urlscan.io logo urlscan.io
SecurityTrails logo

lp.thinkwithgoogle.com Open in urlscan Pro
104.17.71.206  Public Scan

Go To Rescan Add Verdict Report
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFR...
Submission: On December 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 104.17.71.206, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is lp.thinkwithgoogle.com.
TLS certificate: Issued by GTS CA 1O1 on September 30th 2019. Valid for: a year.
This is the only time lp.thinkwithgoogle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 104.17.71.206 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
23 3
Domain Requested by
15 lp.thinkwithgoogle.com lp.thinkwithgoogle.com
4 fonts.gstatic.com lp.thinkwithgoogle.com
3 fonts.googleapis.com lp.thinkwithgoogle.com
2 mail.thinkwithgoogle.com 1 redirects lp.thinkwithgoogle.com
23 4

This site contains links to these domains. Also see Links.

Domain
mail.thinkwithgoogle.com
Subject Issuer Validity Valid
lp.thinkwithgoogle.com
GTS CA 1O1		 2019-09-30 -
2020-09-28		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Frame ID: 341A66EAEE36E648920B8E7EAE687231
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

209 kB
Transfer

338 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://mail.thinkwithgoogle.com/trk?t=1&mid=${mktmail.QpMarketoId} HTTP 302
  • https://mail.thinkwithgoogle.com/images/downloadPicture.gif

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request emailWebview
lp.thinkwithgoogle.com/index.php/email/ 		51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35fc3d832e6e19432f1ef94d7ae3de5e568dd87211fc9844f5d01a2464ce9498
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
lp.thinkwithgoogle.com
:scheme
https
:path
/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 11 Dec 2019 14:25:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da0b1358d2a28b4325ef1eae6221d414e1576074328; expires=Fri, 10-Jan-20 14:25:28 GMT; path=/; domain=.lp.thinkwithgoogle.com; HttpOnly BIGipServersj20web-nginx-app_https=!39kMpzGWgbxqQLjInuzRy4alk/3R/lvMU2+sRuPvoaCMAyHE1RuNSUANG+Tn8WraD3Asobjf1S2jafg=;Path=/;Version=1;Secure;Httponly __cf_bm=d91b0c8e9af013ef736ef861f2b25fed87e1076f-1576074329-1800-AbIphpRLIiJA+BaJdgwwHkq7nJG4rRJV5wK8VlBT3E16jpwNNS64+A0Yp/IYwvEEzCCBMFDCeG7Pi6pTZQtaYOI=; path=/; expires=Wed, 11-Dec-19 14:55:29 GMT; domain=.lp.thinkwithgoogle.com; HttpOnly; Secure
x-content-type-options
nosniff
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
543820c7bd64d6dd-FRA
content-encoding
gzip
css
fonts.googleapis.com/ 		2 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 11 Dec 2019 14:25:29 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 11 Dec 2019 14:25:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 11 Dec 2019 14:25:29 GMT
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&display=swap
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ca765b0a46d615582fdfdad1689fb47287bc98c57fea8d6e43910fcea04721dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 11 Dec 2019 14:25:29 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 11 Dec 2019 14:25:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 11 Dec 2019 14:25:29 GMT
css
fonts.googleapis.com/ 		2 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a8314a31512b1312e98462c4bebe1631fa265c90b91ad888230dbdfe22f8ad20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 11 Dec 2019 14:25:29 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 11 Dec 2019 14:25:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 11 Dec 2019 14:25:29 GMT
gbp_masthead_2015%20(1).png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/gbp_masthead_2015%20(1).png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a268afe6e3198bee29f6ec4f56ea1dac0a3487f17186ca01ddd52682595379
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 11 Dec 2019 14:24:56 GMT
server
cloudflare
etag
"e001e2-33d8-5996e6493fe0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cefa9dd6dd-FRA
content-length
13272
expires
Wed, 11 Dec 2019 14:26:29 GMT
BP-US-NL-2019-12-10-article1-image.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/BP-US-NL-2019-12-10-article1-image.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f26fb72a1a939f0aa8000cadd62b3245749c54485d5efed62c5c26156ed95ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Fri, 06 Dec 2019 10:52:33 GMT
server
cloudflare
etag
"e00365-fabf-59906d7da1816"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cefa9fd6dd-FRA
content-length
64191
expires
Wed, 11 Dec 2019 14:26:29 GMT
youtube_icon_V1.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/youtube_icon_V1.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b340dab2ba7634f4e97626564daee251e631f0d351a5f20f039c6f8ff9035d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Oct 2019 19:29:49 GMT
server
cloudflare
etag
"e00242-c19-594f801f5b106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0abed6dd-FRA
content-length
3097
expires
Wed, 11 Dec 2019 14:26:29 GMT
TwG-CAN-NL-FooterIMG-02.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/TwG-CAN-NL-FooterIMG-02.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61dabd068cbc95791032c320090d785c252c966fcb79666027d93cf4db8d7897
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Oct 2019 00:16:37 GMT
server
cloudflare
etag
"e002e1-cd1-59510217d1ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0abfd6dd-FRA
content-length
3281
expires
Wed, 11 Dec 2019 14:26:29 GMT
TwG-CAN-NL-FooterIMG-04.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/TwG-CAN-NL-FooterIMG-04.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae15c9a7863e4c1a6428232df6ecb717851d61b417e1241f593591df6bbd5e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 16 Oct 2019 22:49:46 GMT
server
cloudflare
etag
"e002cd-a92-5950eeae28d79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0ac0d6dd-FRA
content-length
2706
expires
Wed, 11 Dec 2019 14:26:29 GMT
TwG-CAN-NL-FooterIMG-03.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/TwG-CAN-NL-FooterIMG-03.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae9ffe88ddaf761b7e583d7935389b2393ab4c008a888cbf0420bee34b5231f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 09 Oct 2019 23:46:48 GMT
server
cloudflare
etag
"e00194-fc0-59482e5f25367"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0ac1d6dd-FRA
content-length
4032
expires
Wed, 11 Dec 2019 14:26:29 GMT
adwords_gray_36px.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/adwords_gray_36px.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f018f669e9b0225efc93c50f6fb22e74b807916897efbcb4971578fc6daa9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 16 Oct 2019 22:49:46 GMT
server
cloudflare
etag
"e002cf-9fd-5950eeae2a4e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0ac2d6dd-FRA
content-length
2557
expires
Wed, 11 Dec 2019 14:26:29 GMT
twg_blue_email_icon_footer.png
lp.thinkwithgoogle.com/rs/172-GOP-811/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/rs/172-GOP-811/images/twg_blue_email_icon_footer.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
461ff8d6fd19273e143eda2ec057f76d29f6d8dd8c1d064de221213c68e31b47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:30 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 16 Oct 2019 23:25:34 GMT
server
cloudflare
etag
"e002d6-3bd7-5950f6ae9d4c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf0ac3d6dd-FRA
content-length
15319
expires
Wed, 11 Dec 2019 14:26:30 GMT
downloadPicture.gif
mail.thinkwithgoogle.com/images/
Redirect Chain
  • https://mail.thinkwithgoogle.com/trk?t=1&mid=${mktmail.QpMarketoId}
  • https://mail.thinkwithgoogle.com/images/downloadPicture.gif
43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.thinkwithgoogle.com/images/downloadPicture.gif
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
57
status
200
content-length
43
last-modified
Wed, 25 Sep 2019 17:31:32 GMT
server
cloudflare
etag
"4e0040-2b-59364061b0500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820d43a45d6dd-FRA
expires
Wed, 11 Dec 2019 14:26:30 GMT

Redirect headers

date
Wed, 11 Dec 2019 14:25:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
location
/images/downloadPicture.gif
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
302
cache-control
private, no-cache, no-store, max-age=0
cf-ray
543820d04ee2d6dd-FRA
email-decode.min.js
lp.thinkwithgoogle.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
content-encoding
gzip
last-modified
Wed, 04 Dec 2019 13:30:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de7b4f0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
543820cf0ab6d6dd-FRA
expires
Fri, 13 Dec 2019 14:25:29 GMT
jquery-1.8.2.min.js
lp.thinkwithgoogle.com/js/public/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/js/public/jquery-1.8.2.min.js
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4972
status
200
content-length
33397
last-modified
Wed, 25 Sep 2019 18:54:54 GMT
server
cloudflare
etag
"ee04f0-16cfb-59365303f7b80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
543820cf0ab7d6dd-FRA
expires
Wed, 11 Dec 2019 18:25:29 GMT
forwardemail.js
lp.thinkwithgoogle.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/js/forwardemail.js
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4972
status
200
content-length
1959
last-modified
Wed, 25 Sep 2019 18:55:06 GMT
server
cloudflare
etag
"8a0679-1efb-5936530f69680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
543820cf0abad6dd-FRA
expires
Wed, 11 Dec 2019 18:25:29 GMT
forwardemail.css
lp.thinkwithgoogle.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/css/forwardemail.css
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4972
status
200
content-length
908
last-modified
Wed, 25 Sep 2019 18:55:11 GMT
server
cloudflare
etag
"8003db-e2b-593653142e1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
543820cf0abcd6dd-FRA
expires
Wed, 11 Dec 2019 18:25:29 GMT
stripmkttok.js
lp.thinkwithgoogle.com/js/ 		2 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.thinkwithgoogle.com/js/stripmkttok.js
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4972
status
200
content-length
678
last-modified
Wed, 25 Sep 2019 18:55:06 GMT
server
cloudflare
etag
"8a060d-602-5936530f69680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
543820cf0abdd6dd-FRA
expires
Wed, 11 Dec 2019 18:25:29 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
https://lp.thinkwithgoogle.com

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1723748
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&display=swap
Origin
https://lp.thinkwithgoogle.com

Response headers

date
Tue, 19 Nov 2019 01:14:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1948261
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:14:28 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&display=swap
Origin
https://lp.thinkwithgoogle.com

Response headers

date
Thu, 21 Nov 2019 15:24:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:39 GMT
server
sffe
age
1724449
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12824
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:24:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&display=swap
Origin
https://lp.thinkwithgoogle.com

Response headers

date
Wed, 20 Nov 2019 18:56:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1798117
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Thu, 19 Nov 2020 18:56:52 GMT
ftf_arrows.png
lp.thinkwithgoogle.com/images/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.thinkwithgoogle.com/images/icons/ftf_arrows.png
Requested by
Host: lp.thinkwithgoogle.com
URL: https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.71.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.thinkwithgoogle.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiTVdNM1kyRTRZekExWmpFNSIsInQiOiJ5SWhFMmlrYmhvWkZFMFRXb0lsTjNWS2Q1T0NJVkcvWVRLSTUxZmdWcm9YZFlBeXVxN2I3SUR3ZTJlM25yM2M1UmtlTmRIV0lYZGkzdklJUEhFakExdzFqb3MyNzE4aWFESHJBcGhhVklvVFU1QnpIWFFXenBSdVhUTlN2TUNkTyJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:25:29 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Sep 2019 18:54:39 GMT
server
cloudflare
etag
"f2031b-ca8-593652f5a99c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
543820cf6befd6dd-FRA
content-length
3240
expires
Wed, 11 Dec 2019 14:26:29 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery string| __mktTokVal

3 Cookies

Domain/Path Name / Value
.lp.thinkwithgoogle.com/ Name: __cf_bm
Value: d91b0c8e9af013ef736ef861f2b25fed87e1076f-1576074329-1800-AbIphpRLIiJA+BaJdgwwHkq7nJG4rRJV5wK8VlBT3E16jpwNNS64+A0Yp/IYwvEEzCCBMFDCeG7Pi6pTZQtaYOI=
lp.thinkwithgoogle.com/ Name: BIGipServersj20web-nginx-app_https
Value: !39kMpzGWgbxqQLjInuzRy4alk/3R/lvMU2+sRuPvoaCMAyHE1RuNSUANG+Tn8WraD3Asobjf1S2jafg=
.lp.thinkwithgoogle.com/ Name: __cfduid
Value: da0b1358d2a28b4325ef1eae6221d414e1576074328

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lp.thinkwithgoogle.com
mail.thinkwithgoogle.com
104.17.71.206
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
13b340dab2ba7634f4e97626564daee251e631f0d351a5f20f039c6f8ff9035d
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35fc3d832e6e19432f1ef94d7ae3de5e568dd87211fc9844f5d01a2464ce9498
3ae15c9a7863e4c1a6428232df6ecb717851d61b417e1241f593591df6bbd5e6
3ae9ffe88ddaf761b7e583d7935389b2393ab4c008a888cbf0420bee34b5231f
461ff8d6fd19273e143eda2ec057f76d29f6d8dd8c1d064de221213c68e31b47
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
61dabd068cbc95791032c320090d785c252c966fcb79666027d93cf4db8d7897
7f26fb72a1a939f0aa8000cadd62b3245749c54485d5efed62c5c26156ed95ba
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
a8314a31512b1312e98462c4bebe1631fa265c90b91ad888230dbdfe22f8ad20
b3a268afe6e3198bee29f6ec4f56ea1dac0a3487f17186ca01ddd52682595379
ca765b0a46d615582fdfdad1689fb47287bc98c57fea8d6e43910fcea04721dd
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
e4f018f669e9b0225efc93c50f6fb22e74b807916897efbcb4971578fc6daa9e
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715