urlscan.io logo urlscan.io
SecurityTrails logo

login.lealtycards.com Open in urlscan Pro
204.48.26.137  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.lealtycards.com/
Submission: On August 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 204.48.26.137, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is login.lealtycards.com.
TLS certificate: Issued by R3 on August 15th 2023. Valid for: 3 months.
This is the only time login.lealtycards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 204.48.26.137 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 5.101.109.44 14061 (DIGITALOC...)
22 5
9    204.48.26.137 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
login.lealtycards.com
api.digitalwallet.cards
1    2607:f8b0:4006:80f::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2607:f8b0:4006:80c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
3    2607:f8b0:4006:821::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    5.101.109.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: fra1.digitaloceanspaces.com
bmrng.fra1.digitaloceanspaces.com
Domain Requested by
5 api.digitalwallet.cards login.lealtycards.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 login.lealtycards.com login.lealtycards.com
3 www.google.com login.lealtycards.com
www.gstatic.com
www.google.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 bmrng.fra1.digitaloceanspaces.com
1 fonts.googleapis.com login.lealtycards.com
22 7

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
login.lealtycards.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
api.digitalwallet.cards
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.fra1.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://login.lealtycards.com/
Frame ID: CA3FFCA3AACAACA98A00BE2017F5C4C9
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Frame ID: 6ADB9C6EAEDA241D0562FA0178B3B24E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Foundercard.pro

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

2459 kB
Transfer

6694 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.lealtycards.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.lealtycards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / Express
Resource Hash
b3b97014878c5d2475f4b77f287cd4cccc96db8c4738130b43fcd6ac9f7ee1cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 23:41:43 GMT
etag
W/"e06-7VCMoO5fglXcn0A5pdT8sBTDPHw"
server
nginx/1.23.3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-powered-by
Express
x-request-id
2b03666d5247c1fee0af32c05b7c85f7
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700&display=swap
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5508bf4a9989ef5258dbecfe9fe1b0daaca7c931963ebcf993b6d761e4afc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 23:41:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 23:24:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 23:41:44 GMT
main.cc9134c7.js
login.lealtycards.com/static/js/ 		4 MB
884 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.lealtycards.com/static/js/main.cc9134c7.js
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / Express
Resource Hash
250e8f6abad1f16d96c840600e6ed8a8a1cd61497928605f3c2a3370f6071cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Aug 2023 17:17:42 GMT
server
nginx/1.23.3
x-powered-by
Express
etag
W/"3e573f-189fa340dd5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-request-id
e2d78b92c03148ce21820b5753f46161
main.921cd10d.css
login.lealtycards.com/static/css/ 		301 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lealtycards.com/static/css/main.921cd10d.css
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / Express
Resource Hash
3c552b92df2e68e98ca2466a2f3ba2f67f0771b2602746b58a875a6127546844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Aug 2023 17:17:42 GMT
server
nginx/1.23.3
x-powered-by
Express
etag
W/"4b571-189fa340de1"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
x-request-id
d14711702159f949aa88347cf2f8bc26
web
api.digitalwallet.cards/themes/product/ 		879 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.digitalwallet.cards/themes/product/web
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / PHP/8.1.21
Resource Hash
15f91e90f3e402e823724fecbef7d7bee5456f690925ae3c08d9c1f4ea6eb2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept
application/vnd.api+json
Referer
https://login.lealtycards.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx/1.23.3
x-powered-by
PHP/8.1.21
etag
W/"e9215d57391ff216312a0e0c66622f0d"
vary
Accept-Encoding, Accept
x-frame-options
deny
content-type
application/vnd.api+json; charset=utf-8
access-control-allow-origin
https://login.lealtycards.com
access-control-expose-headers
link, x-navbar-data-url, x-redirect-url
cache-control
no-cache, private
link
<http://api.digitalwallet.cards/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-request-id
924cab77f1cbe4510ba7e5706e5ecf36
images
api.digitalwallet.cards/themes/product/ 		2 KB
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.digitalwallet.cards/themes/product/images
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / PHP/8.1.21
Resource Hash
4c444a4b0733e96c67c0b69b889711133c2f67a84f31fe28aae64cca9aff8fa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept
application/vnd.api+json
Referer
https://login.lealtycards.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx/1.23.3
x-powered-by
PHP/8.1.21
etag
W/"48d1f8d4efefa536046329a80e1873eb"
vary
Accept-Encoding, Accept
x-frame-options
deny
content-type
application/vnd.api+json; charset=utf-8
access-control-allow-origin
https://login.lealtycards.com
access-control-expose-headers
link, x-navbar-data-url, x-redirect-url
cache-control
no-cache, private
link
<http://api.digitalwallet.cards/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-request-id
337fe9ee13c38e07d07f84b7cfa37d94
common.json
api.digitalwallet.cards/i18n/en/ 		182 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.digitalwallet.cards/i18n/en/common.json
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
c0e48c6e606cffc714a2f0456e981ef6af4dcb3f735eb58982d1297329c35bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 15 Aug 2023 17:18:37 GMT
server
nginx/1.23.3
etag
W/"64dbb36d-2d7ce"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-request-id
079f9e10bfed5678588a9ffbee38e5b4
common.json
api.digitalwallet.cards/i18n/en/ 		182 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.digitalwallet.cards/i18n/en/common.json
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
c0e48c6e606cffc714a2f0456e981ef6af4dcb3f735eb58982d1297329c35bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 15 Aug 2023 17:18:37 GMT
server
nginx/1.23.3
etag
W/"64dbb36d-2d7ce"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-request-id
c420f827b368414c0704f51d04f3dcc1
brief
api.digitalwallet.cards/external_services/ 		1 KB
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.digitalwallet.cards/external_services/brief
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / PHP/8.1.21
Resource Hash
db02c89e497a339d88b8659654364455c98954f0eae70c7592766c85ad386163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept
application/vnd.api+json
Referer
https://login.lealtycards.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx/1.23.3
x-powered-by
PHP/8.1.21
etag
W/"0a864b1d72a6df383b33e14a57f23a41"
vary
Accept-Encoding, Accept
x-frame-options
deny
content-type
application/vnd.api+json; charset=utf-8
access-control-allow-origin
https://login.lealtycards.com
access-control-expose-headers
link, x-navbar-data-url, x-redirect-url
cache-control
no-cache, private
link
<http://api.digitalwallet.cards/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-request-id
093944c12904ab7a5c15db28abd02fcc
xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v14/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v14/xn7gYHE41ni1AdIRggexSg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.lealtycards.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:05:12 GMT
x-content-type-options
nosniff
age
444996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24376
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 20:05:12 GMT
api.js
www.google.com/recaptcha/ 		884 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2077269770860e451e029182baf3efed3625bd8e2ee32aeeba1a1243ba72f324
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585
x-xss-protection
1; mode=block
expires
Tue, 15 Aug 2023 23:41:48 GMT
eye-closed.svg
login.lealtycards.com/assets/icons/ 		929 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.lealtycards.com/assets/icons/eye-closed.svg
Requested by
Host: login.lealtycards.com
URL: https://login.lealtycards.com/static/js/main.cc9134c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.48.26.137 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.3 / Express
Resource Hash
abd6be2fc1db820666857f618d2705cf4fa6c72aeb9abae14287728a4549a851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://login.lealtycards.com/
accept-language
en-US,en;q=0.9
baggage
sentry-environment=production,sentry-public_key=aad5d00a1c004155aaf430cd64dc822f,sentry-trace_id=afbce1393ca149b8b8ac52a045bc52dc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sentry-trace
afbce1393ca149b8b8ac52a045bc52dc-af8e46e18ca4693b-0

Response headers

date
Tue, 15 Aug 2023 23:41:48 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Aug 2023 17:17:42 GMT
server
nginx/1.23.3
x-powered-by
Express
etag
W/"3a1-189fa340da9"
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
929
x-request-id
1567278d4d1bcd5adda88b090cb57979
login
bmrng.fra1.digitaloceanspaces.com/products/672/themes/1429/ 		685 KB
686 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bmrng.fra1.digitaloceanspaces.com/products/672/themes/1429/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
6d49ac73b640f8b16c653c4ecb1bc76d546739dd31531ae56cac635b96d009d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 21 Sep 2022 19:10:36 GMT
x-amz-request-id
tx000000000000085068b5a-0064dc0d3c-adcbe5b3-fra1b
etag
"52903ffb19a49ee0018890cf24861abc"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/jpeg
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
701699
logoLight
bmrng.fra1.digitaloceanspaces.com/products/672/themes/1429/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bmrng.fra1.digitaloceanspaces.com/products/672/themes/1429/logoLight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
43f2db178cde9fd2ad55adf51e6760f8d8da8c7e15867da379e545313e768a78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.lealtycards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 21 Sep 2022 19:10:37 GMT
x-amz-request-id
tx000000000000085067382-0064dc0d3c-adce6df8-fra1b
etag
"f6472581db27d2641dd2535c11e144db"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
278261
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 		450 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.lealtycards.com/
Origin
https://login.lealtycards.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 17:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 17:22:31 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6ADB 		54 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ef6048af6f3cc4048e7d761f110b80137a469ce482739f2202370377bbdf9dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IKCr1xi6iLSoa4DyeIDOuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.lealtycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30563
content-security-policy
script-src 'report-sample' 'nonce-IKCr1xi6iLSoa4DyeIDOuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 23:41:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 6ADB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 17:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 17:22:43 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 6ADB 		450 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 17:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 17:22:31 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6ADB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 23:30:57 GMT
x-content-type-options
nosniff
age
432652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Aug 2023 23:30:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6ADB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:41:31 GMT
x-content-type-options
nosniff
age
403218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:41:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6ADB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:39:53 GMT
x-content-type-options
nosniff
age
565316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:39:53 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 6ADB 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QybaJej5brGL8d7EvWmfKMZU
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f0570843a4b0e86673611f5b29d7f4555e315587c5e8e109d65c640bd870f91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXu2wlAAAAANr1r306zDdg2XPFiKAgWZ8A7aia&co=aHR0cHM6Ly9sb2dpbi5sZWFsdHljYXJkcy5jb206NDQz&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=ogcmvohvn1og
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 15 Aug 2023 23:41:50 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| SERVER_DATA object| webpackChunkboomerangme object| __SENTRY__ number| __mobxInstanceCount object| __mobxGlobals function| saveAs function| IMask object| __localeData__ function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_844135

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.digitalwallet.cards
bmrng.fra1.digitaloceanspaces.com
fonts.googleapis.com
fonts.gstatic.com
login.lealtycards.com
www.google.com
www.gstatic.com
204.48.26.137
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::200a
2607:f8b0:4006:821::2004
5.101.109.44
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
15f91e90f3e402e823724fecbef7d7bee5456f690925ae3c08d9c1f4ea6eb2a8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2077269770860e451e029182baf3efed3625bd8e2ee32aeeba1a1243ba72f324
250e8f6abad1f16d96c840600e6ed8a8a1cd61497928605f3c2a3370f6071cd4
3c552b92df2e68e98ca2466a2f3ba2f67f0771b2602746b58a875a6127546844
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43f2db178cde9fd2ad55adf51e6760f8d8da8c7e15867da379e545313e768a78
4c444a4b0733e96c67c0b69b889711133c2f67a84f31fe28aae64cca9aff8fa4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6d49ac73b640f8b16c653c4ecb1bc76d546739dd31531ae56cac635b96d009d1
6ef6048af6f3cc4048e7d761f110b80137a469ce482739f2202370377bbdf9dd
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
8f0570843a4b0e86673611f5b29d7f4555e315587c5e8e109d65c640bd870f91
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a5508bf4a9989ef5258dbecfe9fe1b0daaca7c931963ebcf993b6d761e4afc2b
abd6be2fc1db820666857f618d2705cf4fa6c72aeb9abae14287728a4549a851
b3b97014878c5d2475f4b77f287cd4cccc96db8c4738130b43fcd6ac9f7ee1cf
c0e48c6e606cffc714a2f0456e981ef6af4dcb3f735eb58982d1297329c35bb4
db02c89e497a339d88b8659654364455c98954f0eae70c7592766c85ad386163