urlscan.io logo urlscan.io
SecurityTrails logo

us8.campaign-archive.com Open in urlscan Pro
92.123.13.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRUiDwycchNHOyR_v5hQdKe...
Effective URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Submission: On October 05 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 92.123.13.11, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is us8.campaign-archive.com. The Cisco Umbrella rank of the primary domain is 543380.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 13th 2021. Valid for: a year.
This is the only time us8.campaign-archive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 163.172.240.177 12876 (Online SAS)
2 92.123.13.11 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 34.96.122.219 396982 (GOOGLE-CL...)
5 18.66.127.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 6
2    163.172.240.177 (France)

ASN12876 (Online SAS, FR)
PTR: rdns1.mails.thewave-fr.be
mails.thewave-nl.be
2    92.123.13.11 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-13-11.deploy.static.akamaitechnologies.com
us8.campaign-archive.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    34.96.122.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.122.96.34.bc.googleusercontent.com
mcusercontent.com
5    18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-89.fra60.r.cloudfront.net
cdn-images.mailchimp.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 8884
7 KB
5 mcusercontent.com
mcusercontent.com — Cisco Umbrella Rank: 7717
2 MB
3 gstatic.com
fonts.gstatic.com
81 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
ajax.googleapis.com — Cisco Umbrella Rank: 485
72 KB
2 campaign-archive.com
us8.campaign-archive.com — Cisco Umbrella Rank: 543380
11 KB
2 thewave-nl.be
mails.thewave-nl.be
886 B
17 6
Domain Requested by
5 cdn-images.mailchimp.com us8.campaign-archive.com
5 mcusercontent.com us8.campaign-archive.com
3 fonts.gstatic.com fonts.googleapis.com
2 us8.campaign-archive.com us8.campaign-archive.com
2 mails.thewave-nl.be 2 redirects
1 ajax.googleapis.com us8.campaign-archive.com
1 fonts.googleapis.com us8.campaign-archive.com
17 7
Subject Issuer Validity Valid
wildcardsan2.mailchimp.com
DigiCert SHA2 Secure Server CA		 2021-10-13 -
2022-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
mcusercontent.com
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2022-07-06 -
2023-08-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Frame ID: 1CF7060C48C1F24C11AE895F2E0A65DD
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Een gloednieuwe slaapwinkel in Maldegem 🎉

Page URL History Show full URLs

  1. http://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRU... HTTP 301
    https://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRU... HTTP 302
    https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

1897 kB
Transfer

1968 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRUiDwycchNHOyR_v5hQdKeUfvhBNNLIQ2Po2sIX4y1xblhYJ2T2Ju5SrwkLciukWKbccscd7Jnvo2iny9AOdYDjHqB8TpyJgv65JXefuRbQBNyF4SWR1xkZ8xly0TKD_lsqI4T0-T_xixbfrfeNzDuRLgBvY-6nhsw-1bWQKySRn2Vx1M_o7/0xolVKJ-qwzHZXhxq2WHAByqdfEYCcHZzG1wcc0ig0BKvCmIx8z6KE6CFUd8lem3lTyu5x90s4f0ESPbQZeMtD-3IFCtVThYL1YrpBFX2PsVg= HTTP 301
    https://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRUiDwycchNHOyR_v5hQdKeUfvhBNNLIQ2Po2sIX4y1xblhYJ2T2Ju5SrwkLciukWKbccscd7Jnvo2iny9AOdYDjHqB8TpyJgv65JXefuRbQBNyF4SWR1xkZ8xly0TKD_lsqI4T0-T_xixbfrfeNzDuRLgBvY-6nhsw-1bWQKySRn2Vx1M_o7/0xolVKJ-qwzHZXhxq2WHAByqdfEYCcHZzG1wcc0ig0BKvCmIx8z6KE6CFUd8lem3lTyu5x90s4f0ESPbQZeMtD-3IFCtVThYL1YrpBFX2PsVg= HTTP 302
    https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
us8.campaign-archive.com/
Redirect Chain
  • http://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRUiDwycchNHOyR_v5hQdKeUfvhBNNLIQ2Po2sIX4y1xblhYJ2T2Ju5SrwkLciukWKbccscd7Jnvo2iny9AOdYDjHqB8TpyJg...
  • https://mails.thewave-nl.be/83E4u7FjxZwNF3yfLsp1doOUiwNIBUqll347RD3LjlRhfhnYdiLoBoudMNr0zM5ENei1Aw2zZNRUiDwycchNHOyR_v5hQdKeUfvhBNNLIQ2Po2sIX4y1xblhYJ2T2Ju5SrwkLciukWKbccscd7Jnvo2iny9AOdYDjHqB8TpyJ...
  • https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
76 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.11 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-11.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
e8ed7f80a3ca14a70f754cf58db39ab2647735c60680d6e887c19a74c744d90a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-length
8968
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 10:39:41 GMT
server
openresty
vary
Accept-Encoding
x-ua-compatible
IE=edge,chrome=1

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 10:39:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.4.45
location
https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Playfair+Display:400,400i,700,700i
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d649be05cd443c9a063303563809aad39bed4838358f57da3f50fabf2a58a077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 10:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 10:39:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 10:39:41 GMT
archivebar-desktop.css
us8.campaign-archive.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us8.campaign-archive.com/css/archivebar-desktop.css
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.11 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-11.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
f5757a2fa0f0ae8f63c1c38afe86ff1987e183801a8059d65c450c220d0422bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 10:39:41 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 14:56:15 GMT
server
openresty
etag
"1829-5e945435307bd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=66079
accept-ranges
bytes
content-length
1741
f9e34b8c-6d82-5423-dfd1-839c417d0cf5.jpg
mcusercontent.com/fd183b22b4537f3d88cb376a6/images/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/fd183b22b4537f3d88cb376a6/images/f9e34b8c-6d82-5423-dfd1-839c417d0cf5.jpg
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15d1a48858916564bf80f5c9fb209262a69fede7145b8e7fedd3c4354b31c76b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 09:44:24 GMT
age
3317
x-guploader-uploadid
ADPycdtCpcyXuiCewkMRad7VBVClENOht_2hNV7TouU2SLaNkzMwYpjegSMpjb9iA2-wd_j-wCSdQndsgIyo3iwTZfsBgpG3zDfz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128165
last-modified
Tue, 26 Oct 2021 13:18:54 GMT
server
UploadServer
etag
"58fbfd778fea4af11d343e394e3b1053"
x-goog-generation
1635254334556263
x-goog-hash
crc32c=8zhocg==, md5=WPv9d4/qSvEdND45TjsQUw==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
128165
accept-ranges
bytes
expires
Wed, 05 Oct 2022 10:44:24 GMT
d3e09c37-d9aa-35f2-a83b-f64cd3b23c00.png
mcusercontent.com/fd183b22b4537f3d88cb376a6/images/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/fd183b22b4537f3d88cb376a6/images/d3e09c37-d9aa-35f2-a83b-f64cd3b23c00.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fbdda73863661c324f59c6651f837c48230a6176c0cc5246fffc0795639b3c14

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 10:39:41 GMT
age
0
x-guploader-uploadid
ADPycdu432rfsd2ylyFJhjFTGN4x1IndVkQfH2epUIDg8kNF87hOvErABDO9GRTSVebUU7ht7ntd1Pb3mNaYOdziKNJ6h9G_CAOm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232030
last-modified
Wed, 07 Sep 2022 14:25:58 GMT
server
UploadServer
etag
"56be49f84db4d72dfb54c2195b4644f8"
x-goog-generation
1662560758291350
x-goog-hash
crc32c=Kmw4JQ==, md5=Vr5J+E201y37VMIZW0ZE+A==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
232030
accept-ranges
bytes
expires
Wed, 05 Oct 2022 11:39:41 GMT
185da218-d3ef-0acd-c81b-24e83a8948a4.png
mcusercontent.com/fd183b22b4537f3d88cb376a6/images/ 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/fd183b22b4537f3d88cb376a6/images/185da218-d3ef-0acd-c81b-24e83a8948a4.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
47d6d79e1fbb88c3a1d51ce511791bc0918fd9aaa24767433ad9b222b2b6ec21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 10:39:41 GMT
age
0
x-guploader-uploadid
ADPycdtdqgJ_fSv6dZEiqq5_tUdDT4Jx-yYld3nBGhz_a5J4tZp6ycleIqDpKM74bi6ATBX2VtKCMU5yg4eNUJpmhdenOU0V2jvB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
465143
last-modified
Wed, 07 Sep 2022 14:26:12 GMT
server
UploadServer
etag
"5f0b9c1a8cbbbb396f4a2c220d69e922"
x-goog-generation
1662560772336914
x-goog-hash
crc32c=jc+6rg==, md5=XwucGoy7uzlvSiwiDWnpIg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
465143
accept-ranges
bytes
expires
Wed, 05 Oct 2022 11:39:41 GMT
a697a8af-f9f5-6eec-6ac4-d02a7c7fa176.png
mcusercontent.com/fd183b22b4537f3d88cb376a6/images/ 		708 KB
709 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/fd183b22b4537f3d88cb376a6/images/a697a8af-f9f5-6eec-6ac4-d02a7c7fa176.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c6f93bc8b9de7c2dae3337f8e6dd895ed8fad76cc9220ecbb76028d403d21040

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 10:39:41 GMT
age
0
x-guploader-uploadid
ADPycdt8YIdJ46fYIjJ8tiREMEA991y-YaI6-vPP_HI7jKWwpWM5zVh89EQIunwNOic6ENDRHuneu9BdMhNf05JCuJynIShKZigH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
725176
last-modified
Wed, 07 Sep 2022 14:26:22 GMT
server
UploadServer
etag
"7a1fd864e8ba58981b89e3634607bbea"
x-goog-generation
1662560782398403
x-goog-hash
crc32c=avx6zg==, md5=eh/YZOi6WJgbieNjRge76g==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
725176
accept-ranges
bytes
expires
Wed, 05 Oct 2022 11:39:41 GMT
6bcdb2b1-7615-25ea-3cec-8805ea018807.png
mcusercontent.com/fd183b22b4537f3d88cb376a6/images/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/fd183b22b4537f3d88cb376a6/images/6bcdb2b1-7615-25ea-3cec-8805ea018807.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2d0c5ee232548eb8db71ecb53c346e1f32db8d8abacd1f39357edda1e030a5d3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 10:39:41 GMT
x-guploader-uploadid
ADPycds7KgG9F6AnPW-hBQ-LagJZb6W3huRLsukT1d9T2hWODP-Q6N6uV0bcc9Yj0s7_4VIsOKcvC7AP32w5xUsixSeJpt5j_Xit
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
213156
last-modified
Wed, 07 Sep 2022 14:59:37 GMT
server
UploadServer
etag
"7566a1fa145ba3cf8cef2c7d912deecd"
x-goog-generation
1662562777342144
content-type
image/png
x-goog-hash
crc32c=eZwTtQ==, md5=dWah+hRbo8+M7yx9kS3uzQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
213156
accept-ranges
bytes
expires
Wed, 05 Oct 2022 11:39:41 GMT
light-facebook-48.png
cdn-images.mailchimp.com/icons/social-block-v2/ 		609 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v2/light-facebook-48.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24f6cc53da5f339a3ef2b320ea0936a31ac0442fe4ef1907de130d39ac916b95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 05 Oct 2022 02:45:49 GMT
Via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jun 2014 21:01:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
28469
ETag
"f94da24ae31656e9dd0a21b398369e1a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
609
X-Amz-Cf-Id
ioTAIgS8ychrZ_HuQs1jBM1U3uGM1woakRSB3iYDd1vSfGA4r6IucA==
light-instagram-48.png
cdn-images.mailchimp.com/icons/social-block-v2/ 		502 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v2/light-instagram-48.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7d41224da1c69284786f244b91f99571ccbdb5c85e7a7efa2598154814709c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 04 Oct 2022 23:51:40 GMT
Via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
38882
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
502
Last-Modified
Wed, 06 Jul 2016 21:32:41 GMT
Server
AmazonS3
ETag
"4b95bf2fb069df83e7f1781a548d36f6"
Vary
Accept-Encoding
Content-Type
image/png
x-amz-meta-s3fox-filesize
502
x-amz-meta-s3fox-modifiedtime
1467426276000
Accept-Ranges
bytes
X-Amz-Cf-Id
0JmQxFTI3pdVCQb9x2FDLlGD1YTeJv9nfWAm0i7lH6FhoP5RU_DaHg==
light-pinterest-48.png
cdn-images.mailchimp.com/icons/social-block-v2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v2/light-pinterest-48.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ac9f12ffb106d9af98b11504e1d6456af7f19da7258ce70fe05f746676c44d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 05 Oct 2022 02:12:00 GMT
Via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jun 2014 21:01:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
30462
ETag
"9d79ebfa2a432eb0d901b5221fccfa0f"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1106
X-Amz-Cf-Id
5dld2zVEVg0BH8cugJxhgYZNb2o9yWEqauIYFDOQrjr1H2k2FI39NA==
light-youtube-48.png
cdn-images.mailchimp.com/icons/social-block-v2/ 		724 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v2/light-youtube-48.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f86840fa946df69e7a40b154d1becfd152e1d1a77295a5ef7fedfc75d3ef0c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 05 Oct 2022 01:09:24 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jun 2014 21:01:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
42861
ETag
"4dfc6c15524d52f6a2c3be0b7a3f27cf"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
724
X-Amz-Cf-Id
YMzZQ809DG8DRruv5Lhf0c5ZrJgeAwpmo8cJvw1W4ngRJMdi1S7bcw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/?e=[UNIQID]&u=fd183b22b4537f3d88cb376a6&id=c407214c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:13:03 GMT
x-content-type-options
nosniff
age
131198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72174
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:13:03 GMT
awesomebar-sprite.png
cdn-images.mailchimp.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/awesomebar-sprite.png
Requested by
Host: us8.campaign-archive.com
URL: https://us8.campaign-archive.com/css/archivebar-desktop.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7df3ca83c43e7c1602a5df22ce6f44135e6b06de295fd045b00a4996f745d5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://us8.campaign-archive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 22:43:53 GMT
x-amz-version-id
null
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
42949
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1835
Last-Modified
Fri, 22 Jun 2012 19:56:07 GMT
Server
AmazonS3
ETag
"22313a9b5ebfee32f60cfca56e01ff9f"
Content-Type
image/png
x-amz-meta-s3fox-filesize
1835
x-amz-meta-s3fox-modifiedtime
1340394950000
Accept-Ranges
bytes
X-Amz-Cf-Id
XzX-N14qLf4k2VFxURVqA2BxE30buuZtlRmxm0VlJtfK8FDCh1OuAw==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Playfair+Display:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us8.campaign-archive.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:08:09 GMT
x-content-type-options
nosniff
age
63092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 17:08:09 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Playfair+Display:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us8.campaign-archive.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 16:59:12 GMT
x-content-type-options
nosniff
age
582029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 16:59:12 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Playfair+Display:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us8.campaign-archive.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:52:12 GMT
x-content-type-options
nosniff
age
143249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 18:52:12 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
us8.campaign-archive.com/ Name: _mcid
Value: 1.a685015dbfa9b94c3658992a5fc587f3.9136f48078a386ae5a68ccf2dddfe843b231479a30551eaee1f0c6f94503a9b9
.campaign-archive.com/ Name: ak_bmsc
Value: 8AC06B74B4F7696FD39CD11203A3FF57~000000000000000000000000000000~YAAQTBdlXwIuT6eDAQAAgtC6pxHZ3BXpsqg9tPF/TjKZfZavDN+Jpj72W87bz1Z/NOBog6bgiwzRygq5oYczEmGapGubSmeAa4ha/dkC+5bNXbAgfIdOAT4qUbqqsVed7BoYpNSt46UmeIMas399XaUproBCx483l/9S0W74hOQ7rUn1W5ryv02L2fxurWGmvEiQoXcbPSdwmM+TDE21WqKHALK1IYsjd/6KZEjnofEbVeWXLSyOeEo8EzrPTnphOW5r2J+K0J8Bwway8Z3LoN91sscqUejEgTdpRUXd7kzinzYLPCbXf2Gm+tFMrsuwWmqH6zToTN58SreXgE4nJAD2e1Q4mTPFqGiveBlZCaC7YPjfYjO7e9RZozg3l83PoPNukdXSFSpKA2f0ivEvn2odZb0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-images.mailchimp.com
fonts.googleapis.com
fonts.gstatic.com
mails.thewave-nl.be
mcusercontent.com
us8.campaign-archive.com
163.172.240.177
18.66.127.89
2a00:1450:4001:801::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200a
34.96.122.219
92.123.13.11
0f86840fa946df69e7a40b154d1becfd152e1d1a77295a5ef7fedfc75d3ef0c4
15d1a48858916564bf80f5c9fb209262a69fede7145b8e7fedd3c4354b31c76b
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
24f6cc53da5f339a3ef2b320ea0936a31ac0442fe4ef1907de130d39ac916b95
2d0c5ee232548eb8db71ecb53c346e1f32db8d8abacd1f39357edda1e030a5d3
47d6d79e1fbb88c3a1d51ce511791bc0918fd9aaa24767433ad9b222b2b6ec21
7ac9f12ffb106d9af98b11504e1d6456af7f19da7258ce70fe05f746676c44d9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6f93bc8b9de7c2dae3337f8e6dd895ed8fad76cc9220ecbb76028d403d21040
c7d41224da1c69284786f244b91f99571ccbdb5c85e7a7efa2598154814709c9
d649be05cd443c9a063303563809aad39bed4838358f57da3f50fabf2a58a077
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e7df3ca83c43e7c1602a5df22ce6f44135e6b06de295fd045b00a4996f745d5e
e8ed7f80a3ca14a70f754cf58db39ab2647735c60680d6e887c19a74c744d90a
f5757a2fa0f0ae8f63c1c38afe86ff1987e183801a8059d65c450c220d0422bf
fbdda73863661c324f59c6651f837c48230a6176c0cc5246fffc0795639b3c14