urlscan.io logo urlscan.io
SecurityTrails logo

d1gch5x60yz813.cloudfront.net Open in urlscan Pro
2600:9000:269f:bc00:19:8285:59c0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://d1gch5x60yz813.cloudfront.net/
Submission: On March 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2600:9000:269f:bc00:19:8285:59c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d1gch5x60yz813.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d1gch5x60yz813.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    2600:9000:269f:bc00:19:8285:59c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1gch5x60yz813.cloudfront.net
2    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:b93a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.galaxy.tf
2    44.197.5.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-5-139.compute-1.amazonaws.com
tc.galaxy.tf
3    2607:f8b0:4004:c08::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:b83a (United States)

ASN13335 (CLOUDFLARENET, US)
image-tc.galaxy.tf
Apex Domain
Subdomains		 Transfer
16 cloudfront.net
d1gch5x60yz813.cloudfront.net
773 KB
4 galaxy.tf
cdn.galaxy.tf — Cisco Umbrella Rank: 106936
tc.galaxy.tf — Cisco Umbrella Rank: 105217
image-tc.galaxy.tf — Cisco Umbrella Rank: 83936
50 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
178 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
2 KB
1 gstatic.com
fonts.gstatic.com
16 KB
28 6
Domain Requested by
16 d1gch5x60yz813.cloudfront.net d1gch5x60yz813.cloudfront.net
3 www.google-analytics.com www.googletagmanager.com
d1gch5x60yz813.cloudfront.net
www.google-analytics.com
2 tc.galaxy.tf cdn.galaxy.tf
2 www.googletagmanager.com d1gch5x60yz813.cloudfront.net
www.googletagmanager.com
2 fonts.googleapis.com d1gch5x60yz813.cloudfront.net
1 image-tc.galaxy.tf d1gch5x60yz813.cloudfront.net
1 cdn.galaxy.tf d1gch5x60yz813.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
28 8

This site contains links to these domains. Also see Links.

Domain
www.eliteworldhotels.com.tr
amadeus.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
cdn.galaxy.tf
Cloudflare Inc ECC CA-3		 2024-03-06 -
2024-12-31		 10 months crt.sh
*.galaxy.tf
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
image-tc.galaxy.tf
Cloudflare Inc ECC CA-3		 2023-05-08 -
2024-05-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://d1gch5x60yz813.cloudfront.net/
Frame ID: 84D276D8B1C2F57DFE5B9E1F9C5B5269
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GP Login | Elite World GO Van Edremit Hotel

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

8
IPs

1
Countries

1039 kB
Transfer

3907 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d1gch5x60yz813.cloudfront.net/ 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
83b689abbf8f9c0b48c54c39033d287dcf1674e3f0f32e1921e88956457db322
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 13:24:27 GMT
etag
W/"d797ecb534dd09dfa7504b7ead21d53f"
last-modified
Wed, 28 Feb 2024 13:59:55 GMT
referrer-policy
no-referrer-when-downgrade
server
GLXD
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
x-amz-cf-id
RtxlGYtbNMRDDDAPHUXPlBVZn6xU4ToMv-kPfr0caBub-mjIwQGYEA==
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 13:24:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 13:24:26 GMT
main.css
d1gch5x60yz813.cloudfront.net/css/custom/9687/1/main/1483558f094dec869970eb923ac00fad/ 		747 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/css/custom/9687/1/main/1483558f094dec869970eb923ac00fad/main.css
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
999857194971307e06b8081eb652d76165ae206b262f9f8da0b6aa6e967507fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Feb 2024 13:59:51 GMT
server
GLXD
etag
W/"62547c1a4c77ae0f72e17e0f2ea6ee81"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
34eXll-nvFcdKyyjWZd5R9XHsqARWdmBYJzAJoitIHVCCNVG7CTaTQ==
css
fonts.googleapis.com/ 		9 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 13:24:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 13:24:26 GMT
main.css
d1gch5x60yz813.cloudfront.net/css/custom/9687/307/main/cc391b3dd5b41da4ad09f2a955524274/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/css/custom/9687/307/main/cc391b3dd5b41da4ad09f2a955524274/main.css
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
fc3e4fba5ad16132d1855ffeb773b250b3a051f1813071adc45f699912624374
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Feb 2024 13:59:47 GMT
server
GLXD
etag
W/"8ebbbefd07f5c804ec0f7fc6394a6cda"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
BWkQ8_bZ1mVA2oJffBhC8YkZKQqoB48FNFDV9fANhF5q52DQSROl0w==
main.css
d1gch5x60yz813.cloudfront.net/css/custom/9687/311/main/f28b458ca7dcb416e2c9eca2ba58b72e/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/css/custom/9687/311/main/f28b458ca7dcb416e2c9eca2ba58b72e/main.css
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
bbbf58e20ffdd5712631365a0904e99c5480f56c8dd5ba5d5accece8e4c7b710
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Feb 2024 13:59:30 GMT
server
GLXD
etag
W/"56f9b3f7a31ddc4f28bfb7fe7f5f260a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
qRgM0cy6em4KSzCa9U26UBIp0wZc6gkExHS0rze0JNXrtVr4zadBtA==
gtm.js
www.googletagmanager.com/ 		294 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c2522a93cadf66ffe6b33b46cbc34ed9ee4c80bd75f31ee70a17062346da793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92758
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 16 Mar 2024 13:24:27 GMT
svg-icons.svg
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/svg/ 		61 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:41 GMT
server
GLXD
etag
W/"7685c719fb52cf9d344d1986684da17f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
x-amz-cf-id
E0VC7lG_MC4geEiiJronldJCHU7jTWwTeEBi1RTztXl1KTvXrhfHSA==
main-gp.css
d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/css/ 		121 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/css/main-gp.css?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
1bf9351e3843e24d3ccba933d9c04c4a3752988e5812fd5e9e67e4baa4a7e48d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Feb 2024 13:22:12 GMT
server
GLXD
etag
W/"299c8283f71d96ca138779ec4f2b4c89"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
2IFvZnZqHC_o6nvHC_d0h2W0ZsdOfhsvq5rEG3GpUYMV_P4ANp5NmA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d1gch5x60yz813.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 06:53:24 GMT
x-content-type-options
nosniff
age
282663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 06:53:24 GMT
authorization.bundle.js
d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/js/ 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/js/authorization.bundle.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
d7af672175340e0228faf921e2a6c50222bc486e9d3de2b0e61b41e0f22d8090
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Feb 2024 13:22:14 GMT
server
GLXD
etag
W/"43e958e50b51bb3ae151af9d22743aa4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
Z8Jcn_wITIAc-AeQfAK10538HnnXO6myon-18rOS1aiFflepbJ_yiw==
galaxy-helpers.js
d1gch5x60yz813.cloudfront.net/frontend/galaxy-helpers/public/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-45248abc-bb67-4aa9-ade7-7ac06e68eb63
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:47 GMT
server
GLXD
etag
W/"9b85ee3bce6207f2c19f4381101ff4fe"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
9K7ATubc82jiwD8i0qWDGptys-d-j4OsGMS2pc1r1r0dy-KIvepMHw==
bundle.js
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/ 		1 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
73b764301eb9234863a609849e468bbeff9b2a94f6a1fc75c2406b42de5d2e0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 27 Feb 2024 09:55:09 GMT
server
GLXD
etag
W/"39c2f7c000cd780de66ec0c95d49bafd"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
zZRQ1qNJh-oZiooUed_ta-QBcH-QXyxMrmLwZRFBDUmrJV4mMdpG6A==
7334-bf8b2e19798a78acb85f.js
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/7334-bf8b2e19798a78acb85f.js
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
9dd7af1e4f9db2bf265936bded3d0cb2f8c46c3ced0e1b88f327ff786794c02c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:47 GMT
server
GLXD
etag
W/"0505a5c217d912f0445ee1bcae7752eb"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
XG1Mz_GRm0BjBILQlBNlDxnKTtEuBrqAD3fyF1OQKCDm9ZOKb-ldjA==
svg-icons.svg
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/svg/ 		61 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:41 GMT
server
GLXD
etag
W/"7685c719fb52cf9d344d1986684da17f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
x-amz-cf-id
lyHRVKb8pYnMGr0dlL1FKSWloV4ll_tYl-R8MDjWAKLwy8LxZyKK1g==
bundle.js
d1gch5x60yz813.cloudfront.net/integration/tc-ext-integrated-datalayer/public/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-ext-integrated-datalayer/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
a8a2e21a689d1ca5197cb1158645fb6ab7136a14352ec4e126ee6391ce0c632d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1gch5x60yz813.cloudfront.net/
Origin
https://d1gch5x60yz813.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Feb 2024 13:22:27 GMT
server
GLXD
etag
W/"32d81951b68f7fa76eff235dc7e5e7ae"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
HvDl5S-ZC3ZXSgdrJAtOQDHPM_CB8N-qqGzEBZuHF2f2tO5uUL_Q2w==
bundle-ext-currency-switcher.js
d1gch5x60yz813.cloudfront.net/integration/tc-ext-currency-switcher/public/js/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-ext-currency-switcher/public/js/bundle-ext-currency-switcher.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
42ee45a32ed75c639fa1e512d63533ea365aeb64843d5c87e4c6929707b1eb98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1gch5x60yz813.cloudfront.net/
Origin
https://d1gch5x60yz813.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Oct 2023 10:07:41 GMT
server
GLXD
etag
W/"c5295ee8d9f319e7cdd0b0609fcdecbf"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
Tq1C8PMHpqbpDgcb7bmFBGdrBbiKK071asFUgN2qpT3FxZ5jp_JkxA==
gms-latest.min.js
cdn.galaxy.tf/asset-galaxy/js/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Dec 2023 10:34:16 GMT
server
cloudflare
etag
W/"253b9-60d7b57401258-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8655104f0ef6d9e9-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Mar 2024 13:24:28 GMT
main.bundle.js
d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/js/ 		407 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-ext-guest-portal/public/compiled/js/main.bundle.js?v76e64432537d134528bf25e55cc6d51b
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
5f767d1f12a4b6aa2332d4fcb12f6e7998ee5df90dcacc6acbc9d0bede7dac85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Feb 2024 13:22:20 GMT
server
GLXD
etag
W/"6b8f13a59bf64462552e5e958c37d08d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
dD6R8UGek1uo_Jm92A3tJLo6-RXYpkEq-iqGwE35DksQ2H7-KnJC_g==
gms
tc.galaxy.tf/token/oauth2/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tc.galaxy.tf/token/oauth2/gms
Requested by
Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v76e64432537d134528bf25e55cc6d51b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.197.5.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-5-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1gch5x60yz813.cloudfront.net/
X-Galaxy-Key
07bd89d53d155ba124ce3a4685b202ed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 13:24:29 GMT
content-length
0
apigw-requestid
UuWOJggiIAMEYUw=, UuWOJgo2IAMEVoQ=
js
www.googletagmanager.com/gtag/ 		252 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccca764a42dfa04f9d586efd8f42b2d832c39c58fbef9cb9bcfa4a09fb038da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88905
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 13:24:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Mar 2024 12:27:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3432
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 14:27:17 GMT
4341-a46585c1f9fa1b58fe91.js
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/4341-a46585c1f9fa1b58fe91.js
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
4d7056da36fdfe616de6045feed40cd3b52d23ab8b2c33a1f4910cb94b439533
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:43 GMT
server
GLXD
etag
W/"b6515e67d2c352f17cacabf492d188f6"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
c0aarkSARosGNQ6pJ5r1bIK7Kw-Db2W0oiNADvskJKKTdr1ja4ZpIA==
header-one-5f3a5f2b0da066d69214.js
d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/chunk/header-one-5f3a5f2b0da066d69214.js
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/integration/tc-theme/public/js/bundle.js?v76e64432537d134528bf25e55cc6d51b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:269f:bc00:19:8285:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GLXD /
Resource Hash
a2bc6601fe071aa4635d7bc42ca68c387a6ea49782876a625ea47bad99d8720b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
YUL62-P1
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jan 2024 14:29:42 GMT
server
GLXD
etag
W/"0aa29fece032a2fd271bdcb079410ecf"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
DiGSz9sYf4nXE6BoE_BDjXNza4XwETAa6ZEOfMkYoS21hm311_j1Tg==
gms
tc.galaxy.tf/token/oauth2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tc.galaxy.tf/token/oauth2/gms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.197.5.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-5-139.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-galaxy-key
Access-Control-Request-Method
GET
Origin
https://d1gch5x60yz813.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT
access-control-allow-origin
*
apigw-requestid
UuWOIiyKoAMEVSA=
date
Sat, 16 Mar 2024 13:24:29 GMT
collect
www.google-analytics.com/g/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je43d0v888369804z8830021505za200&_p=1710595466912&gcd=13l3l3l3l1&npa=0&dma=0&cid=863815510.1710595469&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fd1gch5x60yz813.cloudfront.net%2F&sid=1710595469&sct=1&seg=0&dt=GP%20Login%20%7C%20Elite%20World%20GO%20Van%20Edremit%20Hotel&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=Elite%20World%20GO%20Van%20Edremit%20Hotel&ep.hotel_id=115989&ep.hotel_bid=not_applicable&ep.hotel_brand_name=Elite%20World%20MB&ep.hotel_chain_id=not_applicable&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=Elite%20World%20B&ep.hotel_booking_engine=iHotelier%20(BE5)&ep.page_has_tvs=no&ep.page_footer=be5&ep.page_language=en&ep.page_section=group_property-&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=essentials&ep.page_template=th1&ep.site_tvs=tvs_no&ep.hotel_property_type=group_property&ep.hotel_star_rating=0&epn.hotel_room_types_count=0&epn.site_number_of_languages=3&ep.site_global_product=guest_portal&ep.page_content_group=not_applicable&ep.site_be_version=be5&epn.hotel_brands_count=13&ep.hotel_gms_type=not_applicable&ep.hotel_has_gms=yes&ep.page_tvs_videos_count=0&ep.site_be_config_enhancements=enabled-not_mandatory&epn.site_be_design_features_desktop_calendar=2&ep.site_be_design_features_enhancements_layout=four_columns&ep.site_be_design_features_lead_rate=enabled&ep.site_be_design_features_prices_by=avg_per_night&ep.site_be_design_features_results_filter=enabled-2%2C3%2C9%2C7%2C4%2C6%2C8&ep.site_be_design_features_results_grid_type=rooms-list&ep.item_type=hotel&up.user_logged_in=no&tfd=3642
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:24:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1gch5x60yz813.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=707447898&t=pageview&_s=1&dl=https%3A%2F%2Fd1gch5x60yz813.cloudfront.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GP%20Login%20%7C%20Elite%20World%20GO%20Van%20Edremit%20Hotel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=1996347601&gjid=518139268&cid=863815510.1710595469&tid=UA-162681275-1&_gid=819712738.1710595469&_r=1&_slc=1&gtm=45He43d0n81TL2MM4Bv830021505za200&cg1=guest_portal&cg2=group_property-&cg3=group_property&cd1=not_applicable&cd2=not_applicable&cd3=Elite%20World%20MB&cd4=Elite%20World%20B&cd5=115989&cd6=Elite%20World%20GO%20Van%20Edremit%20Hotel&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd16=be5&cd19=tvs_no&cd20=iHotelier%20(BE5)&cd21=group_property&cd22=0&cd23=0&cd24=3&cd25=en&cd26=guest_portal&cd27=group_property-&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fd1gch5x60yz813.cloudfront.net%2F&cd39=not_applicable&cd40=eliteworldedremit.ihotelier.com&cd41=GTM-TL2MM4B&cd42=75&cd54=be5&cd55=13&cd56=9661&cd57=not_applicable&cd58=yes&cd59=0&cd60=enabled-not_mandatory&cd61=2&cd62=four_columns&cd63=enabled&cd64=avg_per_night&cd65=enabled-2%2C3%2C9%2C7%2C4%2C6%2C8&cd66=rooms-list&cd67=hotel&gcd=13l3l3l3l1&dma=0&z=478033449
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d1gch5x60yz813.cloudfront.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:24:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1gch5x60yz813.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
elite-world-go-van-edremit-16191.jpg
image-tc.galaxy.tf/wijpeg-sjw019ednt75e58our3akn0l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-sjw019ednt75e58our3akn0l/elite-world-go-van-edremit-16191.jpg?width=500
Requested by
Host: d1gch5x60yz813.cloudfront.net
URL: https://d1gch5x60yz813.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b7afbe1b01fac1fbde3b2cc46315d383f9d58f969b0847823b5310e9f7b1ee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1gch5x60yz813.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:24:29 GMT
x-amz-version-id
COwShRvQpPXRZKLkgXPb5B3pqvV1Yi0u
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 e8e86a0bfba495b0c160da8db57821d4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
MIA3-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
content-length
2429
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Oct 2023 06:41:26 GMT
server
cloudflare
etag
"21e3fcccd639c8bc09745b7553d25de1"
x-frame-options
DENY
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
cf-ray
86551055792edaed-MIA
x-amz-cf-id
0uaRcnxieGtoY1Kbjnd6Pwcxhjt3iAPzYN9vUGn85qRFWXCpdDFKvA==

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| galaxyInfo object| galaxyGMS string| BIDnumber object| GLXExtensions number| websiteID number| cms string| ts_roll_up_tracking object| ts_analytics object| dl object| dataLayer string| _dynamic_base object| websiteGlobalVariables object| headerMenu object| headerConfigs object| cms_configs string| GMS_required_status object| google_tag_manager object| google_tag_data object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| regeneratorRuntime object| lazySizes object| BM boolean| ga4_events_template function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery boolean| gmsSDKSession string| gmsJSPath function| setImmediate function| clearImmediate object| GMS function| base64 function| isLocalStorageAvailable object| GMSVendor string| gmsUrlReservation boolean| gmsUrlReservationTarget string| endpointBase string| tokenEndpoint string| reservationUrl string| gmsModifyBookingURL string| language string| gmsLoginURL string| gmsHomeURL string| gmsSignUpURL string| gmsResetPasswordURL string| gmsSignUpSuccessURL string| gmsResetPasswordCodeSuccessURL string| gmsDateFormat string| gmsDatePlaceholder object| gmsCalendars object| gmsConfigObject string| gmsHotelsData string| tierData string| localesGuestPortalExtension object| tcGuestPortalAuthPopupProps object| webpackJsonp object| tcGMSHelpers number| _tc_pv_cnt object| _tc_tool object| __ga4Redact string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.d1gch5x60yz813.cloudfront.net/ Name: _ga_3R5SJEDWK4
Value: GS1.1.1710595469.1.0.1710595469.0.0.0
.d1gch5x60yz813.cloudfront.net/ Name: _ga
Value: GA1.3.863815510.1710595469
.d1gch5x60yz813.cloudfront.net/ Name: _gid
Value: GA1.3.819712738.1710595469
.d1gch5x60yz813.cloudfront.net/ Name: _gat_tct
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://tc.galaxy.tf/token/oauth2/gms
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.galaxy.tf
d1gch5x60yz813.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
tc.galaxy.tf
www.google-analytics.com
www.googletagmanager.com
2600:9000:269f:bc00:19:8285:59c0:93a1
2606:4700::6811:b83a
2606:4700::6811:b93a
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::66
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
44.197.5.139
0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190
1bf9351e3843e24d3ccba933d9c04c4a3752988e5812fd5e9e67e4baa4a7e48d
1c2522a93cadf66ffe6b33b46cbc34ed9ee4c80bd75f31ee70a17062346da793
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
42ee45a32ed75c639fa1e512d63533ea365aeb64843d5c87e4c6929707b1eb98
4d7056da36fdfe616de6045feed40cd3b52d23ab8b2c33a1f4910cb94b439533
5f767d1f12a4b6aa2332d4fcb12f6e7998ee5df90dcacc6acbc9d0bede7dac85
73b764301eb9234863a609849e468bbeff9b2a94f6a1fc75c2406b42de5d2e0a
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
83b689abbf8f9c0b48c54c39033d287dcf1674e3f0f32e1921e88956457db322
999857194971307e06b8081eb652d76165ae206b262f9f8da0b6aa6e967507fd
9dd7af1e4f9db2bf265936bded3d0cb2f8c46c3ced0e1b88f327ff786794c02c
a2bc6601fe071aa4635d7bc42ca68c387a6ea49782876a625ea47bad99d8720b
a8a2e21a689d1ca5197cb1158645fb6ab7136a14352ec4e126ee6391ce0c632d
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469
bbbf58e20ffdd5712631365a0904e99c5480f56c8dd5ba5d5accece8e4c7b710
ccca764a42dfa04f9d586efd8f42b2d832c39c58fbef9cb9bcfa4a09fb038da1
d2b7afbe1b01fac1fbde3b2cc46315d383f9d58f969b0847823b5310e9f7b1ee
d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b
d7af672175340e0228faf921e2a6c50222bc486e9d3de2b0e61b41e0f22d8090
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc3e4fba5ad16132d1855ffeb773b250b3a051f1813071adc45f699912624374