urlscan.io logo urlscan.io
SecurityTrails logo

golderagifts.com Open in urlscan Pro
52.18.125.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://directthruredir3ct.com/tbc1sp/28jgt5ck
Effective URL: https://golderagifts.com/
Submission: On August 22 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 19 HTTP transactions. The main IP is 52.18.125.21, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is golderagifts.com.
TLS certificate: Issued by R11 on July 12th 2024. Valid for: 3 months.
This is the only time golderagifts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 1 35.158.222.231 16509 (AMAZON-02)
1 3 52.18.125.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
6 18.173.187.128 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.11 16509 (AMAZON-02)
1 54.230.228.40 16509 (AMAZON-02)
1 34.255.141.247 16509 (AMAZON-02)
1 172.67.173.201 13335 (CLOUDFLAR...)
1 54.230.228.57 16509 (AMAZON-02)
19 12
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
directthruredir3ct.com
1    35.158.222.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-222-231.eu-central-1.compute.amazonaws.com
www.trk2trkd.com
3    52.18.125.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-125-21.eu-west-1.compute.amazonaws.com
golderagifts.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    18.173.187.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-128.muc50.r.cloudfront.net
gramagift.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
1    54.230.228.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-40.muc50.r.cloudfront.net
script.hotjar.com
1    34.255.141.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-247.eu-west-1.compute.amazonaws.com
shield.hygge-int.com
1    172.67.173.201 (United States)

ASN13335 (CLOUDFLARENET, US)
marketi.ngclicks.com
1    54.230.228.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-57.muc50.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
6 gramagift.com
gramagift.com
2 MB
3 golderagifts.com
golderagifts.com
4 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
37 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
232 B
1 ngclicks.com
marketi.ngclicks.com
117 KB
1 hygge-int.com
shield.hygge-int.com
138 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
67 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
24 KB
1 trk2trkd.com
www.trk2trkd.com
904 B
1 directthruredir3ct.com
directthruredir3ct.com
940 B
19 12
Domain Requested by
6 gramagift.com golderagifts.com
3 golderagifts.com 1 redirects gramagift.com
2 cdnjs.cloudflare.com golderagifts.com
2 fonts.googleapis.com golderagifts.com
gramagift.com
1 vc.hotjar.io script.hotjar.com
1 marketi.ngclicks.com golderagifts.com
1 shield.hygge-int.com gramagift.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com golderagifts.com
1 cdn.jsdelivr.net golderagifts.com
1 www.trk2trkd.com 1 redirects
1 directthruredir3ct.com 1 redirects
19 13

This site contains no links.

Subject Issuer Validity Valid
golderagifts.com
R11		 2024-07-12 -
2024-10-10		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
gramagift.com
Amazon RSA 2048 M03		 2024-04-18 -
2025-05-17		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.hygge-int.com
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
ngclicks.com
WE1		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://golderagifts.com/
Frame ID: F0CE98030078AA81C8559C372EAD75AA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://directthruredir3ct.com/tbc1sp/28jgt5ck HTTP 307
    https://directthruredir3ct.com/tbc1sp/28jgt5ck HTTP 302
    https://www.trk2trkd.com/3C3SW9/356TGG3/?source_id=64A6D652&sub1=536&sub2=&sub3=686383d40d5247f0a78f1... HTTP 302
    https://golderagifts.com/cz/bp3/index?c=2575&affId=64A6D652&c1=536&c2=&c3=14ddc9f1b2b34ab1942e0b3e882... HTTP 302
    https://golderagifts.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

23 %
IPv6

12
Domains

13
Subdomains

12
IPs

5
Countries

1865 kB
Transfer

2441 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://directthruredir3ct.com/tbc1sp/28jgt5ck HTTP 307
    https://directthruredir3ct.com/tbc1sp/28jgt5ck HTTP 302
    https://www.trk2trkd.com/3C3SW9/356TGG3/?source_id=64A6D652&sub1=536&sub2=&sub3=686383d40d5247f0a78f10a365ce4351&sub4=&sub19=https://marketi.ngclicks.com/_images/17218142443415.png&sub20=Tupperware%20Modular%2036%20Piece%20Set&sub5=first_name~_sep_last_name~_sep_city~_sep_phone~_sep_email~_sep_address~~prew_sep_postcode~ HTTP 302
    https://golderagifts.com/cz/bp3/index?c=2575&affId=64A6D652&c1=536&c2=&c3=14ddc9f1b2b34ab1942e0b3e8827894f&c4=&c7=first_name%7E_sep_last_name%7E_sep_city%7E_sep_phone%7E_sep_email%7E_sep_address%7E%7Eprew_sep_postcode%7E&c5=&c8=&c6=&sub10=&i1=https%3A%2F%2Fmarketi.ngclicks.com%2F_images%2F17218142443415.png&t1=Tupperware+Modular+36+Piece+Set&c12= HTTP 302
    https://golderagifts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
golderagifts.com/
Redirect Chain
  • http://directthruredir3ct.com/tbc1sp/28jgt5ck
  • https://directthruredir3ct.com/tbc1sp/28jgt5ck
  • https://www.trk2trkd.com/3C3SW9/356TGG3/?source_id=64A6D652&sub1=536&sub2=&sub3=686383d40d5247f0a78f10a365ce4351&sub4=&sub19=https://marketi.ngclicks.com/_images/17218142443415.png&sub20=Tupperware...
  • https://golderagifts.com/cz/bp3/index?c=2575&affId=64A6D652&c1=536&c2=&c3=14ddc9f1b2b34ab1942e0b3e8827894f&c4=&c7=first_name%7E_sep_last_name%7E_sep_city%7E_sep_phone%7E_sep_email%7E_sep_address%7E...
  • https://golderagifts.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://golderagifts.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.18.125.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-125-21.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
69c7a0680641cda39ebe99e41cd62f0ae68f7634e5d361d82a24d48674c051bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Aug 2024 05:38:51 GMT
Expires
Thu, 22 Aug 2024 05:38:51 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/8.0.29

Redirect headers

Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Aug 2024 05:38:51 GMT
Expires
Thu, 22 Aug 2024 05:38:51 GMT
Location
/
Server
nginx
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.29
css2
fonts.googleapis.com/ 		2 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&display=swap
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53f010ea946f788b10afd076130b1a86b7b5f52adbf50223807664fad9428f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Aug 2024 05:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 04:16:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 05:38:52 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://golderagifts.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
36605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18688
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-4900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIwGVo2SWJbC0fkqKjuiFQRcKcQPgz6n4Dz%2BTJgfHVaZb05IJrl3jixU8%2BArL62GUgDwwBaJ1VXPMScQfeYKF5nwmj2f50O3gUlRxGPIzoOCmVV3gJ1gU0suf7tjyp%2FZEEODd9Gd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b7084e348120e39-AMS
expires
Tue, 12 Aug 2025 05:38:52 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://golderagifts.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
636846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17620
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bfeadx%2FLnnDn3%2BRIX34SldpantMXtcQto02jwGk1DcmuNbPpCsl8GdsIKzp8Y7A7GgeeOr3Do1WBoOCA9%2B6REE6Id4o2B494DsFjPUY2ph5Q98g8XX2%2BinZcS%2FnsLENKlxAHXdyn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b7084e348130e39-AMS
expires
Tue, 12 Aug 2025 05:38:52 GMT
build.bundle.js
gramagift.com/prod/assets/321/js/ 		832 KB
833 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/321/js/build.bundle.js
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5727bd190ae6e1f6370917a3645ccc3f4d5261e4bf0dcf58a893e4e9252be381

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:53 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 09:35:37 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"d6ffb5018b7451d5b567800cff5900ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
851516
x-amz-cf-id
7vCjmIgYzcDwcEllafFqfNwqcKL4SuiwBP-nFbd2yKRgZKDOYzUcgQ==
build.css
gramagift.com/prod/assets/321/css/ 		444 KB
445 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/321/css/build.css
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdc000af221d6babe096e12a5ab46d88325d7b9c7a3bb1aef70b8a7880aff292

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:53 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 09:35:31 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"65755b8c44ad63d7068a3e09b2c08ae7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
454963
x-amz-cf-id
IMxBgEMrHHehW8SOP8BP5JPJX1yQ4TUX-tRr2hueSdTo-crF-IskjA==
loading-text-gif-14.gif
gramagift.com/prod/assets/321/images/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/321/images/loading-text-gif-14.gif
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4aed4e56cfa90e5ed6086f40ae033ff2899d87c5e769226abf51a38f0b0cfb6

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:53 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 10:42:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"03081580b1e4f77e0d8af40b6e28cefe"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
203011
x-amz-cf-id
w-nrlsgnrcqbCoXMPFZviPNajRd_ZxMZOFo3P4cAlZXq8KABgrMIAg==
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://golderagifts.com/
Origin
https://golderagifts.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9366270
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23943
x-served-by
cache-fra-eddf8230080-FRA, cache-lga21944-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbEZlJmyA%2FteeAPLLcVPpuf0hq5MvGxfiHE8t%2FwlQ9LasaF9LF7GXX9PdR67TJxCzio%2BchPN3fdtCBDnF%2FIYEN%2Fi3yctpjCT8FsLvjapoL%2Bd6h25rOpvmHouV9Xg2ESKq62Cvf1njgygBxqUWR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b7084e36c0a6600-AMS
gtm.js
www.googletagmanager.com/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM7W5QHS
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
981efb09b0d56a348198284e51136f5886a5184bc39172fe58093f9ddc50c006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68397
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Aug 2024 05:38:52 GMT
hotjar-5012666.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5012666.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM7W5QHS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
9aff1f16685543a8e5d8077a4a76fc5d9ff238f123546f8886326a54974b6bdb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 22 Aug 2024 05:38:52 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/6db780962911174ac908ae81fbc00bd4
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
p3LfeSIkDufmCe-KrFxS2rC2XXma7E4FI5ffMaxwY0xJ9DhXz6fJ0A==
css2
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/321/css/build.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gramagift.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Aug 2024 05:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 04:11:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 05:38:52 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5012666.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-40.muc50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 653de2a3596d1ebffe452d8daf65c9ea.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1955747
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
eYL0RiGR_Q-I9DwTiyduO9uMteaKGj4B-LplheaSkTu8z1qg5oI4GA==
mc_symbol.svg
gramagift.com/prod/assets/349/images/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/349/images/mc_symbol.svg
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25bebdb1a915f5e8e75f1105b5c7d7c9a4f910cd75ef50dc21b15b9195742df1

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:54 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 07:50:56 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"3c0362850f947b6d17a42a9fa049381c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
944
x-amz-cf-id
ykd56wNLeQ5sJlZ-1uOicgkTs6Dd61HzOGb4YsWG57r5_DJMvgJ5XA==
Visa_Brandmark_Blue_RGB_2021.svg
gramagift.com/prod/assets/349/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/349/images/Visa_Brandmark_Blue_RGB_2021.svg
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
202bad9789dd50297f74ecdb3a1f97bbb3081d250a3398faaf9c1945a88720a8

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:54 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 07:50:56 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"220db81ff249afa9b6399ce2705bc60f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
1900
x-amz-cf-id
vJW0SkGdIUEC-urNllfS2stvIWcnJyjIeiLk43mZTNQ79YP0pnVJaA==
color
shield.hygge-int.com/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shield.hygge-int.com/color?forScheme=aHR0cHM6Ly9nb2xkZXJhZ2lmdHMuY29tLw==
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/321/js/build.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.141.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-141-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 05:38:53 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
17218142443415.png
marketi.ngclicks.com/_images/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketi.ngclicks.com/_images/17218142443415.png
Requested by
Host: golderagifts.com
URL: https://golderagifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448ed6e6d1062bbdccbede6bf965e835769130499638b1b370d117ab92fe50da

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:53 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Nov 2023 14:27:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65450352-1d128"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JkkwWnhZhlldB%2BAbUenVblsFBN0UETbmvXGNZ14xDZ1GcAlf5uFHf3zGBuSFWnP8KRM7DIllxOxI3%2B%2BeYdcu%2B0u4puvYZEora7u1VWFjf7Him0Vh8D6iI%2FFvkBj1StOwE7Kj1u1pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b7084ea3bd7b74e-AMS
alt-svc
h3=":443"; ma=86400
content-length
119080
click
golderagifts.com/api/v2/internal/ 		2 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://golderagifts.com/api/v2/internal/click
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/321/js/build.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.18.125.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-125-21.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Referer
https://golderagifts.com/
X-Requested-With
XMLHttpRequest
Authorization
Basic bHAtYnVpbGRlci1hcGk6c1RhcGhvMG95aU51SmFjcg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 22 Aug 2024 05:38:53 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/8.0.29
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Expires
Thu, 22 Aug 2024 05:38:53 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58c469b6a0bcefb81047169a0f5dbbcaf1c95906ffcb71151a9b2edd3658c4ae

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
5012666
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/5012666?s=0.25&r=0.20219510450618028
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-57.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 05:38:53 GMT
cache-control
no-store
via
1.1 ef17b5e16dfd912970beabcf9b8552b0.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-cf-id
y14iJptsNqSNFW24H-5HgfCH6FcqVChQBF9a0Q5xJdh-ullOgbDTOw==
x-cache
Miss from cloudfront
favicon.jpg
gramagift.com/prod/assets/321/images/ 		74 KB
74 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/321/images/favicon.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a78dc8a21d82349c53dd7aa0baf912cd8dd251e7a5164a54038d196b73be7126

Request headers

Referer
https://golderagifts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:38:54 GMT
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 10:42:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"eb333baa6975d6f69fc4d411b4af014c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
75528
x-amz-cf-id
q7-4Ri_ilWrwATQq3rL__vBur2L00FOtWMNs7XINVt0nwjlEIBQguw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings number| uidEvent object| bootstrap object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| Base64 function| jQuery function| $

11 Cookies

Domain/Path Name / Value
directthruredir3ct.com/ Name: uniqueClick_28jgt5ck
Value: f2f8a415-cba6-4e23-b8ac-c4b58771a5bb:1724305130
directthruredir3ct.com/ Name: transaction_id
Value: 686383d40d5247f0a78f10a365ce4351
www.trk2trkd.com/ Name: uniqueClick_356TGG3
Value: 1c08a96f-ba0f-4fae-9f49-0691725e007e:1724305131
www.trk2trkd.com/ Name: transaction_id
Value: 14ddc9f1b2b34ab1942e0b3e8827894f
.golderagifts.com/ Name: c10
Value: CZ
.golderagifts.com/ Name: c7
Value: first_name~_sep_last_name~_sep_city~_sep_phone~_sep_email~_sep_address~_sep_postcode~
.golderagifts.com/ Name: i1
Value: https%3A%2F%2Fmarketi.ngclicks.com%2F_images%2F17218142443415.png
.golderagifts.com/ Name: t1
Value: Tupperware%20Modular%2036%20Piece%20Set
golderagifts.com/ Name: PHPSESSID
Value: de26sqkoolh2hd1vs8viov0s8n
.golderagifts.com/ Name: _hjSessionUser_5012666
Value: eyJpZCI6IjdiYjhiMzIzLWU1YjQtNTM4Zi1hNGRkLTlmZTdiNmJmMmFjOCIsImNyZWF0ZWQiOjE3MjQzMDUxMzM0MzEsImV4aXN0aW5nIjpmYWxzZX0=
.golderagifts.com/ Name: _hjSession_5012666
Value: eyJpZCI6IjYwNGY0MDMyLTA3YjgtNDdhNC05NzA1LWRiZWFkMmFiNjIwZSIsImMiOjE3MjQzMDUxMzM0NDAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
directthruredir3ct.com
fonts.googleapis.com
golderagifts.com
gramagift.com
marketi.ngclicks.com
script.hotjar.com
shield.hygge-int.com
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.trk2trkd.com
104.17.24.14
172.67.173.201
18.173.187.128
18.66.102.11
188.114.96.3
2606:4700::6812:ba1f
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
34.255.141.247
35.158.222.231
52.18.125.21
54.230.228.40
54.230.228.57
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
202bad9789dd50297f74ecdb3a1f97bbb3081d250a3398faaf9c1945a88720a8
25bebdb1a915f5e8e75f1105b5c7d7c9a4f910cd75ef50dc21b15b9195742df1
448ed6e6d1062bbdccbede6bf965e835769130499638b1b370d117ab92fe50da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53f010ea946f788b10afd076130b1a86b7b5f52adbf50223807664fad9428f09
5727bd190ae6e1f6370917a3645ccc3f4d5261e4bf0dcf58a893e4e9252be381
58c469b6a0bcefb81047169a0f5dbbcaf1c95906ffcb71151a9b2edd3658c4ae
69c7a0680641cda39ebe99e41cd62f0ae68f7634e5d361d82a24d48674c051bb
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
981efb09b0d56a348198284e51136f5886a5184bc39172fe58093f9ddc50c006
9aff1f16685543a8e5d8077a4a76fc5d9ff238f123546f8886326a54974b6bdb
a4aed4e56cfa90e5ed6086f40ae033ff2899d87c5e769226abf51a38f0b0cfb6
a78dc8a21d82349c53dd7aa0baf912cd8dd251e7a5164a54038d196b73be7126
cdc000af221d6babe096e12a5ab46d88325d7b9c7a3bb1aef70b8a7880aff292
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194