urlscan.io logo urlscan.io
SecurityTrails logo

medalistglue.com Open in urlscan Pro
2606:4700:3033::6815:4097  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.bl-1.com/h/drCLvs3v#cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchxnT!l=27!A...
Effective URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Submission: On February 03 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3033::6815:4097, located in United States and belongs to CLOUDFLARENET, US. The main domain is medalistglue.com.
TLS certificate: Issued by E1 on January 24th 2023. Valid for: 3 months.
This is the only time medalistglue.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 35.164.162.95 16509 (AMAZON-02)
1 15 81.7.3.208 35366 (ISPPRO-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 155.254.194.31 398343 (BAXET-GROUP)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
39 8
1    35.164.162.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-162-95.us-west-2.compute.amazonaws.com
s.bl-1.com
15    81.7.3.208 (Germany)

ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE)
PTR: small-02.dc
atlookingpom.xyz
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    155.254.194.31 (Baku, Azerbaijan)

ASN398343 (BAXET-GROUP, US)
jumpiersocks.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
vendorgraphit.com
15    2606:4700:3033::6815:4097 (United States)

ASN13335 (CLOUDFLARENET, US)
medalistglue.com
2    2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
trk-epicurei.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-epicurei.com
Apex Domain
Subdomains		 Transfer
15 medalistglue.com
medalistglue.com
701 KB
15 atlookingpom.xyz
atlookingpom.xyz
247 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 225864
event.trk-epicurei.com — Cisco Umbrella Rank: 288826
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
117 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
254 B
1 vendorgraphit.com
vendorgraphit.com
698 B
1 jumpiersocks.com
jumpiersocks.com — Cisco Umbrella Rank: 957435
426 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 bl-1.com
s.bl-1.com — Cisco Umbrella Rank: 80831
687 B
39 9
Domain Requested by
15 medalistglue.com jumpiersocks.com
medalistglue.com
15 atlookingpom.xyz 1 redirects atlookingpom.xyz
4 event.trk-epicurei.com trk-epicurei.com
2 www.googletagmanager.com medalistglue.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 trk-epicurei.com medalistglue.com
1 vendorgraphit.com 1 redirects
1 jumpiersocks.com atlookingpom.xyz
1 fonts.googleapis.com atlookingpom.xyz
1 s.bl-1.com 1 redirects
39 10

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
jumpiersocks.com
R3		 2022-12-28 -
2023-03-28		 3 months crt.sh
*.medalistglue.com
E1		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.trk-epicurei.com
E1		 2022-12-10 -
2023-03-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://medalistglue.com/96d4227876296528d087cb24767222d1
Frame ID: 5AD805EAAD13A9C3C0651508030A8E2B
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - MailSurvey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://s.bl-1.com/h/drCLvs3v HTTP 302
    http://atlookingpom.xyz/ Page URL
  2. http://atlookingpom.xyz/cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchx... HTTP 302
    https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_... Page URL
  3. https://vendorgraphit.com/?s1=351181&s2=914058366&s3=4449&s4=1&s10=1641 HTTP 302
    https://medalistglue.com/96d4227876296528d087cb24767222d1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

64 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

1069 kB
Transfer

2201 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.bl-1.com/h/drCLvs3v HTTP 302
    http://atlookingpom.xyz/ Page URL
  2. http://atlookingpom.xyz/cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchxnT!l=27!A1iGlhtswCfBJ1OOMSm69!o=6889!rDBvsvMMirBOW4iOYbJhkp9ITqw0coHIb9L!v=2144962!XkkVYtkEUXnjGOO!m=4!lp3xXKVHNGQVWFMGZiYz7iLDCIgKEUI0Ut9pOnUdq HTTP 302
    https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd Page URL
  3. https://vendorgraphit.com/?s1=351181&s2=914058366&s3=4449&s4=1&s10=1641 HTTP 302
    https://medalistglue.com/96d4227876296528d087cb24767222d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s.bl-1.com/h/drCLvs3v HTTP 302
  • http://atlookingpom.xyz/
Request Chain 15
  • http://atlookingpom.xyz/cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchxnT!l=27!A1iGlhtswCfBJ1OOMSm69!o=6889!rDBvsvMMirBOW4iOYbJhkp9ITqw0coHIb9L!v=2144962!XkkVYtkEUXnjGOO!m=4!lp3xXKVHNGQVWFMGZiYz7iLDCIgKEUI0Ut9pOnUdq HTTP 302
  • https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
atlookingpom.xyz/
Redirect Chain
  • https://s.bl-1.com/h/drCLvs3v
  • http://atlookingpom.xyz/
27 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=2592000
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 14:39:22 GMT
Expires
Sun, 05 Mar 2023 14:39:22 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Transfer-Encoding
chunked
X-Powered-By
PHP/7.1.33

Redirect headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Feb 2023 14:39:21 GMT
ETag
bc796a63a0e54b0209b53f008896b873
Expires
Fri, 3 Feb 2023 14:39:21 +0000
If-None-Modified
bc796a63a0e54b0209b53f008896b873
Last-Modified
Fri, 3 Feb 2023 14:39:21 +0000
Location
http://atlookingpom.xyz
X-Powered-By
Express
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 14:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 14:35:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 14:39:22 GMT
bootstrap.min.css
atlookingpom.xyz/assets/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/assets/css/bootstrap.min.css
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2019 19:53:30 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23243
Expires
Sun, 05 Mar 2023 14:39:22 GMT
font-awesome.css
atlookingpom.xyz/assets/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/assets/css/font-awesome.css
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Jan 2019 21:22:24 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7489
Expires
Sun, 05 Mar 2023 14:39:22 GMT
templatemo-breezed.css
atlookingpom.xyz/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/assets/css/templatemo-breezed.css
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Dec 2019 21:35:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5682
Expires
Sun, 05 Mar 2023 14:39:22 GMT
owl-carousel.css
atlookingpom.xyz/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/assets/css/owl-carousel.css
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2019 09:49:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1403
Expires
Sun, 05 Mar 2023 14:39:22 GMT
lightbox.css
atlookingpom.xyz/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atlookingpom.xyz/assets/css/lightbox.css
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2019 12:44:04 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1065
Expires
Sun, 05 Mar 2023 14:39:22 GMT
slide-01.jpg
atlookingpom.xyz/assets/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/slide-01.jpg
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Fri, 06 Dec 2019 20:25:04 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
44415
Expires
Sat, 03 Feb 2024 14:39:22 GMT
slide-02.jpg
atlookingpom.xyz/assets/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/slide-02.jpg
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Fri, 06 Dec 2019 20:23:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
46372
Expires
Sat, 03 Feb 2024 14:39:22 GMT
slide-03.jpg
atlookingpom.xyz/assets/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/slide-03.jpg
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Fri, 06 Dec 2019 17:52:04 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
34209
Expires
Sat, 03 Feb 2024 14:39:22 GMT
service-item-01.png
atlookingpom.xyz/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/service-item-01.png
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Tue, 08 Oct 2019 21:36:08 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2289
Expires
Sat, 03 Feb 2024 14:39:22 GMT
contact-info-03.png
atlookingpom.xyz/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/contact-info-03.png
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Wed, 09 Oct 2019 12:58:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2385
Expires
Sat, 03 Feb 2024 14:39:22 GMT
features-icon-1.png
atlookingpom.xyz/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/features-icon-1.png
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:23 GMT
Last-Modified
Tue, 08 Oct 2019 21:43:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2029
Expires
Sat, 03 Feb 2024 14:39:23 GMT
project-item-01.jpg
atlookingpom.xyz/assets/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/project-item-01.jpg
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:22 GMT
Last-Modified
Wed, 09 Oct 2019 12:30:24 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
27650
Expires
Sat, 03 Feb 2024 14:39:22 GMT
project-item-02.jpg
atlookingpom.xyz/assets/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atlookingpom.xyz/assets/images/project-item-02.jpg
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Server
81.7.3.208 , Germany, ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE),
Reverse DNS
small-02.dc
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://atlookingpom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:39:23 GMT
Last-Modified
Wed, 09 Oct 2019 12:31:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
20718
Expires
Sat, 03 Feb 2024 14:39:23 GMT
27_1803249_2144962_2900403_pd
jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/
Redirect Chain
  • http://atlookingpom.xyz/cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchxnT!l=27!A1iGlhtswCfBJ1OOMSm69!o=6889!rDBvsvMMirBOW4iOYbJhkp9ITqw0coHIb9L!v=2144962!XkkVYtkEUXnjGO...
  • https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd
134 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd
Requested by
Host: atlookingpom.xyz
URL: http://atlookingpom.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.254.194.31 Baku, Azerbaijan, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://atlookingpom.xyz/#cl!XkkVYtkEUXnjGOO!d=16963_pd!A1iGlhtswCfBJ1OOMSm69!c=1803249!3dZaUZEm3bLchxnT!l=27!A1iGlhtswCfBJ1OOMSm69!o=6889!rDBvsvMMirBOW4iOYbJhkp9ITqw0coHIb9L!v=2144962!XkkVYtkEUXnjGOO!m=4!lp3xXKVHNGQVWFMGZiYz7iLDCIgKEUI0Ut9pOnUdq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
134
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 14:39:24 GMT
server
Apache

Redirect headers

Cache-Control
max-age=2592000
Connection
Keep-Alive
Content-Length
145
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 14:39:22 GMT
Expires
Sun, 05 Mar 2023 14:39:22 GMT
Keep-Alive
timeout=5, max=100
Location
https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Primary Request 96d4227876296528d087cb24767222d1
medalistglue.com/
Redirect Chain
  • https://vendorgraphit.com/?s1=351181&s2=914058366&s3=4449&s4=1&s10=1641
  • https://medalistglue.com/96d4227876296528d087cb24767222d1
356 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/96d4227876296528d087cb24767222d1
Requested by
Host: jumpiersocks.com
URL: https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d04972b62729c099ac5b6d65be36d64da643bd55d784e8c7a1734598de61c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jumpiersocks.com/0/2/19383/a17016a2837604f0c1c0799d372e3808/ilt_4/16963_1/27_1803249_2144962_2900403_pd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
793bea763a4276d5-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 14:39:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdFK9k8L8Y1ReiyVSexLUqJh2e6O5YpajQGKpiLYnjQbGht3H3EqXYIAcJ0gW230JCUQRu1YF%2BXeWWsrDq%2Fehrn2Xm9Ayy00GdSxzyIwwTghS4Yr32zej5uFOkqjwjuEB8clcHBYDhvexx6wd6cu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
793bea73dfdc23c6-LHR
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 14:39:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://medalistglue.com/96d4227876296528d087cb24767222d1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvaVfQb0UxqK6gVnptnlxkEcdIukJ32zMRSFB%2Blz1i7PHPqqGwKHpMne%2Fnh8ieUiAskW6WF2%2F3KpG6p1HdJvgqW2d43%2FnP615XAvrqlnLcX02EEv7gR5hiFhB0NlhXqWKaWJMlAm%2FBzt380jDwydBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
medalistglue.com/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw9AHoz0oi9MyAyTLHrreEu%2F65DYbzqk6nJyOLfPBgG%2BjAgsdAPkuIY0r9tNzJrbs1g7uLmZUQ5keW7pA%2Br3%2BqKak9UmjuGeJ6G7T%2F5%2FUBsE%2FrkpT35%2Bi%2B%2FJ0OePHFN313DE3fRJBqJm38OBu%2FP%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7ae88576d5-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
all.css
medalistglue.com/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dsm5axlt6iPe1uR4hONZMDJGWh6TAI%2BCj4vA3vvpN5PkfDvk97SI4AQWgMKfBGvq0nB985TgcMUzt79K2D698ybeIKhm4yV9DZTb8823sdS3Z2vD8DV2cSgBIqWb9H%2Bmd3SOSodJhg3sIsBRiTss"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7ae88676d5-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
animate.min.css
medalistglue.com/assets/css/edmond/ 		57 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/css/edmond/animate.min.css
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01abe855c140a104cb74b4cc391bcbde6be7ab4a6475ca365cd3a7ca09f0d042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 15 Jun 2022 18:32:15 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCbtujaGyb9xT5vmrKda5BkrBT4sTMzBIKJXBRXhWisdMe3gRM6yyEHHMz2wIaorxSiW2cI8vGOKv%2FDDftseIQj%2BG%2F0CKnRc8BsSuofPchwq6ODcHRfl5wo3mN7BF1tUEGQj2hLWwRarAk%2F3HQWo"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7ae88876d5-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
common.css
medalistglue.com/assets/css/edmond/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/css/edmond/common.css?v=0923dbf6fa89b50a732f573ab6106bfd
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b77c6800d74425b7171a04d7ec3354ee9634b050b1c8047ac3dad6c2b1e2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 04 Oct 2022 15:02:03 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcWbIKFDbe3SSrQ20XCwwCyxmNaFpAvhRiEgTeZAEGsd8ttbyVCwxy%2BIPFCotZOAnJ85sCaOWOXWdYdJWQNVNSHPm6Nd45T0chADXADP%2FDsrt%2FGeI7fYPIopt9bdcr%2FV0UH1pvOoyrrq4TWw2aRb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7ae88976d5-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
msg.js
medalistglue.com/inc/ 		942 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/inc/msg.js
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JT2Axt9hKuHTjw%2BZYm1qRYUJOHlQ7cMZQ3bz0kwUuanAwCblMEqzYy5zLLzdgKL6NOXwBzZvrrd2lVpFhHK33rncHIn%2BR6vNoKpm6fBASDPPjAkzio4Izo6b5qOnGR6nsHGrPmtNq9AfXJ4PQtoV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7ae88c76d5-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
gtm.js
www.googletagmanager.com/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
220405b99d723961ddd1c42ba49feff01a9c3d43d0915853984bcedd8f84219e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42191
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 14:39:26 GMT
jquery-3.4.1.min.js
medalistglue.com/assets/vendors/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyr70MiyM2yG62n%2BTBKMNrhBTncZ0nHSePKWvdh9V2niEldAT8NvdagIJQ8%2By%2BkQ5ts7NEpM9523GG7FAs5PeKhCT5lG2TOWnGwkfofEhxDeSqCYTjjBAZPo4WadgrytTN4wDs0e9GwYli5d4V4p"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7b7b407761-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
bootstrap.min.js
medalistglue.com/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8VASxiclko6ltnyILZ0IjPo22HqkRF%2BJtVjoDEsDoT4MSsyp7mIgrBNhIpSr8jO%2FL4Y40bI3QhZOQCqzFWtrfOXfYJZ52DX8d5cAFPfii0y1%2FqxzgUSss3h4KGk%2Fl21Wfi%2Br%2F6%2FljLvGhKU%2F2Xe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7b7b447761-LHR
expires
Wed, 08 Feb 2023 19:06:15 GMT
intl_functions.js
medalistglue.com/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/js/intl_functions.js?v=0923dbf6fa89b50a732f573ab6106bfd
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 15 Sep 2022 19:29:38 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKji3IpujPMFUzdFsoBJOfhWEBMApZ7ByAdpBa%2FHRwRtSKgfnyBM5ebYivrU2ZlnBroryqAyYM6Iob8szXd2XLP1VBFRLzzXU8uHUWcvtrRv7N9qGx4LXI%2BsS95OlU%2BWqZP5n5N3smMHGcPZuIen"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7b7b467761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
common.js
medalistglue.com/assets/js/edmond/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medalistglue.com/assets/js/edmond/common.js?v=0923dbf6fa89b50a732f573ab6106bfd
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60453f5187e26208820905365625036064da32258263e454020568a781d9fb15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Dec 2022 20:59:34 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Io6r92jWVQ%2F%2BCODN5OVjRxOgwBTq1IMBupd9Pvjz1h9neh7iWahV8FL1dIRJjbMgY9938WG7DT3P8ry1lww4Uw4tCJ7yvxnmnsPyuQd5DFS0l4DZuSiR4vU%2BOb5u3G%2F6WeHmFESlO0ULgs6C9K%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
793bea7b7b4a7761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97bf70b27d11d893446a711452c0017514f76517817d25b6d1f5163e3f948f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77058
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 14:39:26 GMT
v9e118mez8
trk-epicurei.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4188
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 13:29:38 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce%2FtHAu75tc4GCx25RKLjw2KzUQzalFKMHNaN2sYBURErQwMUpYRFP5wNbtmPrADrLeaQUFoVbB%2FMiOvjUG0FOAlXRPyRLfCCGqnkScJQy%2FVbQTRWhNzR10tasbHKB7RURwqGuqi1xtdUgSLY9wy"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
793bea7d9bb471d8-LHR
expires
0
4317d7a14e8c84bb736ab3bc64ff0f96.png
medalistglue.com/fim/1641-GB/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medalistglue.com/fim/1641-GB/4317d7a14e8c84bb736ab3bc64ff0f96.png
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a2c3d40ceec28352d8aee3c6774b1087058a26970322d4f814eb49bcfc6ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4054
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 14:38:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNMf4GzfaqC0rm9CnNEPZIlmUxX4kAyKGUJqOeaWLg6ehdaa3rRL4c2Iq6RdtJqsX8%2B6AUMFw3QhfVO%2FmcoECXLfgQE1u9kRg0hxP%2B9fKjhRjNyzBMlxT5iE%2FkZPNoDgfyfd%2FmVS3BuqSm0s1bcS"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
793bea7e68e87761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
cdd690d2bca7e755cbde0294a642d733.png
medalistglue.com/fim/1641-GB/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medalistglue.com/fim/1641-GB/cdd690d2bca7e755cbde0294a642d733.png
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17622
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 14:38:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcK1XC%2BNMITenGlr4fZABojayDin%2BQ12qmOQyarg1vgUQ1pqeUYia2KP8a52O9D9rWacALCtTEeZc9K88XBkAVBrmQY8dIfYv7ygBMDM3Ue5eYWMbeFisUAX60fVVrGn5jWq33kraagsub2LfXHV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
793bea7e68ec7761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
14acafa1b9357d24f9c8ccc31b6ad693.gif
medalistglue.com/fim/1641-GB/ 		496 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medalistglue.com/fim/1641-GB/14acafa1b9357d24f9c8ccc31b6ad693.gif
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
508135
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 14:38:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJSVZ%2FIsjaFSXq9Vj0oooddAwYEopGvGNnoI23whjodutokkPnfH1O6bBEjUF60uhByS8dCpTBopY9a48XwjU49QJji%2B6Zl0B%2BmTqHqUsBPRBTR1iajvGv5tnVfG6g44nLLCT175x3OsZESzGra5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
793bea7e68ef7761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
9a856a6a93797fa2a213004a509a134d.png
medalistglue.com/fim/1641-GB/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medalistglue.com/fim/1641-GB/9a856a6a93797fa2a213004a509a134d.png
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc9f495fa5ffd2acaa85dcfc467f54155a759fc7b86b920e6cce7551ceee14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18285
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 14:38:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BCSPwkaE0eUw6uVilva8INrk4mYFzIGiFUHE460vhFgO%2FNvz4cAGHRYxBbBe6l4FK8YHDL2qcFwq7q0jcfeAgOrk4ZADVPJx6WPLMPbwnr5kYiDIt4%2B%2BCiP45xZWoduyYVsjKfLVqp092SrNDML"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
793bea7e68f17761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
11640a589c4d8e2ba7845ee4717a2ea9.png
medalistglue.com/fim/1641-GB/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medalistglue.com/fim/1641-GB/11640a589c4d8e2ba7845ee4717a2ea9.png
Requested by
Host: medalistglue.com
URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/96d4227876296528d087cb24767222d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:39:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 14:38:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FNnHdoJfaYXNWGbN8CwDVCVQYDGU%2FwJEIMETXqxCrHuogVVNfsSqQExhqlydwDceBqHzPQJHHBi9kHVQScMa4nRj8fwS3a7Rusq%2BSidq71DTGC33OceXTdguQ5comfeBVRxRCHTXuyq%2BQyZMYS3"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
793bea7e68f27761-LHR
expires
Fri, 10 Feb 2023 14:39:26 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=45je3210&_p=944082253&cid=440678586.1675435167&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675435166&sct=1&seg=0&dl=https%3A%2F%2Fmedalistglue.com%2F96d4227876296528d087cb24767222d1&dr=https%3A%2F%2Fjumpiersocks.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20MailSurvey%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://medalistglue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 14:39:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medalistglue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medalistglue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 03 Feb 2023 14:39:27 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11dYhEJaIgbPWHS9jM2wvjBEoGuNiHu6HbbrdALBmq5J2tg0%2B%2F0mAN%2FCv%2BeMnGeKcOHM7H%2F6ejW9Xiy3%2BgNuEHIhy6YmI84%2FPTf84N3dFKULMp%2Fsq57Imn%2BGkDu246cub0ChYnXbHjY0pGTqhGk9tvdXHz2w"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://medalistglue.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
793bea81bfd075bd-LHR
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medalistglue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://medalistglue.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
793bea808e9875bd-LHR
content-length
0
date
Fri, 03 Feb 2023 14:39:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03XDQyywb5HQWWtpMVnfFb6NZpUeclOwVWz8ZDZJIkCrGLxPhv%2BzF%2BfO%2FI%2BboZ780T%2FhaDe%2BwRj6XMg%2FsJ68UYnD9iH9GRuquiGwfJTnhAUppMXMkNQiIE7sM79ORhhtyei6Oh09gl5xtSK1UpeGPHYZGdmk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medalistglue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 03 Feb 2023 14:39:27 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI0dmGMO5YA8f1%2FZQGSJkAj%2BMjAHACLTLNzngsm1yXdqCjHysRceIMRPaugASXF1VBvqrVcDZFVF4%2FjYSo7cjGQT%2BHb19EVssHyh3Q%2FdPMwSyYRy8ZBIlSbNrWk10udHGKdnAUBiP5Y79XyXgY6TqoTwrhhk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://medalistglue.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
793bea81bfce75bd-LHR
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://medalistglue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://medalistglue.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
793bea808e9a75bd-LHR
content-length
0
date
Fri, 03 Feb 2023 14:39:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gS%2B70x%2BzrNcYAE2d0R0whQxPE%2BsSCZy0%2B56%2B6yWwP%2BEJP88VUufGqoukRBtwRxUEsCZgsA9V3BnAc7Wubo90kuqIDaHu4DUH%2FQDSjILmO5lgcwuj2ugrKFD4OMjQXyUVkpNmGg9NQFRRK9rwNmPbbDoVAKAF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer object| google_tag_manager object| google_tag_data object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain object| _0xc60e function| _0xe72c function| $ function| jQuery object| bootstrap object| _0xc13e function| _0xe75c string| rightnow string| imageSquare object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub object| _0xc24e function| _0xe78c string| LNG string| CMP string| CNT string| BID string| API_URL string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam function| popunder function| confirm_scheddel function| confirm_scheddelnow function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| showDisclaimer function| preventS function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| c_eff function| cheers object| _0xc33e function| _0xe39c string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| questiontx string| of string| languageCode string| countryCode string| popUrl string| template_name object| _0xc48e function| _0xe7c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
s.bl-1.com/ Name: btpermdrCLvs3v
Value: 3bcab2597d36d455d733d26d5aad811d43b757949e70333aa140f73fb3e83ac96046a9cb0bfb18ca2e5857b7c4a30695
jumpiersocks.com/ Name: uid4449
Value: 914058366-20230203093924-8322df3e2c2e6685c8e13514596280db-
vendorgraphit.com/ Name: PHPSESSID
Value: 6a70d9af719f1a830b6d46d32beee9a2
medalistglue.com/ Name: PHPSESSID
Value: 50af9f761a6642a4f07018cbf10bb27f
.medalistglue.com/ Name: _ga
Value: GA1.1.440678586.1675435167
.medalistglue.com/ Name: _ga_JMJ044GLKX
Value: GS1.1.1675435166.1.0.1675435166.0.0.0

1 Console Messages

Source Level URL
Text
other error URL: https://medalistglue.com/96d4227876296528d087cb24767222d1
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atlookingpom.xyz
event.trk-epicurei.com
fonts.googleapis.com
jumpiersocks.com
medalistglue.com
region1.google-analytics.com
s.bl-1.com
trk-epicurei.com
vendorgraphit.com
www.googletagmanager.com
155.254.194.31
2001:4860:4802:32::36
2606:4700:3033::6815:4097
2a00:1450:4001:801::200a
2a00:1450:400d:804::2008
2a06:98c1:3120::3
2a06:98c1:3120::c
2a06:98c1:3121::c
35.164.162.95
81.7.3.208
01abe855c140a104cb74b4cc391bcbde6be7ab4a6475ca365cd3a7ca09f0d042
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
220405b99d723961ddd1c42ba49feff01a9c3d43d0915853984bcedd8f84219e
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
60453f5187e26208820905365625036064da32258263e454020568a781d9fb15
6d04972b62729c099ac5b6d65be36d64da643bd55d784e8c7a1734598de61c80
7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074
89b77c6800d74425b7171a04d7ec3354ee9634b050b1c8047ac3dad6c2b1e2c6
93a2c3d40ceec28352d8aee3c6774b1087058a26970322d4f814eb49bcfc6ac3
97bf70b27d11d893446a711452c0017514f76517817d25b6d1f5163e3f948f4a
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
ddc9f495fa5ffd2acaa85dcfc467f54155a759fc7b86b920e6cce7551ceee14d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7