ba6dcfccdc78087d523c9b725ba10b742119f44745e12079e
2ad56b164cb1760634131a72565ba492d6d109c3e94f03db3dd6b47d87f5d853
356db2f2de44991bd45e1db681b4fcaa3ec2790070db20cc0eb2aee0c2fd5ba4
439ff143d45152864463ee42ed5111ebb2fdc31b8e8b8e90a6336d447de38b1f
4767d047a6c6208dabec5251088cc0b1b23c974a3607a94d4967a82036f341e6
56b28f2c2ff87ae152e40543c6afca238dd594aeef718eb656940beac7591504
693d1fbc99613cd412355616a64ef2d3f9ff4b3b47f7a63a0e16c8d3ec86c4c8
6a8f48c3015c569afc3f44e4f2ab8c59ea383207a500710f3f6d122feafdc966
6c4807f119d901a160339ef9ea200dc093e7fc8ecac334d06d7f413ddfdd07ac
7930088f8a45598ab45fb7ef325b8b772f81e61132f5d4c7144345a8c1ca8f6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b64e9ad4d9b724d2605e32a02c15cb3528e0de5df662b1afed7feffde43bf3
a26b4c5664eb7655b4a60a6c798e3d74b32c2362a2cc7b319f53da12db053842
a6d4afa8699f40f59720b6a3923cefe368f24622f766a84f709e728c48b6f3e4
a8cc151859e25f17d37216718c11df6e83d5a4648e1f68b072290d6954a6e293
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e2bfa7efdf1997c2393a9a1dd409641fc06f566ad5fbe9624cf1daea09c2aa04
eb8d6f84508feafcd705d06d20ed2745533b5108dc4c9f43006e7bc3166887ce
f6143d4549b14a27f8b9fc0534ae069da1b38d6b7a61cc2b3b2a6a73762a69cf
f972698b32eabe2d4555c8ef09f24bc3897ddbb4b12d8e64402e6b3226c3e07a