urlscan.io logo urlscan.io
SecurityTrails logo

visit.ghadiscovery.com Open in urlscan Pro
2600:9000:2315:d800:c:f1d3:2640:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGzc9mzcsGc1zfzfMut3aNlfoGy63OoU2XyLbSzevttH7E4vhLm8KYmEk3NS0COF2...
Effective URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUM...
Submission: On April 13 via api from SE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2600:9000:2315:d800:c:f1d3:2640:93a1, located in United States and belongs to AMAZON-02, US. The main domain is visit.ghadiscovery.com.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.
This is the only time visit.ghadiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    140.86.227.60 (Sweden)

ASN43898 (ORCL-AM-OPC1, SE)
PTR: email.discoveryloyalty.com
email.discoveryloyalty.com
2    2600:9000:2315:d800:c:f1d3:2640:93a1 (United States)

ASN16509 (AMAZON-02, US)
visit.ghadiscovery.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
brandcast-cdn.global.ssl.fastly.net
12    2600:9000:2315:da00:10:7805:d600:21 (United States)

ASN16509 (AMAZON-02, US)
d16bl9hbknyxy0.cloudfront.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d16bl9hbknyxy0.cloudfront.net
31 MB
4 fastly.net
brandcast-cdn.global.ssl.fastly.net — Cisco Umbrella Rank: 415972
181 KB
2 ghadiscovery.com
visit.ghadiscovery.com
50 KB
1 gstatic.com
fonts.gstatic.com
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
978 B
1 discoveryloyalty.com
email.discoveryloyalty.com
909 B
21 6
Domain Requested by
12 d16bl9hbknyxy0.cloudfront.net visit.ghadiscovery.com
4 brandcast-cdn.global.ssl.fastly.net visit.ghadiscovery.com
2 visit.ghadiscovery.com visit.ghadiscovery.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com visit.ghadiscovery.com
1 email.discoveryloyalty.com 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
www.ghadiscovery.com
apps.apple.com
play.google.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
*.ghadiscovery.com
Amazon		 2021-11-29 -
2022-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Frame ID: F2C15BA34430F5789ED55CB06C3FFDAD
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobile App - GHA DISCOVERY - Rewarding Life's Journeys

Page URL History Show full URLs

  1. https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGzc9mzcsGc1zfzfMut3aNlfoGy63OoU2XyLbSzevttH7... HTTP 302
    https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

32127 kB
Transfer

32367 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGzc9mzcsGc1zfzfMut3aNlfoGy63OoU2XyLbSzevttH7E4vhLm8KYmEk3NS0COF2CX7bVXtpKX=YYDYAC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLW81cqDi_RXARdmbuo--Y3ughI_9dhapJge_Zz8k_HPA8bOLUj-YA7lZgLx-31MitMpA-XDSpw6pmi5bYMuOoHUl.&_di_=t3pj1ldtl3s3pm6gs2hq796nlt9n4e15qu9lvvbuv9u33tbqrh1g HTTP 302
    https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
visit.ghadiscovery.com/mobile-app/
Redirect Chain
  • https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGzc9mzcsGc1zfzfMut3aNlfoGy63OoU2XyLbSzevttH7E4vhLm8KYmEk3NS0COF2CX7bVXtpKX=YYDYAC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-u...
  • https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
327 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d800:c:f1d3:2640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dbe83f2dd50c8b0690fdb63385ba5ed32d3f460eb7361b8e5fa0f2d343b76d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73344
content-encoding
gzip
content-type
text/html
date
Tue, 12 Apr 2022 11:03:48 GMT
etag
W/"5fdee547038c80f25510012a7ac1a27b"
last-modified
Tue, 12 Apr 2022 10:50:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
CA_IJM9VnOaZhmm6ftmN9MXzRQGtX9btFMPxWpui433FZFiI8uMHig==
x-amz-cf-pop
DUS51-P2
x-amz-id-2
mSmtiKCz4w2IEWboydZZDqpnSAAbBDJODFAumSqFe0NRCOHWIxR7Q9G+4dgfwk//PbZq2Es4328=
x-amz-meta-surrogate-key
website-60cf6452-87b4-45d8-b799-4fb433f99260
x-amz-request-id
FKCHCDR9H19DYP6X
x-cache
Hit from cloudfront

Redirect headers

Cache-Control
no-store, no-cache
Connection
close
Date
Wed, 13 Apr 2022 07:26:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
P3P
policyref="http://policy.rsys8.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
css
fonts.googleapis.com/ 		4 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jost:400,400i,700,700i
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef10599bd145222ddba425e3742e0b495b335ca3f7661fda7cff4e1e6917a7b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 07:26:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Apr 2022 07:26:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Apr 2022 07:26:11 GMT
GHADiscovery_logo-01.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/8a83eb85861af16dda38219689beecd8/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/8a83eb85861af16dda38219689beecd8/GHADiscovery_logo-01.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acc313c8e285890517b269b02e7244a8293066cbffa2459920bad02e13b056d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 07:26:11 GMT
Via
1.1 varnish
Age
724
X-Cache
HIT
Connection
keep-alive
Content-Length
69774
x-amz-id-2
iXH9Ml3g9rY3mupA3X5+eW1v4BHKypZK7LQuEHSzCmt2X+lYRqJ3WBNgMKRsQbEGcyCDbO83/c4=
X-Served-By
cache-hhn4027-HHN
Last-Modified
Wed, 03 Feb 2021 12:32:51 GMT
Server
AmazonS3
X-Timer
S1649834771.136889,VS0,VE1
ETag
"8a83eb85861af16dda38219689beecd8"
x-amz-request-id
Q2JXVC2H2KAVTYC4
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
1
5a902db97f96951c82922874.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/77ca8b6daef7f3a2c81f8266a17cd96a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/77ca8b6daef7f3a2c81f8266a17cd96a/5a902db97f96951c82922874.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 07:26:11 GMT
Via
1.1 varnish
Age
724
X-Cache
HIT
Connection
keep-alive
Content-Length
4714
x-amz-id-2
9GgRK7ZaqgLxGHRJJ+Pir7L1QhXbxc8FRS6Ivx8xnpU5m3RxUCKcrojiDS3kcoflBe9ZBwaQi/g=
X-Served-By
cache-hhn4027-HHN
Last-Modified
Wed, 28 Aug 2019 11:49:00 GMT
Server
AmazonS3
X-Timer
S1649834771.166707,VS0,VE1
ETag
"77ca8b6daef7f3a2c81f8266a17cd96a"
x-amz-request-id
GH3AA8M0DZPCWBNW
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
1
google-play-badge-logo-png-transparent.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/7314fb9872c6008a0b935b1b7a596511/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d28aa49f-0ee1-48a1-b874-895f6859a242/7314fb9872c6008a0b935b1b7a596511/google-play-badge-logo-png-transparent.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0292a66dd2a0c4cc5e558f9b349ce72f1e1603cc77c07dfc6da20933ad3166d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 07:26:11 GMT
Via
1.1 varnish
Age
0
X-Cache
HIT
Connection
keep-alive
Content-Length
103828
x-amz-id-2
dtcogwGmrzjqTUbs290dr0jBx1/EfWQmnzYAWPwDD8RvKHj5eeBClJO7dxpHcfV1Lj7xpu8U46U=
X-Served-By
cache-hhn4081-HHN
Last-Modified
Wed, 28 Aug 2019 11:51:11 GMT
Server
AmazonS3
X-Timer
S1649834771.164034,VS0,VE615
ETag
"7314fb9872c6008a0b935b1b7a596511"
x-amz-request-id
9BYJS07XHQTJ2S6W
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
1
phone1.gif
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/f3eb475e-48c4-4511-ae9c-ae27242a7c67/ 		11 MB
11 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/f3eb475e-48c4-4511-ae9c-ae27242a7c67/phone1.gif?&Expires=9223372036854775&Signature=dlI6khXMGxyYbcseecGWf70SpsrT2UXa~pqZjm66GMfNoZYrRGb7TKwy52Mlt-OW5eF6KdJfZrSgw9GJCiCW079G3eSE4lEd5TIuwjJZSicRXFdwusxo6spqYO2dfPscl78MK99r9wrdrMIMJKtiIXa4VgqbfAd26bzScRcRo0oByNILgs5-fGbUnCA2mv3IyXxspXuEdfG9wMggR7AECGncNXDrv8CZqrcMuKJYDJKF6BbcEwXinwnwR1PApq2I-ltfVn6peZO67Zde4A71dEh0ltOxO6wyPpi7pAN60WOEXX3VrW0E7Hxw0VXzl903m14fSrdDEY7mcD~msRwftw__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11f4d3d10b02239da1cb3631bdb65f16ee57122840b57b2837c913a1c434c77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 19:15:01 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 05:42:48 GMT
server
AmazonS3
age
43870
etag
"66a0834eb149c98c3da8d4636789cfca"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
content-length
11123465
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
58TQGKSZ56343NR0
x-amz-id-2
bReA/S+a7GhgIf+tIU+zM6bIETrBFwCLK9D8kQtjIg8ePHG8RRmncSpA6vxnDAIF6iG6IJJ1aPA=
x-amz-cf-id
dlfNCkW_KvM4NxYF_gO-y9VqLVlX0_BxsBR_AIMXoNnhh5W7Gq4Ahw==
programme_benefits_member-rates.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/194592e7-d492-4916-947c-e623ee860e6d/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/194592e7-d492-4916-947c-e623ee860e6d/programme_benefits_member-rates.png?&Expires=9223372036854775&Signature=CIuO~u5srdsGV1hNu52rDyqUAbbSbLmqA8kOQR-7BDQ30Gjes6m6r2K5BkyM-mRRrVjiNUWYlotgPuuEDcUkiU8ODHOrkFaEKrflg-xA0du3qZUetnRfnhmUW2hE~fwBWYVTiuO3OjJoFQdWBKzd~83JobHKL~HVzgZG5tIkkYDluKo6t3LLMyRDRvN2f1lPmdq~WDT~cMFxV~aCwsXQE-upgDK61MCWXRB1-eJJnbtWdp-Q~MMaq3vvyKjrDwNxGnnS9AIuDf62P4aJAkpRu4grDkamvo30TgY2mxHV~DmZPOT6SkPzXQgBPRk41QtVDE5Vg-D-1KoAeO7iH7nErg__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53f13c9a1ffac7bdbebb071a19fde3c17759b8c283b1aeb5b1df8033a8048eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:30:30 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:05:45 GMT
server
AmazonS3
age
71742
etag
"84af30afafcd4cc9f711f8cc0b68faae"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
9985
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
SHC9Z58DPWKAKS5G
x-amz-id-2
0nD136e+zbgNz9wiVp9eySsRw8qXyLTtf1Nk1PzNsnwMD/HhqDcvhUWkcL3lHP1Ymd6gDdw0lF0=
x-amz-cf-id
-uZSK9WqZKfVgWbwshM_nhuFMFbuJvrMcScRPnuWb4Zaqwyx4TjpdQ==
programme_icons_map.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/35010eda-ca0f-4772-a378-3f37111cf70e/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/35010eda-ca0f-4772-a378-3f37111cf70e/programme_icons_map.png?&Expires=9223372036854775&Signature=u1aZWZDXFSfP~u24Xz-nQen3wDOPeromMJIrIuZm7aBnVMRowJftHSGlf3s0vD15tQ6fpwA21Ss62AqT~FGyMrvZNLuzgkbSefKeITyHZdjfxQdcTheE39dvlxLh20y6j-zW4J80ZI~dxVAPP0jPuZS-g3rAoNGYTfadwvji1FT4SYtzQshqJ-ysb3IpWTDVxvpwLilmtjGcPVrXFXT9FQ-UtZUN8Pof-8ifA6Rhkgce7BFH68jUicSgWLffKOlxr1yD6820M1EL-I~DdWtK4CsrsbW6zPexAhfh6Wnhy32Wx5cGP~6iMSMO7kaK9UwFx4TFuCmjUqBskhFpFRkz9w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8078ed0bbb53bb7c5d74339ec6cbe9b65d2b9d92af5e895cbc9524ae8a39825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:30:31 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:06:05 GMT
server
AmazonS3
age
71741
etag
"cbfb38a60067f678d5631085184698af"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
4998
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
QY12SEZ7CWPS0DKF
x-amz-id-2
IT3WTiDRkgmLKOWUdI+SWvAqhkGI0sg9DqNH/fZ61Bn8RCVWvEMXoY3u/fZhhaeUXP0UnWtwgJg=
x-amz-cf-id
fgWJdGbckW-RO9LhmSwYHE-WX4WFAXNgnyMUl7IaVKdHGjzfyWkamg==
programme_benefits_double-room-upgrade.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c52c4aaa-06a7-410e-8f5d-2b7992e24665/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c52c4aaa-06a7-410e-8f5d-2b7992e24665/programme_benefits_double-room-upgrade.png?&Expires=9223372036854775&Signature=gTfgVFUyDP9uOBvwlARUPG38EMr8hBvT~sOEcO9jNn0bUoiGOsm8Idp99ByoeSc-53jcsMdfVGA5KhHfIvgU48H9nXzjmiG6DklpOSKs19ZhTv-NqUCkbFvZFAgfD1qjzmkNuX8a9WW8ilWF0KeTXpmVk3gR7Ujh6b4ThOtV7OHyTnnRQZh4LNDd8TiuEqh0BShN9rpkAduZnXKpz8o~2Vwhf3PSlAqb~hGdXGTSrr2L992dVnNi4ZKeEqzwxwPIc8~iPbLUg7K3HANf4v4T7LKWLZwa9HPG2pZTcPeMtopEHffAAjCftz4jWJZGFTqyZOj8V-KpJJ9OW15RcbdpUA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2d42eb818051cb8926d69dbbcbc6051250b07949edd1d0a44515f943e8fcb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 03:14:08 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 10:06:24 GMT
server
AmazonS3
age
15123
etag
"f379f8c9a2d3912cc148bb0ea0c2cad9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
10187
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
TD2768BM1KB7CQZJ
x-amz-id-2
CL2n8Sur/mQ4heQS2j+SWllMNYDouBVPN+t2diqoRcfC2kzHnG0Av+fCa/1DqCBnKpwNdNWS4Ts=
x-amz-cf-id
wa22nYQQHoxo3LSJhBcPhhuppbcjmylxUQ4bPEAqBoHJ3DMQ2D7OxQ==
4-screens.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/9d3285d3-e371-4258-b143-e0631c08cd10/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/9d3285d3-e371-4258-b143-e0631c08cd10/4-screens.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=jX1kc2DlIE5~8G38rryr2XzSjYKFWdzCTBcJ27bREgiaRtFWEH7GXfIzKbz6Dn4WfcQwGCUBcazq3J1ayO47iVwi-0cXBlRs44RmORSE8NK30hkE0PnW3nVZLpBZmviWC9ydc4x6reAA01vLUMGFn22KSdxbUw61admhdNvTv1ttcBv3NwHnJpATPUPPtDyERy22-StNftqLIrofPBYCzxuNkRtosuDIcj8H8VzP1KKjhhjDv3H5dxoC~3tGEIA8HhXimKi5Wb-XuSURbuFQcZsOl6WMX6qy8yWv7KcpJVwjb4QdmMufPF3gX7ER7wHvb706AjBGf07GBDd8an~kGQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30931aba96d55222cf9f80bd6dfa9714514a2023aff8d192b21ad380f9457686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 19:15:01 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 07:50:06 GMT
server
AmazonS3
age
43870
etag
"643505c9914fb752c4efeb6e00518817"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
3149421
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
58TTR23Z0FNR3JJV
x-amz-id-2
Fi7XxmN+84uUDWP+Udc5VeEhXsKs6RAuTnEp8BFOv6uw5gJZo67Hn2J5zJHdJPC+AnvzJueKvfU=
x-amz-cf-id
U-Gyw1uVJQXH76HsslNIOf0dMbY7NZ8rpTJAGd23YZlaUOJaJzmnSg==
ig.svg
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/e8871dfd-52ff-4841-b8ab-072a6d5bde4d/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/e8871dfd-52ff-4841-b8ab-072a6d5bde4d/ig.svg?&Expires=9223372036854775&Signature=NoOSAXApp26w83eignVVjiiewMsCHuZ95XooENcd8RR3H4pibIJHazYvmjX5NPDfPQLbtWjM-XDOqvGlb0a-rYFvIFw-JGa3MZJRwEqqHEWTmHDwPx~mfm6JVbDI8mJPMVtWUaU~il4Gd0~GzuhVK5It~kMgdWVyc7VRJdimUDy06F5Zo9g0xqQejVVWZFpjD2WA6dwwueHe45Vbftror8zz0erajKNtDjcS5wPpzADLZHyRcPP6B4JGwCeo8LDdspV0cpAruDKb7TsZzZ0femOXCaU5wn9GxEzzwa8n511COyWdO7NPpSuST9-BOryKbfovUw6uP-SmfoeB504jvQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27a888d4fd49a3fb4128bccf639a7f33598f0b5b6a2ecca69bb9b7c824f631be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 06:07:20 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 05:23:24 GMT
server
AmazonS3
age
4731
etag
W/"ec22714521bf52af458320416d096beb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
x-amz-request-id
2BTS3ZC04CJ65JKD
x-amz-cf-id
FphQV9GbO75krzsyg6QPkCDw1PRgALqZVZ4ru-eSRfm8pD6fyjrGYA==
x-amz-id-2
jtW6cSEJ4neXqdvDybEP5GVJcy8TUMPAOsvI2GkJjGcCaM7WBZbHwHJb4aW/LkkJ7t3MaTCghyE=
fb.svg
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/08f0a957-7a70-4518-9f11-a94698c86676/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/08f0a957-7a70-4518-9f11-a94698c86676/fb.svg?&Expires=9223372036854775&Signature=A2ym3v53g1BCifwdd7KpOs8CHi7npVnGRNb4otNV5h~WrrhVyGGGMnM4HtP2SyJeHEbfZDWSqYSsNiAAY3saUHqRjA52CCdhuc6iHvDndwGUnk4uM2LUmSiTTar2-S9uHHSmFIQBpqCxVj1zzetHJn400l1G7blEGom5KXmIoZWMQxOWjoUqcX-T3BkZjlq6inOTF01X70y-ss8yUhUjrpA5wQnc5QNwH0QRp5-VXUoEef3xClgDLQL1A8kA58cAZ0L-ywCUslpxH6jYTcRPQql1Xdyv61~9X11vrQsXhw1E5iHHwlgdy-b6DitxcFfsTEOYfS2a753iWqX0Haoj0w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dec6aecb8f12104e06ebc02ccd67529d7e36c2d668218cef61763eefcdc3c2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 06:07:20 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 05:23:49 GMT
server
AmazonS3
age
4731
etag
W/"880b2b0541bc7ddfd22c2cade3697bdf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
x-amz-request-id
DJCPF6A6MD8VJAZ5
x-amz-cf-id
AW8aDfZ4gswsOnwYjkvGMQK5-6RkMKzeZkt7vNCTVm2_pVU4JOUIvA==
x-amz-id-2
sYd9INNvm7APn8o8XnVAi7pVA6Hp+46AFdWzISa4Qd6t9hz+cmS17nyMBuYb17nlfvp9VPfC4MQ=
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v12/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v12/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://visit.ghadiscovery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 14:57:44 GMT
x-content-type-options
nosniff
age
577707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26372
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:22:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 14:57:44 GMT
BACK-TO-TOP.png
brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/9fd9e7902c7628799dabd68466c3d0de/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcast-cdn.global.ssl.fastly.net/beeb30cd-8735-460a-ae40-08be760e6dc2/5deb735e-3969-48c1-9fd8-766cad8c0944/9fd9e7902c7628799dabd68466c3d0de/BACK-TO-TOP.png
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdb17c2858db49d411c805b395e218c8898c25386e3aed37c3123c1070d8eff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 07:26:11 GMT
Via
1.1 varnish
Age
3077
X-Cache
HIT
Connection
keep-alive
Content-Length
5320
x-amz-id-2
HCmA617B7W3FOgY+yjxcZGA7fPoKvdw+DtknPGj8aSGpR5rwwipLlE6NEw9RuG10DYuSFI169uc=
X-Served-By
cache-hhn4027-HHN
Last-Modified
Mon, 22 Feb 2021 11:53:47 GMT
Server
AmazonS3
X-Timer
S1649834771.208723,VS0,VE1
ETag
"9fd9e7902c7628799dabd68466c3d0de"
x-amz-request-id
4ASW7ZVFF2NFEMY9
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
X-Cache-Hits
1
hero-image_smaller-phone.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/31e82387-923d-426d-89b2-b73a3f8facf5/ 		465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/31e82387-923d-426d-89b2-b73a3f8facf5/hero-image_smaller-phone.png?&Expires=9223372036854775&Signature=s7fs1eT8FYHuTpo3-h~~mG7G8SmRypDa-pl2me9AD4csL1dRhNHU9FH2zR2SAXlTdFVBz0P5rYS~oyHJjZ8PHo7mCtdiXZP2yzy1c5NED4mOK4mgwvJDjswuBuXpdCBshYt0lNKTTEUvUIOYCNwW-nraq3x8HcwxBjAZhvDf87CuN0TAu2gbVjS745h5be-yhXEADtJvYSh~thHwdeucGTnQYsS8k6GI93y88c1z0MzInfl7jOp7OFzXCyJQUU9bwBM4-kvKTwlQyE~aGuTKqgCLcVVfw5e~2txYct74NRie9wCYQCtvsfllJrcGBPIHipHZq1KAgMRwO364LZoF2w__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0015e7cff603a00ce0461929f0719853a60cd60d60ea5beb9eddcdd91f0b01c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 03:14:08 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 06:41:53 GMT
server
AmazonS3
age
15124
etag
"a2db55a073b7acc331f87b7027970f74"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
475889
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
TD25PN7QF8CY21XX
x-amz-id-2
ixJt+ElTzimpJIFZzQlN5rhN0OR8TXI/7sze6f3v/MxA9Y52BVrFZaqBi3t32cOeORVPs0TV8TU=
x-amz-cf-id
14mOQcXmAkw5raG9PXJb71IwDFd5rtzOb30sueTKjC6IbrEzL1t9Bg==
ivymode_gha_regular-webfont.woff
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ 		0
0
/
visit.ghadiscovery.com/mobile-app/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d800:c:f1d3:2640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-T-ID
null

Response headers

date
Tue, 12 Apr 2022 11:03:48 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:41 GMT
server
AmazonS3
age
73344
etag
W/"5fdee547038c80f25510012a7ac1a27b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-meta-surrogate-key
website-60cf6452-87b4-45d8-b799-4fb433f99260
x-amz-cf-pop
DUS51-P2
x-amz-request-id
FKCHCDR9H19DYP6X
x-amz-cf-id
FjCPNj5otULnLE0ifBmg7NFvf4LZYaYh60eUXzaL1AqxWkCQjDyFWw==
x-amz-id-2
mSmtiKCz4w2IEWboydZZDqpnSAAbBDJODFAumSqFe0NRCOHWIxR7Q9G+4dgfwk//PbZq2Es4328=
3-new-app.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c35c0f1d-18e6-4e20-b374-89fc337909bb/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/c35c0f1d-18e6-4e20-b374-89fc337909bb/3-new-app.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=IpO7~HBDLR7YfuoQxxzLNf1NkU0FGnAUNLrcCBrBc1~R7NADCed3TU-B2K-KyzwUIDWvMqOyhi3tUataH5Xz39wPGnBiWNh5vQZ3GaLeErKxzoclM9Zri24dHhNTYyw8XUToc7PB8vkplpEh8UMvVEexFwrmXGX7X8Ouo~sBZZd-fymu~1757QRxZgYztt7jF13tbtkDg8aYUgT9v5IhZtE6IA8ueZYBMltGb6JCB5wBA5bK7102eIruS98AxuzGxqX5ZZ2-uzuDvGViR5fO0l60Og-lNpCeKA9TWZe8cm7PVG6Yh4MwRplrBkuVNIhwGtRlbkbCZbw5SjL2v9plCQ__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c5bfe3691de88a1d3ddedcb61c7149c7263b2319752204014e1ae536a4664d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:30:31 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 09:13:51 GMT
server
AmazonS3
age
71741
etag
"06363bbcd21742da3171ebbf4a77bdbe"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
5838596
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
DJCY2076NBS6VKTH
x-amz-id-2
Y7SwX9vKms9c07Ewt9Rk5iqPf9UWxPMEHccjeQr0G5Ui5kOxLy841+UyldqmaymGI/9n4QNi7gE=
x-amz-cf-id
J1yovFOJ0NMiByQ4AXrQY80n7BQMf0wxY28IDISXaweWzh87J97uZA==
phone4.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d98492b3-769a-406d-9af3-b9dc405a57a3/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/d98492b3-769a-406d-9af3-b9dc405a57a3/phone4.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=nWoOCYT86RTBU78bAE8AiwkGITC~F0GpTDbTuo5FCQR-wvqKbT0oSqhgMrZvdMCA5CVtHVx9TO2Ne27P-9M-zjB0W-5PWluKLzOF0YKpTxemM4Hk8rFcawOiFiR4GDGssKdAMdp4QQRcq5IyfBEWmBPcrGHyAiupcsl1LhBCeJx1~GSYxqqVNUKfpatuZftxDvwWGWON9NU6KGuTikKWHgB3tEdCxqbs27JFojT1bBahSOyyDfo9apILe1kC4GTbwwCrGAYHbWddroGn8S6Ea2KOVPsS~C5XwHAqLYEdq0ajkU-AWacDwI5TPyHb80-NIAEZlS62tCZ0p7kB7QnpNA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e185a604cf19a0cb5cac837d95d6a5db91638231e0f9c067c714efa34d1ad91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:30:31 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 11:19:04 GMT
server
AmazonS3
age
71741
etag
"71da3f08fc9838663f90a81603b799d4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
7332144
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
9ZNG8MK8Y46JGYQ6
x-amz-id-2
CuJsRE+Lrq0ufDfKL9I50E5tS27Vrhl3EVBpkKrNJZSVPbccLCgeKdEHoqFI6V2SEYNl8W0bw8g=
x-amz-cf-id
uHkKE0vu6w_rxEjha0Uukk-rq4kjk-u-_vtKweEVX6e-diWfWL60hA==
phone2.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/4e50dad4-0ed6-466d-b0f0-cfde400c22e0/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/4e50dad4-0ed6-466d-b0f0-cfde400c22e0/phone2.png?w=2400&h=2400&fit=inside&Expires=9223372036854775&Signature=O8BEDZOKsU8xA0A7CDDkkItfWiV5iXYjb0t08B8YlirhnT49sqzAk7j7iS~j3Yfo9rKprthP1JfO858P8RlzSqVD~MnbgBpPBuq7hcwEdgTqokocWNGgddW0fFMJyGc3kY-6CvFrbhGM8K0T7Fa-b4RfqemS20lFtn4nB6vTDTGOLgMmvsczLzrXvWnVxbVh~ll2xPkLV2KYdD8o3jYckuybJJop448XL4qvgCT7EMizurfAS7k7-bofmxLMaLvp0ZNhUEsY2pudSSJ3aacQfCp9m5CO9c1RuiN-aZPRbco-frz1y8W~yr9ZsGoXOHsh1873YMu-PPhP8D5u7DAphA__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14d580da47bfefe15c165040f16688f27da86af8c731ba3698967d22fbd92364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:30:30 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 11:21:26 GMT
server
AmazonS3
age
71742
etag
"57068a7e997232d261078caf5e32ca42"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
3965168
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
WT8TF9WAZK7Z18SV
x-amz-id-2
hK1p8wIOhLQMbo9yI21FJzagvzwZL6aEri8ubjN0aL3SJYyg/71zj2LJR0x0x2Lpxz5KAog4ZiQ=
x-amz-cf-id
Cye9S0Sx4hou1ca2vMr22x-O1oxMB-NMM6oIY-cNrrCdvrtZMUK-9Q==
much-more-to-expore-no-text.png
d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/64915353-349b-444e-8613-538806b373fa/ 		664 KB
665 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/64915353-349b-444e-8613-538806b373fa/much-more-to-expore-no-text.png?&Expires=9223372036854775&Signature=j31c9J1iKgWKzPkU8kMjJT4-3rHN3ewB4PnElftPtREQTuDdXh-pxkDRm63TDt90eJ8Cbt5Zq2uXO48KHohWzMxZfQNETKwCxmICDpNM0RBA4CSV8lTO~QbSsxl3DUMMHgR-SG-GnZDep6ZlSJGerllZHQ6Sl7VxngasHdMS8WqtjtKT32F6OKYWmtB6VySGziBpBGXARRltoyvUX~jMHY4B78x~YLwAs5vw8Wt7mKdakI57tOx60Tg3WCF6u0ErFP-cjeA-bPAlLu2s8LUejGtbDxOCziHr6kntkwpC9FtamObQZPhba4vDPrdsEMAJmKBognomajRQgFsKtsMwQg__&Key-Pair-Id=K2SKI2Y48Y62V1
Requested by
Host: visit.ghadiscovery.com
URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:10:7805:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ed9a6f2ce50f8c483b9b8e0a70c38fc36c3ed3bc70b3b72b82cff311985b713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visit.ghadiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 21:13:02 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Sun, 21 Nov 2021 06:42:35 GMT
server
AmazonS3
age
36790
etag
"4836bc1cb09baccffe217eb53afc12ed"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
679532
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
6W1362K3HV8FT8EQ
x-amz-id-2
sXXYzkc5kmGJ5De1gLVRedM4C68kvvY4A/5Ob94ssxQcMDR4sJJikR/B8BTHWmqF9p35R9euMsE=
x-amz-cf-id
Xm4diNSfkXn5tEv6a42IoUBhc5iOpsxqoY_woqEcqun35OHL1B__9A==
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c7cd373cf9b91f1f8b1d889b5d32c1be00ffa0e2d12072f144ea573eb3fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569686bf67958b89b6dfd838d7a17945d25db8500c944b355ab0376b0cab7aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		269 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a389d4242715ca3509d3e597ed69dde32e19f5c806e6777f0cd45646cd6ceeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d16bl9hbknyxy0.cloudfront.net
URL
https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _BC_CUSTOM_VARS object| $bc boolean| __forceSmoothScrollPolyfill__

1 Cookies

Domain/Path Name / Value
.discoveryloyalty.com/pub Name: 6.interact8.Tta.....N.N...
Value: _ri_=X0Gzc2X%3DAQpglLjHJlCQGzc9mzcsGc1zfzfMut3aNlfoGy63OoU2XyLbSzevttH7E4vhLm8KYmEk3NS0COF2CX7bVXtpKX%3DYYDYAC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLW81cqDi_RXARdmbuo--Y3ughI_9dhapJge_Zz8k_HPA8bOLUj-YA7lZgLx-31MitMpA-XDSpw6pmi5bYMuOoHUl

2 Console Messages

Source Level URL
Text
javascript error URL: https://visit.ghadiscovery.com/mobile-app/?nid=188262&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=202204ACCTSUMM&utm_content=appgoogleplay
Message:
Access to font at 'https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1' from origin 'https://visit.ghadiscovery.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d16bl9hbknyxy0.cloudfront.net/beeb30cd-8735-460a-ae40-08be760e6dc2/ef234db4-1926-483f-8414-7d362e2bd1d7/ivymode_gha_regular-webfont.woff?&Expires=9223372036854775&Signature=KWh-BwVLuAX9VRRpF9cF7OXsZNQ6SWOA4a02Ix2zHAdcsuKJckBkhxzOBMv2NoCBcxQZrSyW6wUEQ0V1lK78rp7p3VRm6UKUv6I8mslLhHXtBggSM8zBiu4wEpzBw3mpZTEnVcpP7kerLSUvwyc0zEjrrPOAOaHNCMq4PRdK7yCgdw3UXMqkzy3m-Mtlk9TN9At8Q6cSagZ0ic6n~JgYuHy220edo9AwwzI6itCHn6iPhwS7UayjCPYEInIIAyDNO1U14rVX2-3PTCyJQuBPnP1uKw6G~x9NCFD0qlnavL0x12exJ3EyHv41kXdCGhq8P0oGvhYMM0VJGWj2qKrG9Q__&Key-Pair-Id=K2SKI2Y48Y62V1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brandcast-cdn.global.ssl.fastly.net
d16bl9hbknyxy0.cloudfront.net
email.discoveryloyalty.com
fonts.googleapis.com
fonts.gstatic.com
visit.ghadiscovery.com
d16bl9hbknyxy0.cloudfront.net
140.86.227.60
151.101.65.194
2600:9000:2315:d800:c:f1d3:2640:93a1
2600:9000:2315:da00:10:7805:d600:21
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
0015e7cff603a00ce0461929f0719853a60cd60d60ea5beb9eddcdd91f0b01c3
11f4d3d10b02239da1cb3631bdb65f16ee57122840b57b2837c913a1c434c77d
14d580da47bfefe15c165040f16688f27da86af8c731ba3698967d22fbd92364
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a
27a888d4fd49a3fb4128bccf639a7f33598f0b5b6a2ecca69bb9b7c824f631be
2dbe83f2dd50c8b0690fdb63385ba5ed32d3f460eb7361b8e5fa0f2d343b76d1
30931aba96d55222cf9f80bd6dfa9714514a2023aff8d192b21ad380f9457686
3c5bfe3691de88a1d3ddedcb61c7149c7263b2319752204014e1ae536a4664d5
4808c7cd373cf9b91f1f8b1d889b5d32c1be00ffa0e2d12072f144ea573eb3fb
53f13c9a1ffac7bdbebb071a19fde3c17759b8c283b1aeb5b1df8033a8048eb3
569686bf67958b89b6dfd838d7a17945d25db8500c944b355ab0376b0cab7aa7
5ed9a6f2ce50f8c483b9b8e0a70c38fc36c3ed3bc70b3b72b82cff311985b713
6a389d4242715ca3509d3e597ed69dde32e19f5c806e6777f0cd45646cd6ceeb
8e185a604cf19a0cb5cac837d95d6a5db91638231e0f9c067c714efa34d1ad91
a0292a66dd2a0c4cc5e558f9b349ce72f1e1603cc77c07dfc6da20933ad3166d
acc313c8e285890517b269b02e7244a8293066cbffa2459920bad02e13b056d2
cdb17c2858db49d411c805b395e218c8898c25386e3aed37c3123c1070d8eff9
dec6aecb8f12104e06ebc02ccd67529d7e36c2d668218cef61763eefcdc3c2d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef10599bd145222ddba425e3742e0b495b335ca3f7661fda7cff4e1e6917a7b6
f2d42eb818051cb8926d69dbbcbc6051250b07949edd1d0a44515f943e8fcb0b
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
f8078ed0bbb53bb7c5d74339ec6cbe9b65d2b9d92af5e895cbc9524ae8a39825