urlscan.io logo urlscan.io
SecurityTrails logo

partnership.email Open in urlscan Pro
54.39.238.166  Public Scan

Go To Rescan Add Verdict Report
URL: http://partnership.email/
Submission: On November 13 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 54.39.238.166, located in Montreal, Canada and belongs to OVH, FR. The main domain is partnership.email.
This is the only time partnership.email was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.39.238.166 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip166.ip-54-39-238.net
partnership.email
15    149.56.64.8 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip8.ip-149-56-64.net
wildcardparking.com
offers.wildcardparking.com
api.wildcardparking.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    216.158.67.117 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 216-158-67-117.static.webnx.com
file.myfontastic.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    94.102.208.254 (Germany)

ASN25504 (CRONON-AS Obermuensterstr. 9, DE)
PTR: login.domainwerk.eu
domain.casino
2    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
11 wildcardparking.com 5 redirects partnership.email
wildcardparking.com
2 www.google-analytics.com partnership.email
www.google-analytics.com
2 api.wildcardparking.com cdnjs.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 offers.wildcardparking.com partnership.email
code.jquery.com
2 cdnjs.cloudflare.com partnership.email
1 domain.casino partnership.email
1 code.jquery.com partnership.email
1 file.myfontastic.com partnership.email
1 fonts.googleapis.com partnership.email
1 partnership.email
21 11

This site contains links to these domains. Also see Links.

Domain
freiburg.domains
Subject Issuer Validity Valid
wildcardparking.com
Let's Encrypt Authority X3		 2020-09-21 -
2020-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
file.myfontastic.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-04 -
2022-11-06		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
domain.casino
Let's Encrypt Authority X3		 2020-10-08 -
2021-01-06		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://partnership.email/
Frame ID: 14A175065BA9DC98D22FFEF448818635
Requests: 19 HTTP requests in this frame

Frame: https://offers.wildcardparking.com/form.html?id=domainContactForm1&title=Contact%20owner%20of%20partnership.email&email_to=Sales%40Domainwerk.de&minOfferAmount=0&domainName=partnership.email&userId=322&offerPlaceholder=&template_id=&template_source=special_template
Frame ID: C8772A4E128ABD324D5FC91E2D73D239
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

95 %
HTTPS

60 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

497 kB
Transfer

1460 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wildcardparking.com/sitebuilder/elements/css/skeleton.css HTTP 301
  • https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
Request Chain 3
  • http://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0 HTTP 301
  • https://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0
Request Chain 4
  • http://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0 HTTP 301
  • https://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0
Request Chain 5
  • http://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0 HTTP 301
  • https://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0
Request Chain 6
  • http://wildcardparking.com/sitebuilder/elements/js/build/build.min.js HTTP 301
  • https://wildcardparking.com/sitebuilder/elements/js/build/build.min.js
Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
partnership.email/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://partnership.email/
Protocol
HTTP/1.1
Server
54.39.238.166 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip166.ip-54-39-238.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
282402325bdd6210d715716118fe056699ee245c4fe2fd07852d690e5e081c63

Request headers

Host
partnership.email
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3359
Content-Type
text/html; charset=UTF-8
skeleton.css
wildcardparking.com/sitebuilder/elements/css/
Redirect Chain
  • http://wildcardparking.com/sitebuilder/elements/css/skeleton.css
  • https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
324 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6b53b4484f44399622803e94d3586ff1c79d628c22e3ec895437aefafb92736c

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Aug 2020 00:49:46 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"50e6c-5ae21c76cf4e9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
54427

Redirect headers

Location
https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
358
Content-Type
text/html; charset=iso-8859-1
css
fonts.googleapis.com/ 		5 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400i|Work+Sans:500,700,900
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56247b9181ab886ebf9fe125d676753eedab708d8b56d1349c18d546bc1fc097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 08:50:09 GMT
server
ESF
date
Fri, 13 Nov 2020 08:50:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 08:50:09 GMT
icons.css
file.myfontastic.com/n6vo44Re5QaWo8oCKShBs7/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.myfontastic.com/n6vo44Re5QaWo8oCKShBs7/icons.css
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.158.67.117 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
216-158-67-117.static.webnx.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47fe73d90b030a1436ae7c5f02aed8590947736235de0a448f0748c578f80f98

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:09 GMT
Last-Modified
Fri, 10 Mar 2017 14:24:33 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"58c2b721-252b"
Content-Type
text/css
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9515
styles.css
wildcardparking.com/sitebuilder/elements/assets/css/
Redirect Chain
  • http://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0
  • https://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a946538b12f4b6b9262cd3d6bace9de7473f8f79bce6e405aa409b0f1005dbf8

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Mar 2018 12:03:17 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"f0b-56863ad051db9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1001

Redirect headers

Location
https://wildcardparking.com/sitebuilder/elements/assets/css/styles.css?v=2.0
Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
369
Content-Type
text/html; charset=iso-8859-1
elements.css
wildcardparking.com/sitebuilder/elements/assets/css/
Redirect Chain
  • http://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0
  • https://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0
33 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
16d3b63cfc09ca27afec2bed4d4c96d92db3e717ccff5f0e30bdf841cbbc8cd7

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Mar 2018 12:03:17 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"8469-56863ad051db9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5061

Redirect headers

Location
https://wildcardparking.com/sitebuilder/elements/assets/css/elements.css?v=2.0
Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
371
Content-Type
text/html; charset=iso-8859-1
demo-8.css
wildcardparking.com/sitebuilder/elements/assets/css/
Redirect Chain
  • http://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0
  • https://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
83b287483d373ce206740de2254007e85691fe29dc1fda3b4baae91ddc0ed73d

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Mar 2018 12:03:17 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"f32-56863ad051db9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1016

Redirect headers

Location
https://wildcardparking.com/sitebuilder/elements/assets/css/demo-8.css?v=2.0
Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
369
Content-Type
text/html; charset=iso-8859-1
build.min.js
wildcardparking.com/sitebuilder/elements/js/build/
Redirect Chain
  • http://wildcardparking.com/sitebuilder/elements/js/build/build.min.js
  • https://wildcardparking.com/sitebuilder/elements/js/build/build.min.js
452 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/js/build/build.min.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4894d322c928e430c7ffd49bfbcf3bb9a65c4156124bd8ad03f531dd35b81d55

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Aug 2020 00:49:46 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"711b4-5ae21c76a2629-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100

Redirect headers

Location
https://wildcardparking.com/sitebuilder/elements/js/build/build.min.js
Date
Fri, 13 Nov 2020 08:50:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
363
Content-Type
text/html; charset=iso-8859-1
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:50:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21733
x-via
cfworker/kv
status
200
content-length
772
cf-request-id
0662654bd000000f9a259d5000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
etag
"5eb03ec5-6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zjaQa79DQoxtg4J%2B72toEyD9SWdcWn5eQQ6jsjvd2e3FlMYxhrQZZsE5fx%2F84Mzn5fgsHFyRKQLWQgFIpRW31DKD3Lj3dfhXkyd5lnmSprLtf5XSzKmFDtwHy8w%2FoSH7VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f173e594b910f9a-VIE
expires
Wed, 03 Nov 2021 08:50:09 GMT
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.14.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.14.0/axios.min.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4893c856ffa3551d3bd3aab4cf2caffa7be1dd2fae0cbb44f3c317d296874532
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:50:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
806066
x-via
cfworker/kv
status
200
content-length
3567
cf-request-id
0662654bd100000f9a7f1de000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
etag
"5eb03d6a-2b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F7ZQSeoJ6WMLK1giD0M5UrIuizjvt9b7W7wzst85SarJsrjUNBKmnBZfB1vWbKBwkn0kaRLpwqI80OWhoVGU8gLySMjykyhfw1Vh8olkmEFZSdM4dzvoED1Ytj9fNKRPSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f173e594b930f9a-VIE
expires
Wed, 03 Nov 2021 08:50:09 GMT
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Origin
http://partnership.email
Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:50:09 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2016 22:32:34 GMT
server
nginx
status
200
etag
W/"57e45c02-152b5"
vary
Accept-Encoding
x-hw
1605257409.dop133.fr8.t,1605257409.cds211.fr8.hn,1605257409.cds012.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30070
main.bundle.js
offers.wildcardparking.com/ 		296 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.wildcardparking.com/main.bundle.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c3048d364c06725b3033843465db8b5c9373e489bf0c0a6b672a639bc450eb00

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Jun 2020 22:22:45 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"49fd3-5a89f90c1089b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
48876
newtlds2.jpg
domain.casino/cms/wp-content/uploads/2020/06/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domain.casino/cms/wp-content/uploads/2020/06/newtlds2.jpg
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.102.208.254 , Germany, ASN25504 (CRONON-AS Obermuensterstr. 9, DE),
Reverse DNS
login.domainwerk.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
9d40fb85e4d16e08ace503fa71b3a44605560bca68488121d9ec1e4e1397e69b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Last-Modified
Thu, 04 Jun 2020 03:02:43 GMT
Server
Apache/2.4.25 (Debian)
ETag
"13155-5a73960da0bd1"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
78165
lato-regular.woff
wildcardparking.com/sitebuilder/elements/fonts/lato/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wildcardparking.com/sitebuilder/elements/fonts/lato/lato-regular.woff
Requested by
Host: wildcardparking.com
URL: https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a

Request headers

Origin
http://partnership.email
Referer
https://wildcardparking.com/sitebuilder/elements/css/skeleton.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 08:50:11 GMT
Last-Modified
Tue, 27 Mar 2018 14:38:47 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"8a88-56865d91cf2a8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
35464
0ybuGDoxxrvAnPhYGxksckM2WMCpRjDj-DJGWlmeObLI2pg8HjE.woff
fonts.gstatic.com/s/vollkorn/v12/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v12/0ybuGDoxxrvAnPhYGxksckM2WMCpRjDj-DJGWlmeObLI2pg8HjE.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400i|Work+Sans:500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3eaf73668b35af6d642e013d842fba3cc1e284bcd7aeb4e155c9c57cc11691f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://partnership.email
Referer
https://fonts.googleapis.com/css?family=Vollkorn:400i|Work+Sans:500,700,900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:40:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:36:08 GMT
server
sffe
age
421769
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25768
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:40:41 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v8/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400i|Work+Sans:500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://partnership.email
Referer
https://fonts.googleapis.com/css?family=Vollkorn:400i|Work+Sans:500,700,900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 17:23:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:42:54 GMT
server
sffe
age
573976
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45196
x-xss-protection
0
expires
Sat, 06 Nov 2021 17:23:54 GMT
222
api.wildcardparking.com/v1/user-analytics/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.wildcardparking.com/v1/user-analytics/222
Protocol
HTTP/1.1
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://partnership.email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 13 Nov 2020 08:50:11 GMT
Server
Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Content-Type, Authorization
Allow
GET, HEAD, POST
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
application/json; charset=UTF-8
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: partnership.email
URL: http://partnership.email/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5662
date
Fri, 13 Nov 2020 07:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 13 Nov 2020 09:15:48 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
222
api.wildcardparking.com/v1/user-analytics/ 		1 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.wildcardparking.com/v1/user-analytics/222
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.14.0/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept
application/json, text/plain, */*
Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Fri, 13 Nov 2020 08:50:11 GMT
Server
Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Content-Type, Authorization
Content-Length
1
Keep-Alive
timeout=5, max=99
form.html
offers.wildcardparking.com/ Frame C877 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.wildcardparking.com/form.html?id=domainContactForm1&title=Contact%20owner%20of%20partnership.email&email_to=Sales%40Domainwerk.de&minOfferAmount=0&domainName=partnership.email&userId=322&offerPlaceholder=&template_id=&template_source=special_template
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.64.8 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-149-56-64.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Host
offers.wildcardparking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://partnership.email/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://partnership.email/

Response headers

Date
Fri, 13 Nov 2020 08:50:10 GMT
Server
Apache/2.4.18 (Ubuntu)
Last-Modified
Sun, 21 Jun 2020 22:22:45 GMT
ETag
"1590-5a89f90c1089b-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Content-Length
1661
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html
collect
www.google-analytics.com/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=625516107&t=pageview&_s=1&dl=http%3A%2F%2Fpartnership.email%2F&dp=http%3A%2F%2Fpartnership.email%2F&ul=en-us&de=UTF-8&dt=partnership.email&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1363615282&gjid=2129032981&cid=1844607988.1605257411&tid=UA-3475607-81&_gid=1829644721.1605257411&_r=1&_slc=1&z=703783949
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://partnership.email/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 08:50:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://partnership.email
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes function| $ function| jQuery object| jQuery111103912005399711147 function| onDomReady function| augment object| Holder function| Bloodhound object| Select2 object| wcp string| GoogleAnalyticsObject function| ga function| Cookies function| axios function| generateVisitorId string| apiSite string| user_id number| model_id string| template_source string| domainName string| visitor_id string| url object| WCP function| WCPModal undefined| isCookieAccepted object| cookieElement object| cookieAcceptElement object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.partnership.email/ Name: _gat
Value: 1
.partnership.email/ Name: _gid
Value: GA1.2.1829644721.1605257411
.partnership.email/ Name: _ga
Value: GA1.2.1844607988.1605257411
.partnership.email/ Name: userId
Value: 6cf91923-f97c-41da-9f5a-210e1c470349

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.wildcardparking.com
cdnjs.cloudflare.com
code.jquery.com
domain.casino
file.myfontastic.com
fonts.googleapis.com
fonts.gstatic.com
offers.wildcardparking.com
partnership.email
wildcardparking.com
www.google-analytics.com
149.56.64.8
2001:4de0:ac19::1:b:1a
216.158.67.117
2606:4700::6810:125e
2a00:1450:4001:801::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200a
54.39.238.166
94.102.208.254
16d3b63cfc09ca27afec2bed4d4c96d92db3e717ccff5f0e30bdf841cbbc8cd7
282402325bdd6210d715716118fe056699ee245c4fe2fd07852d690e5e081c63
47fe73d90b030a1436ae7c5f02aed8590947736235de0a448f0748c578f80f98
4893c856ffa3551d3bd3aab4cf2caffa7be1dd2fae0cbb44f3c317d296874532
4894d322c928e430c7ffd49bfbcf3bb9a65c4156124bd8ad03f531dd35b81d55
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
56247b9181ab886ebf9fe125d676753eedab708d8b56d1349c18d546bc1fc097
6b53b4484f44399622803e94d3586ff1c79d628c22e3ec895437aefafb92736c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a
83b287483d373ce206740de2254007e85691fe29dc1fda3b4baae91ddc0ed73d
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9d40fb85e4d16e08ace503fa71b3a44605560bca68488121d9ec1e4e1397e69b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a946538b12f4b6b9262cd3d6bace9de7473f8f79bce6e405aa409b0f1005dbf8
c3048d364c06725b3033843465db8b5c9373e489bf0c0a6b672a639bc450eb00
c3eaf73668b35af6d642e013d842fba3cc1e284bcd7aeb4e155c9c57cc11691f
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b