urlscan.io logo urlscan.io
SecurityTrails logo

visit.ghadiscovery.com Open in urlscan Pro
99.86.7.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rbSRk5XcLMYAeJTzdzf5zfCnLDhvnwjRoMzbsGU...
Effective URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020...
Submission: On May 07 via api from CH — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 99.86.7.101, located in United States and belongs to AMAZON-02, US. The main domain is visit.ghadiscovery.com.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.
This is the only time visit.ghadiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 140.86.227.60 43898 (ORCL-AM-OPC1)
2 99.86.7.101 16509 (AMAZON-02)
1 172.217.18.106 15169 (GOOGLE)
4 151.101.1.194 54113 (FASTLY)
12 99.86.1.3 16509 (AMAZON-02)
1 142.250.181.227 15169 (GOOGLE)
21 6
1    140.86.227.60 (Sweden)

ASN43898 (ORCL-AM-OPC1, SE)
PTR: email.discoveryloyalty.com
email.discoveryloyalty.com
2    99.86.7.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-101.fra6.r.cloudfront.net
visit.ghadiscovery.com
1    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
fonts.googleapis.com
4    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
brandcast-cdn.global.ssl.fastly.net
12    99.86.1.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-3.fra6.r.cloudfront.net
d16bl9hbknyxy0.cloudfront.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d16bl9hbknyxy0.cloudfront.net
31 MB
4 fastly.net
brandcast-cdn.global.ssl.fastly.net — Cisco Umbrella Rank: 591381
181 KB
2 ghadiscovery.com
visit.ghadiscovery.com
50 KB
1 gstatic.com
fonts.gstatic.com
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
978 B
1 discoveryloyalty.com
email.discoveryloyalty.com
920 B
21 6
Domain Requested by
12 d16bl9hbknyxy0.cloudfront.net visit.ghadiscovery.com
4 brandcast-cdn.global.ssl.fastly.net visit.ghadiscovery.com
2 visit.ghadiscovery.com visit.ghadiscovery.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com visit.ghadiscovery.com
1 email.discoveryloyalty.com 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
www.ghadiscovery.com
apps.apple.com
play.google.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
*.ghadiscovery.com
Amazon		 2021-11-29 -
2022-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Frame ID: C9699E30D0BFB6D956C7BF47CC516827
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobile App - GHA DISCOVERY - Rewarding Life's Journeys

Page URL History Show full URLs

  1. https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rbSRk5XcLMYAeJTzdzf... HTTP 302
    https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

32127 kB
Transfer

32367 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rbSRk5XcLMYAeJTzdzf5zfCnLDhvnwjRoMzbsGUcMMnzbe5VXtpKX%3DYAUATC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLPFSgIvE1QGyz1l0AOP3OfnpqTWZRFbRboPEZ8Iweo88UA_tXHj3gxWvpIcXVyukSPpO1j0InYifA_qioc0.&_di_=ht8q9aegt0vl9gqmbveb9o99AB12ABCDEFGHIJKLMNOPQ25utrdg HTTP 302
    https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
visit.ghadiscovery.com/mobile-app/
Redirect Chain
  • https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rbSRk5XcLMYAeJTzdzf5zfCnLDhvnwjRoMzbsGUcMMnzbe5VXtpKX%3DYAUATC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfA...
  • https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
327 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-101.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dbe83f2dd50c8b0690fdb63385ba5ed32d3f460eb7361b8e5fa0f2d343b76d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
53789
content-encoding
gzip
content-type
text/html
date
Fri, 06 May 2022 12:55:42 GMT
etag
W/"5fdee547038c80f25510012a7ac1a27b"
last-modified
Tue, 12 Apr 2022 10:50:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
WX7OAUUoTP42EQEEF0FaMciADHFfbxFqMV8jRPn8bZwxc7c3QcLbTA==
x-amz-cf-pop
FRA6-C1
x-amz-id-2
CgZ/Hi5WA5snF84/uK6ONt67JmNjPgd6pASulUE77c24efLSw25nUbEqFD0CktQapMnYC/s3Z5g=
x-amz-meta-surrogate-key
website-60cf6452-87b4-45d8-b799-4fb433f99260
x-amz-request-id
QH619YXP038Q38PZ
x-cache
Hit from cloudfront

Redirect headers

Cache-Control
no-store, no-cache
Connection
close
Date
Sat, 07 May 2022 03:52:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
P3P
policyref="http://policy.rsys8.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
css
fonts.googleapis.com/ 		4 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jost:400,400i,700,700i
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
ESF /
Resource Hash
96dc747390e5a4ebf3ddd27c586f3149f8571310b33e4d04126ab6bfc0f2618f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 03:52:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 03:52:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 03:52:11 GMT
GHADiscovery_logo-01.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/8a83eb85861af16dda38219689beecd8/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/8a83eb85861af16dda38219689beecd8/GHADiscovery_logo-01.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acc313c8e285890517b269b02e7244a8293066cbffa2459920bad02e13b056d2

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 03:52:12 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
69774
x-amz-id-2
/QaohiQmbyODC8YLFep4rQclfwR1QLY5LQvb7SR8hrhyTMbYr7uJIE4DWem2QDG5oVKI3nECQSk=
X-Served-By
cache-bma1628-BMA
Last-Modified
Wed, 03 Feb 2021 12:32:51 GMT
Server
AmazonS3
X-Timer
S1651895531.023260,VS0,VE981
ETag
"8a83eb85861af16dda38219689beecd8"
x-amz-request-id
R8SYVEF39631T2K3
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
0
5a902db97f96951c82922874.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/77ca8b6daef7f3a2c81f8266a17cd96a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/77ca8b6daef7f3a2c81f8266a17cd96a/5a902db97f96951c82922874.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 03:52:11 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
4714
x-amz-id-2
8h/3EOV5bLGGTv1M3yRHz4YJu+Aj78IfCzjLPIStYCj8n0wmH4zuHqDrSF9ojFREzn8YUd1BzOc=
X-Served-By
cache-bma1658-BMA
Last-Modified
Wed, 28 Aug 2019 11:49:00 GMT
Server
AmazonS3
X-Timer
S1651895531.170889,VS0,VE687
ETag
"77ca8b6daef7f3a2c81f8266a17cd96a"
x-amz-request-id
R8SHR15PBP5V1C5G
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
0
google-play-badge-logo-png-transparent.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/7314fb9872c6008a0b935b1b7a596511/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/7314fb9872c6008a0b935b1b7a596511/google-play-badge-logo-png-transparent.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0292a66dd2a0c4cc5e558f9b349ce72f1e1603cc77c07dfc6da20933ad3166d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 03:52:12 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
103828
x-amz-id-2
Cpp66OKRZxeUr4fo77WhklO/+XfCFHybPxXcV7DSXnLJf8hF9752OpM8fmvTM9z9j94qR15YZmY=
X-Served-By
cache-bma1680-BMA
Last-Modified
Wed, 28 Aug 2019 11:51:11 GMT
Server
AmazonS3
X-Timer
S1651895531.170844,VS0,VE1033
ETag
"7314fb9872c6008a0b935b1b7a596511"
x-amz-request-id
R8SSSWXQATDV0T84
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
0
phone1.gif
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/f3eb475e-48c4-4511-ae9c-ae27242a7c67/ 		11 MB
11 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/f3eb475e-48c4-4511-ae9c-ae27242a7c67/phone1.gif?&Expires=9223372036854775&Signature=dlI6khXMGxyYbcseecGWf70SpsrT2UXa~pqZjm66GMfNoZYrRGb7TKwy52Mlt-OW5eF6KdJfZrSgw9GJCiCW079G3eSE4lEd5TIuwjJZSicRXFdwusxo6spqYO2dfPscl78MK99r9wrdrMIMJKtiIXa4VgqbfAd26bzScRcRo0oByNILgs5-fGbUnCA2mv3IyXxspXuEdfG9wMggR7AECGncNXDrv8CZqrcMuKJYDJKF6BbcEwXinwnwR1PApq2I-ltfVn6peZO67Zde4A71dEh0ltOxO6wyPpi7pAN60WOEXX3VrW0E7Hxw0VXzl903m14fSrdDEY7mcD~msRwftw__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11f4d3d10b02239da1cb3631bdb65f16ee57122840b57b2837c913a1c434c77d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 03:52:12 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 05:42:48 GMT
server
AmazonS3
x-amz-request-id
FV9JZF1P0FXN550B
etag
"66a0834eb149c98c3da8d4636789cfca"
x-cache
RefreshHit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11123465
x-amz-id-2
NQR++DMJ5JPw35OeBfDvg70Od4AlMel6AGaBPWxvRUJeFPzb/kM/SyhEIfyUA/crg4pnIpBEhvw=
x-amz-cf-id
PVvCMOo54rA26IDTOVGrPgoFcPFJCem7wfcUW-3r6Q_Rn0tm6Nnp9g==
programme_benefits_member-rates.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/194592e7-d492-4916-947c-e623ee860e6d/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/194592e7-d492-4916-947c-e623ee860e6d/programme_benefits_member-rates.png?&Expires=9223372036854775&Signature=CIuO~u5srdsGV1hNu52rDyqUAbbSbLmqA8kOQR-7BDQ30Gjes6m6r2K5BkyM-mRRrVjiNUWYlotgPuuEDcUkiU8ODHOrkFaEKrflg-xA0du3qZUetnRfnhmUW2hE~fwBWYVTiuO3OjJoFQdWBKzd~83JobHKL~HVzgZG5tIkkYDluKo6t3LLMyRDRvN2f1lPmdq~WDT~cMFxV~aCwsXQE-upgDK61MCWXRB1-eJJnbtWdp-Q~MMaq3vvyKjrDwNxGnnS9AIuDf62P4aJAkpRu4grDkamvo30TgY2mxHV~DmZPOT6SkPzXQgBPRk41QtVDE5Vg-D-1KoAeO7iH7nErg__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53f13c9a1ffac7bdbebb071a19fde3c17759b8c283b1aeb5b1df8033a8048eb3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:03:53 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:05:45 GMT
server
AmazonS3
age
31699
etag
"84af30afafcd4cc9f711f8cc0b68faae"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
9985
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
2SE8E8Z35K7ZM8RC
x-amz-id-2
QfPGAiPkBXoCmneVdHCh+h0fXtCBmqKtv1aon11i6SkEdyx7ygo0tolW0YSY9LSgSOc2nR88aFs=
x-amz-cf-id
b7sPXHy394fOgoXrjQx_bTxvCSKZ_ReOSdpB-Iw_P0xhSC9dvcC1ug==
programme_icons_map.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/35010eda-ca0f-4772-a378-3f37111cf70e/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/35010eda-ca0f-4772-a378-3f37111cf70e/programme_icons_map.png?&Expires=9223372036854775&Signature=u1aZWZDXFSfP~u24Xz-nQen3wDOPeromMJIrIuZm7aBnVMRowJftHSGlf3s0vD15tQ6fpwA21Ss62AqT~FGyMrvZNLuzgkbSefKeITyHZdjfxQdcTheE39dvlxLh20y6j-zW4J80ZI~dxVAPP0jPuZS-g3rAoNGYTfadwvji1FT4SYtzQshqJ-ysb3IpWTDVxvpwLilmtjGcPVrXFXT9FQ-UtZUN8Pof-8ifA6Rhkgce7BFH68jUicSgWLffKOlxr1yD6820M1EL-I~DdWtK4CsrsbW6zPexAhfh6Wnhy32Wx5cGP~6iMSMO7kaK9UwFx4TFuCmjUqBskhFpFRkz9w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8078ed0bbb53bb7c5d74339ec6cbe9b65d2b9d92af5e895cbc9524ae8a39825

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 13:09:11 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:06:05 GMT
server
AmazonS3
age
52981
etag
"cbfb38a60067f678d5631085184698af"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
4998
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
FWGC6CQVC38P80W4
x-amz-id-2
pf56mLBZohhLJG7WGuvVhrWa36oeJC3k9T17Ssc9yahyZYv5BRqOGGeC+6pGPuciDB1ZRU/Xv88=
x-amz-cf-id
rG-1STU0GCPVONDeByTWeeFyTLj7U00VK-f_9IXOn5rTkyleRszfGA==
programme_benefits_double-room-upgrade.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c52c4aaa-06a7-410e-8f5d-2b7992e24665/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c52c4aaa-06a7-410e-8f5d-2b7992e24665/programme_benefits_double-room-upgrade.png?&Expires=9223372036854775&Signature=gTfgVFUyDP9uOBvwlARUPG38EMr8hBvT~sOEcO9jNn0bUoiGOsm8Idp99ByoeSc-53jcsMdfVGA5KhHfIvgU48H9nXzjmiG6DklpOSKs19ZhTv-NqUCkbFvZFAgfD1qjzmkNuX8a9WW8ilWF0KeTXpmVk3gR7Ujh6b4ThOtV7OHyTnnRQZh4LNDd8TiuEqh0BShN9rpkAduZnXKpz8o~2Vwhf3PSlAqb~hGdXGTSrr2L992dVnNi4ZKeEqzwxwPIc8~iPbLUg7K3HANf4v4T7LKWLZwa9HPG2pZTcPeMtopEHffAAjCftz4jWJZGFTqyZOj8V-KpJJ9OW15RcbdpUA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2d42eb818051cb8926d69dbbcbc6051250b07949edd1d0a44515f943e8fcb0b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 08:10:24 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:06:24 GMT
server
AmazonS3
age
70908
etag
"f379f8c9a2d3912cc148bb0ea0c2cad9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
10187
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
DG5H36YSNRHTKWG3
x-amz-id-2
7m1g8pLS3MvMxXxBj4EhTmCwr8Gj1zMeITGm+xOV4nTNG81QW38/hvuxblyjpXL7qeS/FffA92g=
x-amz-cf-id
yllfQOTXSetg6wiPZEippd0x5XQt-XxdQ9cajBnOR3ZGAtfICjhDAQ==
4-screens.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/9d3285d3-e371-4258-b143-e0631c08cd10/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/9d3285d3-e371-4258-b143-e0631c08cd10/4-screens.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=jX1kc2DlIE5~8G38rryr2XzSjYKFWdzCTBcJ27bREgiaRtFWEH7GXfIzKbz6Dn4WfcQwGCUBcazq3J1ayO47iVwi-0cXBlRs44RmORSE8NK30hkE0PnW3nVZLpBZmviWC9ydc4x6reAA01vLUMGFn22KSdxbUw61admhdNvTv1ttcBv3NwHnJpATPUPPtDyERy22-StNftqLIrofPBYCzxuNkRtosuDIcj8H8VzP1KKjhhjDv3H5dxoC~3tGEIA8HhXimKi5Wb-XuSURbuFQcZsOl6WMX6qy8yWv7KcpJVwjb4QdmMufPF3gX7ER7wHvb706AjBGf07GBDd8an~kGQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30931aba96d55222cf9f80bd6dfa9714514a2023aff8d192b21ad380f9457686

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 03:52:12 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 07:50:06 GMT
server
AmazonS3
x-amz-request-id
FV9N692RNXJ2NHDK
etag
"643505c9914fb752c4efeb6e00518817"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3149421
x-amz-id-2
1xVK/yTC4WwjDm7qv69ke2FzMNCxi2meVgpw8ierwbCUUX6EnEGT4L7g72iWMZ06XWIuDHgfK2I=
x-amz-cf-id
87o7YeKK-hdkxccbJpW-2RD-bKevFHxpKCL8qjFFBu5hGHJLh1iA2Q==
ig.svg
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/e8871dfd-52ff-4841-b8ab-072a6d5bde4d/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/e8871dfd-52ff-4841-b8ab-072a6d5bde4d/ig.svg?&Expires=9223372036854775&Signature=NoOSAXApp26w83eignVVjiiewMsCHuZ95XooENcd8RR3H4pibIJHazYvmjX5NPDfPQLbtWjM-XDOqvGlb0a-rYFvIFw-JGa3MZJRwEqqHEWTmHDwPx~mfm6JVbDI8mJPMVtWUaU~il4Gd0~GzuhVK5It~kMgdWVyc7VRJdimUDy06F5Zo9g0xqQejVVWZFpjD2WA6dwwueHe45Vbftror8zz0erajKNtDjcS5wPpzADLZHyRcPP6B4JGwCeo8LDdspV0cpAruDKb7TsZzZ0femOXCaU5wn9GxEzzwa8n511COyWdO7NPpSuST9-BOryKbfovUw6uP-SmfoeB504jvQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27a888d4fd49a3fb4128bccf639a7f33598f0b5b6a2ecca69bb9b7c824f631be

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 07:32:03 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 05:23:24 GMT
server
AmazonS3
age
73209
etag
W/"ec22714521bf52af458320416d096beb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-request-id
9JY31236XAHMW5H8
x-amz-cf-id
YM1ukVKA-4A3DYNeb5iIoewOD5MTxdjBRNYQQoU4DzKjDwEP6YABfg==
x-amz-id-2
/M071TZnzB++V5ava4COPUQRZHgEwJ8NVh5EjNUVYuUpjTlgz8quC3PwFYvUQiutGOREVb/TNCM=
fb.svg
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/08f0a957-7a70-4518-9f11-a94698c86676/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/08f0a957-7a70-4518-9f11-a94698c86676/fb.svg?&Expires=9223372036854775&Signature=A2ym3v53g1BCifwdd7KpOs8CHi7npVnGRNb4otNV5h~WrrhVyGGGMnM4HtP2SyJeHEbfZDWSqYSsNiAAY3saUHqRjA52CCdhuc6iHvDndwGUnk4uM2LUmSiTTar2-S9uHHSmFIQBpqCxVj1zzetHJn400l1G7blEGom5KXmIoZWMQxOWjoUqcX-T3BkZjlq6inOTF01X70y-ss8yUhUjrpA5wQnc5QNwH0QRp5-VXUoEef3xClgDLQL1A8kA58cAZ0L-ywCUslpxH6jYTcRPQql1Xdyv61~9X11vrQsXhw1E5iHHwlgdy-b6DitxcFfsTEOYfS2a753iWqX0Haoj0w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dec6aecb8f12104e06ebc02ccd67529d7e36c2d668218cef61763eefcdc3c2d6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 08:39:16 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 05:23:49 GMT
server
AmazonS3
age
69176
etag
W/"880b2b0541bc7ddfd22c2cade3697bdf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-request-id
P94WVSFCPAYVN4WJ
x-amz-cf-id
w74mhL9sObMTifASl1oGYXF2OCwBjPAPQlZ3CY7pPNhJRtDIGXZiLA==
x-amz-id-2
GkFsCmMicNZrgr8C5BEorqH6eltByDa3z2kS6npb4GpgFKTvc3HYIJk54nmjz6A9rbw/U0Y7szc=
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v13/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v13/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://visit.ghadiscovery.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 18:25:29 GMT
x-content-type-options
nosniff
age
293202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26372
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:49:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:25:29 GMT
BACK-TO-TOP.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/9fd9e7902c7628799dabd68466c3d0de/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/9fd9e7902c7628799dabd68466c3d0de/BACK-TO-TOP.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdb17c2858db49d411c805b395e218c8898c25386e3aed37c3123c1070d8eff9

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 03:52:11 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
5320
x-amz-id-2
ueq9fvSsirX9qjPdh2M7mQJlg+RWByWVltl0nbFnJezru2KeGHT2N0M53/1LX9DplEOzSEGUy0I=
X-Served-By
cache-bma1657-BMA
Last-Modified
Mon, 22 Feb 2021 11:53:47 GMT
Server
AmazonS3
X-Timer
S1651895531.203455,VS0,VE698
ETag
"9fd9e7902c7628799dabd68466c3d0de"
x-amz-request-id
R8SP97TB37KCNCGF
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
0
hero-image_smaller-phone.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/31e82387-923d-426d-89b2-b73a3f8facf5/ 		465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/31e82387-923d-426d-89b2-b73a3f8facf5/hero-image_smaller-phone.png?&Expires=9223372036854775&Signature=s7fs1eT8FYHuTpo3-h~~mG7G8SmRypDa-pl2me9AD4csL1dRhNHU9FH2zR2SAXlTdFVBz0P5rYS~oyHJjZ8PHo7mCtdiXZP2yzy1c5NED4mOK4mgwvJDjswuBuXpdCBshYt0lNKTTEUvUIOYCNwW-nraq3x8HcwxBjAZhvDf87CuN0TAu2gbVjS745h5be-yhXEADtJvYSh~thHwdeucGTnQYsS8k6GI93y88c1z0MzInfl7jOp7OFzXCyJQUU9bwBM4-kvKTwlQyE~aGuTKqgCLcVVfw5e~2txYct74NRie9wCYQCtvsfllJrcGBPIHipHZq1KAgMRwO364LZoF2w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0015e7cff603a00ce0461929f0719853a60cd60d60ea5beb9eddcdd91f0b01c3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 12:05:41 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 06:41:53 GMT
server
AmazonS3
age
56791
etag
"a2db55a073b7acc331f87b7027970f74"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
475889
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
HRZBC416KV69Y8YY
x-amz-id-2
cfwPjL6Os60kcjb+JZhFp2PGdZKpPvl93A+hejtk1kXqTuO796VRWLoGDTxiWw8e4vdAV6msa6U=
x-amz-cf-id
AH2dGpx6BIE8uj2cNhoDF0r2SjRojz1BvQGJOejX5cr-rmKiwq3ypw==
ivymode_gha_regular-webfont.woff
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ 		0
0
/
visit.ghadiscovery.com/mobile-app/ 		0
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-101.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-T-ID
null

Response headers

date
Fri, 06 May 2022 12:55:42 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:41 GMT
server
AmazonS3
age
53790
etag
W/"5fdee547038c80f25510012a7ac1a27b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-meta-surrogate-key
website-60cf6452-87b4-45d8-b799-4fb433f99260
x-amz-cf-pop
FRA6-C1
x-amz-request-id
QH619YXP038Q38PZ
x-amz-cf-id
wpl8ScBh0-NLaioxaQk49X1xsmcH9kmgHbr0q3ve1Rtab-tpdtYg5g==
x-amz-id-2
CgZ/Hi5WA5snF84/uK6ONt67JmNjPgd6pASulUE77c24efLSw25nUbEqFD0CktQapMnYC/s3Z5g=
3-new-app.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c35c0f1d-18e6-4e20-b374-89fc337909bb/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c35c0f1d-18e6-4e20-b374-89fc337909bb/3-new-app.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=IpO7~HBDLR7YfuoQxxzLNf1NkU0FGnAUNLrcCBrBc1~R7NADCed3TU-B2K-KyzwUIDWvMqOyhi3tUataH5Xz39wPGnBiWNh5vQZ3GaLeErKxzoclM9Zri24dHhNTYyw8XUToc7PB8vkplpEh8UMvVEexFwrmXGX7X8Ouo~sBZZd-fymu~1757QRxZgYztt7jF13tbtkDg8aYUgT9v5IhZtE6IA8ueZYBMltGb6JCB5wBA5bK7102eIruS98AxuzGxqX5ZZ2-uzuDvGViR5fO0l60Og-lNpCeKA9TWZe8cm7PVG6Yh4MwRplrBkuVNIhwGtRlbkbCZbw5SjL2v9plCQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c5bfe3691de88a1d3ddedcb61c7149c7263b2319752204014e1ae536a4664d5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 12:05:42 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 09:13:51 GMT
server
AmazonS3
age
56790
etag
"06363bbcd21742da3171ebbf4a77bdbe"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
5838596
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
B3ZVSR7Y7Y7C4D5N
x-amz-id-2
NxzmV9eMq8Nl0obNbXVstCXi1C1sUqLmmYoocuZi1GcUSwpgk+rufEWO+Xy7Srf/OMTcdf2pATk=
x-amz-cf-id
xl0xOCOD_Vv_PpUZ1t0NpyGykCr4AWjONPSeohh8USzySfKUjG-7fQ==
phone4.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d98492b3-769a-406d-9af3-b9dc405a57a3/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d98492b3-769a-406d-9af3-b9dc405a57a3/phone4.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=nWoOCYT86RTBU78bAE8AiwkGITC~F0GpTDbTuo5FCQR-wvqKbT0oSqhgMrZvdMCA5CVtHVx9TO2Ne27P-9M-zjB0W-5PWluKLzOF0YKpTxemM4Hk8rFcawOiFiR4GDGssKdAMdp4QQRcq5IyfBEWmBPcrGHyAiupcsl1LhBCeJx1~GSYxqqVNUKfpatuZftxDvwWGWON9NU6KGuTikKWHgB3tEdCxqbs27JFojT1bBahSOyyDfo9apILe1kC4GTbwwCrGAYHbWddroGn8S6Ea2KOVPsS~C5XwHAqLYEdq0ajkU-AWacDwI5TPyHb80-NIAEZlS62tCZ0p7kB7QnpNA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e185a604cf19a0cb5cac837d95d6a5db91638231e0f9c067c714efa34d1ad91

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 13:09:14 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 11:19:04 GMT
server
AmazonS3
age
52978
etag
"71da3f08fc9838663f90a81603b799d4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
7332144
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
HRZCBWJHVEY22502
x-amz-id-2
yxrpPmjLcO5f00TlEMtdcaorKEmwPaVLvhNpAl71aj7jJ6Qm4aBBSIyPW7+hcABdML0X7TU7SlQ=
x-amz-cf-id
L5k30xqoQTyWUFbg92uwta2zS6e9yDFF0z9SZ1jRsZn8j-lJf-MPVg==
phone2.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/4e50dad4-0ed6-466d-b0f0-cfde400c22e0/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/4e50dad4-0ed6-466d-b0f0-cfde400c22e0/phone2.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=O8BEDZOKsU8xA0A7CDDkkItfWiV5iXYjb0t08B8YlirhnT49sqzAk7j7iS~j3Yfo9rKprthP1JfO858P8RlzSqVD~MnbgBpPBuq7hcwEdgTqokocWNGgddW0fFMJyGc3kY-6CvFrbhGM8K0T7Fa-b4RfqemS20lFtn4nB6vTDTGOLgMmvsczLzrXvWnVxbVh~ll2xPkLV2KYdD8o3jYckuybJJop448XL4qvgCT7EMizurfAS7k7-bofmxLMaLvp0ZNhUEsY2pudSSJ3aacQfCp9m5CO9c1RuiN-aZPRbco-frz1y8W~yr9ZsGoXOHsh1873YMu-PPhP8D5u7DAphA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14d580da47bfefe15c165040f16688f27da86af8c731ba3698967d22fbd92364

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 13:09:14 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 11:21:26 GMT
server
AmazonS3
age
52978
etag
"57068a7e997232d261078caf5e32ca42"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
3965168
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
X82QMPC5Q5T5S785
x-amz-id-2
NfosQleyeSMZhXq+AscF/n6Ec60YaFhQR/elOieoUrt3wMnHUqjYdZG2Sz5qaNfsoAfjD50Zr9k=
x-amz-cf-id
vnOVGn5QNZpVEIAiQLGhi6MOmgKZzGGuTMKr10-CLmIE4gJ6XujZKw==
much-more-to-expore-no-text.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/64915353-349b-444e-8613-538806b373fa/ 		664 KB
665 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/64915353-349b-444e-8613-538806b373fa/much-more-to-expore-no-text.png?&Expires=9223372036854775&Signature=j31c9J1iKgWKzPkU8kMjJT4-3rHN3ewB4PnElftPtREQTuDdXh-pxkDRm63TDt90eJ8Cbt5Zq2uXO48KHohWzMxZfQNETKwCxmICDpNM0RBA4CSV8lTO~QbSsxl3DUMMHgR-SG-GnZDep6ZlSJGerllZHQ6Sl7VxngasHdMS8WqtjtKT32F6OKYWmtB6VySGziBpBGXARRltoyvUX~jMHY4B78x~YLwAs5vw8Wt7mKdakI57tOx60Tg3WCF6u0ErFP-cjeA-bPAlLu2s8LUejGtbDxOCziHr6kntkwpC9FtamObQZPhba4vDPrdsEMAJmKBognomajRQgFsKtsMwQg__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ed9a6f2ce50f8c483b9b8e0a70c38fc36c3ed3bc70b3b72b82cff311985b713

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 08:10:24 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 06:42:35 GMT
server
AmazonS3
age
70908
etag
"4836bc1cb09baccffe217eb53afc12ed"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
679532
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-request-id
12DRZRW4XVDNQKCE
x-amz-id-2
hBOtGI47kdSVyMqNWN2bChweR1wQGXNt/OTZA1v8E24aYOXili75bmSodcRPGpmcmj6/eCn/PPY=
x-amz-cf-id
VHtnZYc7dxi1r6LqNbj1L9u4HDZzaGAP15TvgBKdKl5vnZMEptOvQw==
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c7cd373cf9b91f1f8b1d889b5d32c1be00ffa0e2d12072f144ea573eb3fb

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569686bf67958b89b6dfd838d7a17945d25db8500c944b355ab0376b0cab7aa7

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		269 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a389d4242715ca3509d3e597ed69dde32e19f5c806e6777f0cd45646cd6ceeb

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d16bl9hbknyxy0.cloudfront.net
URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _BC_CUSTOM_VARS object| $bc boolean| __forceSmoothScrollPolyfill__

1 Cookies

Domain/Path Name / Value
.discoveryloyalty.com/pub Name: 6.interact8.Tta.....N.N...
Value: _ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rbSRk5XcLMYAeJTzdzf5zfCnLDhvnwjRoMzbsGUcMMnzbe5VXtpKX%3DYAUATC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLPFSgIvE1QGyz1l0AOP3OfnpqTWZRFbRboPEZ8Iweo88UA_tXHj3gxWvpIcXVyukSPpO1j0InYifA_qioc0

2 Console Messages

Source Level URL
Text
javascript error URL: https://visit.ghadiscovery.com/mobile-app/?nid=297500377&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=appapplestore
Message:
Access to font at 'https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1' from origin 'https://visit.ghadiscovery.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brandcast-cdn.global.ssl.fastly.net
d16bl9hbknyxy0.cloudfront.net
email.discoveryloyalty.com
fonts.googleapis.com
fonts.gstatic.com
visit.ghadiscovery.com
d16bl9hbknyxy0.cloudfront.net
140.86.227.60
142.250.181.227
151.101.1.194
172.217.18.106
99.86.1.3
99.86.7.101
0015e7cff603a00ce0461929f0719853a60cd60d60ea5beb9eddcdd91f0b01c3
11f4d3d10b02239da1cb3631bdb65f16ee57122840b57b2837c913a1c434c77d
14d580da47bfefe15c165040f16688f27da86af8c731ba3698967d22fbd92364
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a
27a888d4fd49a3fb4128bccf639a7f33598f0b5b6a2ecca69bb9b7c824f631be
2dbe83f2dd50c8b0690fdb63385ba5ed32d3f460eb7361b8e5fa0f2d343b76d1
30931aba96d55222cf9f80bd6dfa9714514a2023aff8d192b21ad380f9457686
3c5bfe3691de88a1d3ddedcb61c7149c7263b2319752204014e1ae536a4664d5
4808c7cd373cf9b91f1f8b1d889b5d32c1be00ffa0e2d12072f144ea573eb3fb
53f13c9a1ffac7bdbebb071a19fde3c17759b8c283b1aeb5b1df8033a8048eb3
569686bf67958b89b6dfd838d7a17945d25db8500c944b355ab0376b0cab7aa7
5ed9a6f2ce50f8c483b9b8e0a70c38fc36c3ed3bc70b3b72b82cff311985b713
6a389d4242715ca3509d3e597ed69dde32e19f5c806e6777f0cd45646cd6ceeb
8e185a604cf19a0cb5cac837d95d6a5db91638231e0f9c067c714efa34d1ad91
96dc747390e5a4ebf3ddd27c586f3149f8571310b33e4d04126ab6bfc0f2618f
a0292a66dd2a0c4cc5e558f9b349ce72f1e1603cc77c07dfc6da20933ad3166d
acc313c8e285890517b269b02e7244a8293066cbffa2459920bad02e13b056d2
cdb17c2858db49d411c805b395e218c8898c25386e3aed37c3123c1070d8eff9
dec6aecb8f12104e06ebc02ccd67529d7e36c2d668218cef61763eefcdc3c2d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2d42eb818051cb8926d69dbbcbc6051250b07949edd1d0a44515f943e8fcb0b
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
f8078ed0bbb53bb7c5d74339ec6cbe9b65d2b9d92af5e895cbc9524ae8a39825