urlscan.io logo urlscan.io
SecurityTrails logo

www.memoriesforyouco.com Open in urlscan Pro
69.162.173.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://securecart.memoriesforyouco.com/
Effective URL: https://www.memoriesforyouco.com/
Submission: On July 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 29 HTTP transactions. The main IP is 69.162.173.28, located in United States and belongs to STEADFAST, US. The main domain is www.memoriesforyouco.com.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.
This is the only time www.memoriesforyouco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.201.176.61 14618 (AMAZON-AES)
1 15 69.162.173.28 32748 (STEADFAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.64.150.190 13335 (CLOUDFLAR...)
3 2a02:6ea0:c70... 60068 (CDN77 _)
1 2a00:1450:400... 15169 (GOOGLE)
3 156.146.33.141 60068 (CDN77 _)
1 2600:1f14:5db... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
29 9
1    52.201.176.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-176-61.compute-1.amazonaws.com
securecart.memoriesforyouco.com
15    69.162.173.28 (United States)

ASN32748 (STEADFAST, US)
PTR: adamwest.securedserverspace.com
memoriesforyouco.com
www.memoriesforyouco.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.64.150.190 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
static.mailerlite.com
3    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.userway.org
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    156.146.33.141 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com
cdn.userway.org
1    2600:1f14:5db:eb22:1d09:c1eb:33fb:e67d (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 memoriesforyouco.com
securecart.memoriesforyouco.com
memoriesforyouco.com
www.memoriesforyouco.com
1 MB
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 5397
api.userway.org — Cisco Umbrella Rank: 5320
64 KB
2 mailerlite.com
static.mailerlite.com — Cisco Umbrella Rank: 25939
www.mailerlite.com Failed
5 KB
2 gstatic.com
fonts.gstatic.com
104 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1793
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
105 KB
29 6
Domain Requested by
14 www.memoriesforyouco.com www.memoriesforyouco.com
6 cdn.userway.org www.memoriesforyouco.com
cdn.userway.org
2 static.mailerlite.com www.memoriesforyouco.com
static.mailerlite.com
2 fonts.gstatic.com www.memoriesforyouco.com
1 region1.google-analytics.com www.googletagmanager.com
1 api.userway.org cdn.userway.org
1 www.googletagmanager.com www.memoriesforyouco.com
1 memoriesforyouco.com 1 redirects
1 securecart.memoriesforyouco.com 1 redirects
0 www.mailerlite.com Failed www.memoriesforyouco.com
29 10
Subject Issuer Validity Valid
memoriesforyouco.com
R11		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
mailerlite.com
E6		 2024-06-26 -
2024-09-24		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.memoriesforyouco.com/
Frame ID: FC9C1FE42CE1EA67A4F2EA16C6B162AF
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Memories for You Co

Page URL History Show full URLs

  1. https://securecart.memoriesforyouco.com/ HTTP 302
    https://memoriesforyouco.com/ HTTP 301
    https://www.memoriesforyouco.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

56 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

1607 kB
Transfer

2708 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securecart.memoriesforyouco.com/ HTTP 302
    https://memoriesforyouco.com/ HTTP 301
    https://www.memoriesforyouco.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://app.mailerlite.com/proxy/abdata/?url=/1466/1466448/universal/r2m0c7c0g6_popups.js&v=1720378477 HTTP 302
  • https://static.mailerlite.com/data/b/1466/1466448/universal/r2m0c7c0g6_popups.js?v=1720378477 HTTP 302
  • https://static.mailerlite.com/users/login/ HTTP 302
  • https://www.mailerlite.com/

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.memoriesforyouco.com/
Redirect Chain
  • https://securecart.memoriesforyouco.com/
  • https://memoriesforyouco.com/
  • https://www.memoriesforyouco.com/
129 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
28b97ff49ffec74f51ac84bd1c292bb0a8866e5b1cd1fc3039e9ea54c32f7b15

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 Jul 2024 18:54:37 GMT
link
<https://www.memoriesforyouco.com/wp-json/>; rel="https://api.w.org/" <https://www.memoriesforyouco.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json" <https://www.memoriesforyouco.com/>; rel=shortlink
server
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 07 Jul 2024 18:54:36 GMT
location
https://www.memoriesforyouco.com/
server
LiteSpeed
x-redirect-by
WordPress
siteground-optimizer-combined-css-051ef34810b01e1a4ef6d4f908653a6a.css
www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/ 		402 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-051ef34810b01e1a4ef6d4f908653a6a.css
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
e387ca7ab494008bd5f6fcae1852fc6ffde13a899959feb409795e510bc8a329

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 23:18:08 GMT
server
LiteSpeed
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55530
expires
Sun, 14 Jul 2024 18:54:37 GMT
jquery.min.js
www.memoriesforyouco.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 03:44:24 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Sun, 14 Jul 2024 18:54:37 GMT
cropped-Memories-For-You-landscape-with-M-black-smaller-for-web.png
www.memoriesforyouco.com/wp-content/uploads/2020/07/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2020/07/cropped-Memories-For-You-landscape-with-M-black-smaller-for-web.png
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
96e3e03c0c1a58cb9b528d229ee96fe9486cc6b73964b67ad4bf216f419a82b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Tue, 29 Mar 2022 17:13:02 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13558
expires
Sun, 14 Jul 2024 18:54:37 GMT
siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/ 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
de0dad205b2e454e6289fef0bc447fef105e7b8e7f37aee4ea11bca4c4728755

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 21:12:02 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33753
expires
Sun, 14 Jul 2024 18:54:37 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Depositphotos_79398812_XL-scaled.jpg
www.memoriesforyouco.com/wp-content/uploads/2022/03/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2022/03/Depositphotos_79398812_XL-scaled.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
7d553d127d640a8dab606c6bd61ce50f07a6a0eb06c5879c5af37940c1aa8951

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Thu, 23 Feb 2023 22:05:54 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
247477
expires
Sun, 14 Jul 2024 18:54:37 GMT
camcordertapesoptomized.jpg
www.memoriesforyouco.com/wp-content/uploads/2019/04/ 		540 KB
541 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2019/04/camcordertapesoptomized.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
5ec1a6e19bb2b728e3a5c29d09f1a738bfa40bbff532ff37cda5d2e0087fde6f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Mon, 29 Mar 2021 17:38:44 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
553182
expires
Sun, 14 Jul 2024 18:54:37 GMT
Depositphotos_114127578_xl-2015-scaled.jpg
www.memoriesforyouco.com/wp-content/uploads/2020/05/ 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2020/05/Depositphotos_114127578_xl-2015-scaled.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
b8928e907ef09c2c01938ab6eff02d972758ec0012c96dba5f8b4aced2bd53db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Mon, 29 Mar 2021 17:30:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
279342
expires
Sun, 14 Jul 2024 18:54:37 GMT
S6u9w4BMUTPHh6UVew8.ttf
fonts.gstatic.com/s/lato/v24/ 		69 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVew8.ttf
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e8f4be57ddc47cb7882c41b60216b6085b1ceaf717514be2b88fa15396238d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Origin
https://www.memoriesforyouco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35383
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Jul 2025 18:54:37 GMT
Jqzh5TybZ9vZMWFssvwiFw.ttf
fonts.gstatic.com/s/gfsdidot/v15/ 		160 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gfsdidot/v15/Jqzh5TybZ9vZMWFssvwiFw.ttf
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
631c7b4313cbc82fbc2d283cdd8bc0b421992d1580861945a9707bc7936ed084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Origin
https://www.memoriesforyouco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69966
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:40:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 00:51:15 GMT
universal.js
static.mailerlite.com/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mailerlite.com/js/universal.js?172037
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.190 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a90196d04ee43163c2e5211817d4bd4ed0b5cf0e49e92c5a49ceefa8fda13a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 10:56:59 GMT
server
cloudflare
via
1.1 google
age
4147
etag
W/"66867ffb-40e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
cf-ray
89fa0b4d7bdc8fec-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 18:54:37 GMT
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:37 GMT
via
1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
248
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170915
x-77-cache
HIT
x-cache
HIT
x-age
2566
x-accel-date
1720375911
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3BgoAAAwBJRPCNAH3BQEAAA
x-accel-expires
@1720379511
x-77-age
2566
last-modified
Fri, 05 Jul 2024 09:05:30 GMT
server
CDN77-Turbo
etag
W/"b106bd0c183303a7d661f13fced07408"
x-77-nzt-ray
cf878727436446eb6de48a6652f9bf28
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
_2IGdhzVHSF06DCAKwiGe_iFgxaTuX4g04xUIWAj6LklPDrCO9Z9JA==
js
www.googletagmanager.com/gtag/ 		318 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HL3SY8XSF2
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3356c478dd59fdeff6db7bc640cce247c362949926a052b3854d63cf985b54c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jul 2024 18:54:37 GMT
banner-1-optout.css
www.memoriesforyouco.com/wp-content/uploads/complianz/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/complianz/css/banner-1-optout.css?v=19
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
d9087d28f89c3992dd89fd358f344dae1721fe071ecd93a778dca8b5dd94706a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
last-modified
Tue, 13 Jun 2023 12:27:07 GMT
server
LiteSpeed
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2801
expires
Sun, 14 Jul 2024 18:54:37 GMT
68a1bc40-ada1-4237-88c3-65348208e378
https://www.memoriesforyouco.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.memoriesforyouco.com/68a1bc40-ada1-4237-88c3-65348208e378
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
Blog-Home-Page-Photo-book.jpg
www.memoriesforyouco.com/wp-content/uploads/2022/04/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2022/04/Blog-Home-Page-Photo-book.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
ab7e1fcae2bf81d914f0872134aff6dc96c8faa1448008457ed95d5e9fd4a2dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Sat, 02 Apr 2022 15:34:45 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
44929
expires
Sun, 14 Jul 2024 18:54:37 GMT
Copy-of-Resources-for-website-.jpg
www.memoriesforyouco.com/wp-content/uploads/2022/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2022/03/Copy-of-Resources-for-website-.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
0b83118cf28914fbfdd8aff0ae504ce07b6c566b972fbea8c355059eb4439727

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Tue, 29 Mar 2022 21:14:58 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8751
expires
Sun, 14 Jul 2024 18:54:37 GMT
Deposit-Photos-Desktop-camera-coffee-and-camera-with-overlay-gray-1024x683.jpg
www.memoriesforyouco.com/wp-content/uploads/2022/04/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2022/04/Deposit-Photos-Desktop-camera-coffee-and-camera-with-overlay-gray-1024x683.jpg
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
84583857fe3b6d1e3c37082b50df87f896dc339bdc7d6c64f85c46fc4ae56326

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
last-modified
Sat, 02 Apr 2022 15:40:29 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62866
expires
Sun, 14 Jul 2024 18:54:37 GMT
wp-emoji-release.min.js
www.memoriesforyouco.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.4
Requested by
Host: www.memoriesforyouco.com
URL: https://www.memoriesforyouco.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-1c6c35eaa11f466058d5a6990660e9ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 12:23:26 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Sun, 14 Jul 2024 18:54:37 GMT
widget_app_base_1720170198437.js
cdn.userway.org/widgetapp/2024-07-05-09-03-18/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Origin
https://www.memoriesforyouco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:37 GMT
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
269
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170915
x-77-cache
HIT
x-cache
HIT
x-age
207562
x-accel-date
1720170915
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3yioDAAwBJRPCLgH37AAAAA
x-accel-expires
@1746090679
x-77-age
207562
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"450d1be7460efab44c317e168e2612a9"
x-77-nzt-ray
cf8787272b653ded6de48a6601f5cf29
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
zU-nkm-0F8ar7ux4J-D3fPvcVeSnWKuG5pTQs-6hCRTCWiOA0VKt8w==
universal.css
static.mailerlite.com/css/ 		782 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.mailerlite.com/css/universal.css?v4
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?172037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.190 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:37 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 10:56:57 GMT
server
cloudflare
via
1.1 google
age
3767
etag
W/"66867ff9-30e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=432000
cf-ray
89fa0b4dac178fec-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 18:54:37 GMT
/
www.mailerlite.com/
Redirect Chain
  • https://app.mailerlite.com/proxy/abdata/?url=/1466/1466448/universal/r2m0c7c0g6_popups.js&v=1720378477
  • https://static.mailerlite.com/data/b/1466/1466448/universal/r2m0c7c0g6_popups.js?v=1720378477
  • https://static.mailerlite.com/users/login/
  • https://www.mailerlite.com/
0
0
lzB6i8fgHx
api.userway.org/api/tunings/ 		604 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/lzB6i8fgHx
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:1d09:c1eb:33fb:e67d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7ac128f3ab567a11817faf36240a78fb5823cd2ebedf75f0c3a25c8b9e34ce44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jul 2024 18:54:38 GMT
etag
W/"25c-ffXYQ5nTLDLVsINeV+rThiA/lUA"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr354821072cb9488
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
604
x-service-version
uw-pr
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HL3SY8XSF2&gtm=45je4730v9102788694za200&_p=1720378477539&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=162729662.1720378478&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720378477&sct=1&seg=0&dl=https%3A%2F%2Fwww.memoriesforyouco.com%2F&dt=Home%20-%20Memories%20for%20You%20Co&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2631&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HL3SY8XSF2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 18:54:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.memoriesforyouco.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cropped-Memories-For-You-PNG-2-black-32x32.png
www.memoriesforyouco.com/wp-content/uploads/2019/03/ 		252 B
353 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.memoriesforyouco.com/wp-content/uploads/2019/03/cropped-Memories-For-You-PNG-2-black-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.162.173.28 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
adamwest.securedserverspace.com
Software
LiteSpeed /
Resource Hash
ff919974be5dc4aa04e217c0cc5007f2c126871f2250381ecaa91c81f1a6472d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 18:54:38 GMT
last-modified
Mon, 29 Mar 2021 17:40:48 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
252
expires
Sun, 14 Jul 2024 18:54:38 GMT
en-US.json
cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/ 		621 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:38 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
240
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170923
x-77-cache
HIT
x-cache
HIT
x-age
207555
x-accel-date
1720170923
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3wyoDAAwBnJIhJwH3DAEAAA
x-accel-expires
@1746090655
x-77-age
207555
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
cf8787272b65330f6ee48a667f802a0e
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
31shi0nbtnecgAb8xwYEM8eG9M_Ng7XilKgIsIgZUUQ_c2296-yFBw==
remediation-tool-free.js
cdn.userway.org/remediation/2024-07-05-09-03-18/free/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-07-05-09-03-18/free/remediation-tool-free.js?ts=1720170198437
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Origin
https://www.memoriesforyouco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:38 GMT
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
268
x-amz-server-side-encryption
AES256
x-accel-date-max
1720170920
x-77-cache
HIT
x-cache
HIT
x-age
207558
x-accel-date
1720170920
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3xioDAAwBJRPCLgH38QAAAA
x-accel-expires
@1746090679
x-77-age
207558
last-modified
Fri, 05 Jul 2024 09:05:28 GMT
server
CDN77-Turbo
etag
W/"9db409bc341a6520412b5c42d90785b2"
x-77-nzt-ray
cf8787272b659e2f6ee48a66d322122c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
HKlHsBGiTd6Ajqvtr7j90q8s5scxVMQpc4d2kO6dIC5YR5N-iFu2bA==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:38 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720170915
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
207563
x-accel-date
1720170915
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3yyoDAAwBnJIhJwH3CQEAAA
x-accel-expires
@1746090650
x-77-age
207563
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
cf878727436446eb6ee48a661824a22c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
AyFyno5p1fbfAUVOI1kcGEsk3W0Hzp0HcZrzg7KqtULTx_ziAhOfQg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.memoriesforyouco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 Jul 2024 18:54:38 GMT
via
1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720170915
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
207563
x-accel-date
1720170915
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3yyoDAAwBnJIhJwH3CQEAAA
x-accel-expires
@1746090650
x-77-age
207563
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
cf878727436446eb6ee48a66d1a3aa2c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
gQjoVotf2srr_wLW1xgpIIKMtfvQlTnrmnVGiRDl2Rs-4I5vNAym8w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mailerlite.com
URL
https://www.mailerlite.com/

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| wc_add_to_cart_params object| woocommerce_params function| gtag object| dataLayer_content object| wc_order_attribution object| kadenceConfig object| complianz function| ml_account function| cmplz_create_element function| cmplz_add_event function| cmplz_is_hidden function| cmplz_html_decode function| cmplzLoadConsentAreaContent object| cmplz_banner object| cmplz_manage_consent_button undefined| cmplzResizeTimer object| cmplz_banner_container object| cmplz_waiting_inline_scripts object| cmplz_waiting_scripts object| cmplz_fired_scripts number| cmplz_placeholder_class_index boolean| cmplz_all_scripts_hook_fired boolean| cmplz_consent_stored_once object| cmplz_fired_category_events object| cmplz_fired_service_events object| cmplz_categories function| cmplz_run_script function| cmplz_maybe_run_waiting_scripts function| cmplz_set_blocked_content_container function| cmplz_insert_placeholder_text function| cmplz_set_blocked_content_container_aspect_ratio function| cmplz_has_blocked_scripts function| cmplz_enable_category function| cmplz_remove_placeholder function| cmplz_get_waiting_script function| cmplz_array_is_empty function| cmplz_is_waiting_script function| cmplz_run_after_all_scripts object| cmplz_fired_events function| cmplz_run_tm_event function| cmplz_fire_before_categories_consent function| cmplz_check_cookie_policy_id function| cmplz_do_not_track function| cmplz_get_services_on_page function| cmplz_is_bot function| cmplz_is_speedbot function| cmplz_exists_service_consent function| cmplz_set_service_consent function| cmplz_clear_all_service_consents function| cmplz_get_all_service_consents function| cmplz_get_cookie_path function| cmplz_get_cookie_domain function| cmplz_reload_browser_compatible undefined| cmplz_id_cookie undefined| cmplz_id_session undefined| cmplz_id object| cmplz_user_data function| cmplz_track_status_end function| cmplz_set_up_auto_dismiss function| cmplz_fire_categories_event function| cmplz_track_status function| cmplz_accepted_categories function| cmplz_sync_category_checkboxes function| cmplz_merge_object function| cmplz_clear_cookies function| cmplz_set_accepted_cookie_policy_id function| cmplz_integrations_init function| cmplz_integrations_revoke function| cmplz_set_integrations_cookies function| cmplz_get_url_parameter function| cmplz_maybe_auto_redirect function| cmplz_wp_set_consent undefined| cmplzCleanCookieInterval object| cmplz_cookie_data function| cmplz_start_clean function| cmplz_do_cleanup function| cmplz_setup_clean_interval function| cmplz_clear_storage function| cmplz_load_manage_consent_container function| cmplz_equals function| cmplzCopyAttributes object| cmplz_has_wp_video number| cmplz_times_checked object| _wpemojiSettings string| MailerLiteObject function| ml object| Cookies object| lazySizes object| sbjs object| kadence function| cmplz_get_cookie function| cmplz_set_cookie function| cmplz_in_array function| cmplz_highest_accepted_category function| cmplz_accept_all function| cmplz_deny_all function| conditionally_show_banner function| show_cookie_banner function| cmplz_get_banner_status function| cmplz_set_banner_status function| cmplz_has_consent function| cmplz_is_service_denied function| cmplz_has_service_consent function| cmplz_set_consent string| wp_consent_type object| UserWayWidgetApp object| ml_storage function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

10 Cookies

Domain/Path Name / Value
.securecart.memoriesforyouco.com/ Name: thrivecart_v2
Value: f6bp867pbu2b302kq4vdrv6r46
.memoriesforyouco.com/ Name: sbjs_migrations
Value: 1418474375998%3D1
.memoriesforyouco.com/ Name: sbjs_current_add
Value: fd%3D2024-07-07%2018%3A54%3A37%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww.memoriesforyouco.com%2F%7C%7C%7Crf%3D%28none%29
.memoriesforyouco.com/ Name: sbjs_first_add
Value: fd%3D2024-07-07%2018%3A54%3A37%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww.memoriesforyouco.com%2F%7C%7C%7Crf%3D%28none%29
.memoriesforyouco.com/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.memoriesforyouco.com/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.memoriesforyouco.com/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36
.memoriesforyouco.com/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fwww.memoriesforyouco.com%2F
.memoriesforyouco.com/ Name: _ga_HL3SY8XSF2
Value: GS1.1.1720378477.1.0.1720378477.0.0.0
.memoriesforyouco.com/ Name: _ga
Value: GA1.1.162729662.1720378478

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
fonts.gstatic.com
memoriesforyouco.com
region1.google-analytics.com
securecart.memoriesforyouco.com
static.mailerlite.com
www.googletagmanager.com
www.mailerlite.com
www.memoriesforyouco.com
www.mailerlite.com
156.146.33.141
172.64.150.190
2001:4860:4802:32::36
2600:1f14:5db:eb22:1d09:c1eb:33fb:e67d
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a02:6ea0:c700::18
52.201.176.61
69.162.173.28
02e8f4be57ddc47cb7882c41b60216b6085b1ceaf717514be2b88fa15396238d
0b83118cf28914fbfdd8aff0ae504ce07b6c566b972fbea8c355059eb4439727
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd
28b97ff49ffec74f51ac84bd1c292bb0a8866e5b1cd1fc3039e9ea54c32f7b15
3356c478dd59fdeff6db7bc640cce247c362949926a052b3854d63cf985b54c3
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
59a90196d04ee43163c2e5211817d4bd4ed0b5cf0e49e92c5a49ceefa8fda13a
5ec1a6e19bb2b728e3a5c29d09f1a738bfa40bbff532ff37cda5d2e0087fde6f
631c7b4313cbc82fbc2d283cdd8bc0b421992d1580861945a9707bc7936ed084
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42
7ac128f3ab567a11817faf36240a78fb5823cd2ebedf75f0c3a25c8b9e34ce44
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
7d553d127d640a8dab606c6bd61ce50f07a6a0eb06c5879c5af37940c1aa8951
84583857fe3b6d1e3c37082b50df87f896dc339bdc7d6c64f85c46fc4ae56326
96e3e03c0c1a58cb9b528d229ee96fe9486cc6b73964b67ad4bf216f419a82b3
ab7e1fcae2bf81d914f0872134aff6dc96c8faa1448008457ed95d5e9fd4a2dd
b8928e907ef09c2c01938ab6eff02d972758ec0012c96dba5f8b4aced2bd53db
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d9087d28f89c3992dd89fd358f344dae1721fe071ecd93a778dca8b5dd94706a
de0dad205b2e454e6289fef0bc447fef105e7b8e7f37aee4ea11bca4c4728755
e387ca7ab494008bd5f6fcae1852fc6ffde13a899959feb409795e510bc8a329
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff919974be5dc4aa04e217c0cc5007f2c126871f2250381ecaa91c81f1a6472d