urlscan.io logo urlscan.io
SecurityTrails logo

info.sendio.com Open in urlscan Pro
18.196.95.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sav.sendio.net/curetonmidstream.com/sav?ua=chris.sigrist&sa=tburrows%40imesolutions.com&id=1566318765.17056.1.0...
Effective URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Submission Tags: falconsandbox
Submission: On October 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 63 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is info.sendio.com.
This is the only time info.sendio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.73.176.125 14618 (AMAZON-AES)
1 2 18.196.95.178 16509 (AMAZON-02)
3 54.192.206.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 216.58.212.162 15169 (GOOGLE)
2 54.192.206.125 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.222.177.192 16509 (AMAZON-02)
1 34.224.248.58 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 151.101.193.131 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.210.250.97 16625 (AKAMAI-AS)
1 2600:9000:207... 16509 (AMAZON-02)
1 184.72.216.220 14618 (AMAZON-AES)
1 52.222.176.228 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2600:9000:209... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.85.32.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.72.155.146 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
63 30
1    184.73.176.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-176-125.compute-1.amazonaws.com
sav.sendio.net
2    18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
info.sendio.com
3    54.192.206.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-64.ham50.r.cloudfront.net
builder-assets.unbounce.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
2    54.192.206.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-125.ham50.r.cloudfront.net
assets.ub-analytics.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    52.222.177.192 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-177-192.ham50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    34.224.248.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-248-58.compute-1.amazonaws.com
events.ub-analytics.com
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    151.101.193.131 (United States)

ASN54113 (FASTLY, US)
f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
610df60283ce46159d7012c382c77621.js.ubembed.com
3    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    23.210.250.97 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-97.deploy.static.akamaitechnologies.com
contextual.media.net
1    2600:9000:2070:9800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    184.72.216.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-216-220.compute-1.amazonaws.com
i.kissmetrics.com
1    52.222.176.228 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-176-228.ham50.r.cloudfront.net
scripts.kissmetrics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2093:d000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.85.32.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-111.ham50.r.cloudfront.net
assets.ubembed.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.72.155.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-155-146.compute-1.amazonaws.com
trk.kissmetrics.com
7    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
1    2a00:1450:400c:c0c::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
18ede500a885fd0b217b09c8226c224c.safeframe.googlesyndication.com
8    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net info.sendio.com
securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
4 d9hhrg4mnvzow.cloudfront.net info.sendio.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 trk.kissmetrics.com scripts.kissmetrics.com
3 www.google.com www.googletagmanager.com
info.sendio.com
securepubads.g.doubleclick.net
3 builder-assets.unbounce.com info.sendio.com
2 rules.quantcount.com 1 redirects info.sendio.com
2 www.google-analytics.com info.sendio.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com 1 redirects info.sendio.com
2 assets.ub-analytics.com info.sendio.com
assets.ub-analytics.com
2 info.sendio.com 1 redirects
1 18ede500a885fd0b217b09c8226c224c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.gstatic.com www.google.com
1 assets.ubembed.com f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
1 www.google.de info.sendio.com
1 stats.g.doubleclick.net www.google-analytics.com
1 scripts.kissmetrics.com info.sendio.com
1 i.kissmetrics.com info.sendio.com
1 quantcast.mgr.consensu.org info.sendio.com
1 610df60283ce46159d7012c382c77621.js.ubembed.com www.googletagmanager.com
1 contextual.media.net www.googletagmanager.com
1 f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 events.ub-analytics.com info.sendio.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 code.jquery.com info.sendio.com
1 ajax.googleapis.com info.sendio.com
1 sav.sendio.net 1 redirects
63 33

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
z.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-02 -
2021-04-23		 8 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-05-26		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
assets.ubembed.com
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Frame ID: B41F2B1FE4D93AE036F64CA78F04A51D
Requests: 48 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhNlDy0ZkciLcsgFG3GgJzQhZRBcrRI8ffxnbiNZOmS0a7SWExS7eNMTb-Oz8c3k4Lm801k7L8YegIW6crvA5sL1ngdQNXGZ_tx5_ASxX2rVlGGeM_P2GzpI3Ualsi5OU2rygQRHWHHgHKOnTPWwpuHp8lG3BK7lFMtlVv9LNf47hTWavynVsvv4pkdTzYC3IQzXdAPjBCczMhjC7Iy3k6W0Ewj1hxuVzxVgOqbdcTxf9xfG3U0XMWuZM9TDwO2i_SeE-BvNuy1UxN8AS6CmQV4dDjDaZxSKg&sai=AMfl-YRnlexKdakKvK6uYmMNgbamND-pXGPphLNubLwTAxepV-HxkP8lUy7QNba69E6Mv6CVurixBJuTl-eWiFfb7_W3kK5-HwPTvgB5FzsX8jMvTrENr1R0ZhfzjANS1gw&sig=Cg0ArKJSzNbOD8t1CdGaEAE&adurl=
Frame ID: 2DE71CC3DA2E21DEAE7B8A686E5AA29E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRoU3eyhoCCCnZYafD6BSt3lFT43F8CakaBPwf3ga8oCeYQUhJdMOKoIkZBcXvI0HSiqwVOO5bMxM96HnmD-q2_Tc2F6htdeiAJEiEv_FLjI5z9BUV5cte0tlHes1AHjOuXmOMn9qssj-ul_DcVdqVSySh0gczjryBd1NEAXmUmGEYuqUHg3MxJDSt_abnM3hb04OeU6Q817PEq6TVo5xbQNWXZ58tcu0BWvv_aeVMaS4s4Yv2yilgR1f7XO5D6fnUSkv_lRcNhtx90gcNGtubYa2Jwj8JI3cnFTU&sai=AMfl-YSCj6mvQV18zj9YHy-ZCO2UlKI7fo9vTzDvimrft5UJgmnWA4qfwCXidifjzMVSc6nBQHFSYZfJROMTUDkQQeHcfKv-PIRnyG-srvxMXw0XpLi999xJswLe5kMKp3M&sig=Cg0ArKJSzDpfHA55v2lBEAE&adurl=
Frame ID: 92DBB4D0DF43500E4F48CA6391182BAC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E86558F77184B34399B8EC77302F1F3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sav.sendio.net/curetonmidstream.com/sav?ua=chris.sigrist&sa=tburrows%40imesolutions.com&id=... HTTP 302
    http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV HTTP 301
    http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

73 %
HTTPS

57 %
IPv6

21
Domains

33
Subdomains

30
IPs

4
Countries

814 kB
Transfer

2060 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sav.sendio.net/curetonmidstream.com/sav?ua=chris.sigrist&sa=tburrows%40imesolutions.com&id=1566318765.17056.1.0.d6092a9f.d0fb HTTP 302
    http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV HTTP 301
    http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5 HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Request Chain 20
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 30
  • http://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&ul=en-us&de=UTF-8&dt=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1819036743&gjid=558187313&cid=1829785974.1604140599&tid=UA-384915-1&_gid=375522487.1604140599&gtm=2wgal2P4WWZ5&z=2127227802 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&ul=en-us&de=UTF-8&dt=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1819036743&gjid=558187313&cid=1829785974.1604140599&tid=UA-384915-1&_gid=375522487.1604140599&gtm=2wgal2P4WWZ5&z=2127227802
Request Chain 31
  • http://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js HTTP 301
  • https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
info.sendio.com/trusted-sender/
Redirect Chain
  • https://sav.sendio.net/curetonmidstream.com/sav?ua=chris.sigrist&sa=tburrows%40imesolutions.com&id=1566318765.17056.1.0.d6092a9f.d0fb
  • http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
  • http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ff61dbcb8a6d538257c26ca8f375855ac7f03dd9ab57937877fcb9423ae76f45

Request headers

Host
info.sendio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
2d55fb81-72ec-48e3-acac-5b3d5644158e
etag
e7989f65012c09aebcd29df62d248905
content-location
http://info.sendio.com/trusted-sender/
x-unbounce-visitorid
89.249.64.2031607210202352657
last-modified
Wed, 17 Jun 2020 20:55:26 GMT
x-unbounce-variant
b
link
<http://info.sendio.com/trusted-sender/>; rel="canonical"
set-cookie
ubpv=b%2C2d55fb81-72ec-48e3-acac-5b3d5644158e; Max-Age=15897600; Expires=Mon, 03 May 2021 10:36:38 GMT; Path=/trusted-sender/ ubrs=weighted; Path=/trusted-sender/ ubvs=89.249.64.2031607210202352657; Max-Age=15552000; Expires=Thu, 29 Apr 2021 10:36:38 GMT; Path=/ ubvt=89.249.64.2031607210202352657; Max-Age=259200; Expires=Tue, 03 Nov 2020 10:36:38 GMT; Path=/; Domain=sendio.com
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-length
0
p3p
CP="This is not a privacy policy."
location
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
x-proxy-backend
page-server
connection
close
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
54.192.206.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-64.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Sep 2020 14:40:37 GMT
Content-Encoding
gzip
Age
4391761
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2902
Last-Modified
Thu, 20 Aug 2020 17:51:10 GMT
Server
AmazonS3
ETag
"0fa0e3561cab979c6c474380f5cfc1c0"
x-amz-version-id
5Z0kTncoZ9TlypWnGoxX6jqIQ_y3teEw
Via
1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Type
text/css
X-Amz-Cf-Id
et845yMsmvlFVdTgK5Xea6aFOWI6rMVwvPNXlFhw0YmNhPbinc_ItQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 11:43:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
82401
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
24715
X-XSS-Protection
0
Expires
Sat, 30 Oct 2021 11:43:17 GMT
jquery-shims.bundle-0983003.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
54.192.206.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-64.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:45:55 GMT
Content-Encoding
gzip
Age
4247444
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1993
Last-Modified
Thu, 20 Aug 2020 17:51:05 GMT
Server
AmazonS3
ETag
"c2e5cbf80297781eedf6059e39a25e64"
x-amz-version-id
JuAXgQwV0bNJGvGI1RAQtMeK063vCGm_
Via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
JakCPaFvf8guXXbD65GRo0lYNACAUkwlsK5QkDtLEfBi9KiDHEuoaw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
de91c6775a817cc5cad1fcede538b8ba1c448beefb408acefbd82a7cd3efc4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"679 / 853 of 1000 / last-modified: 1604098483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17890
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:38 GMT
ub.js
assets.ub-analytics.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/ub.js?1597177540
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.206.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-125.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33182948e9715ac7fd11c9366c04f76f2f6efa3f3c4ae01da2886fa97b95db1e

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 14:40:37 GMT
content-encoding
gzip
age
4391762
x-cache
Hit from cloudfront
status
200
content-length
2067
last-modified
Mon, 10 Aug 2020 22:15:06 GMT
server
AmazonS3
etag
"73cfb60ef10d55ee9b32acd75c524a10"
x-amz-version-id
xNPsSRnrUwU0fTCse5b3wlFYgUhneBOQ
via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
cache-control
max-age=31536000; must-revalidate
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
zzqlGlGHv5rREf3KCkhjZ2g_YEicDLjAALfrESFm_o_567fod0mc5A==
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
http://info.sendio.com
Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
status
200
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1604140598.dop006.fr8.t,1604140598.cds268.fr8.hn,1604140598.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
54.192.206.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-64.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 25 Aug 2020 15:14:53 GMT
Content-Encoding
gzip
Age
5772106
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
33645
Last-Modified
Thu, 20 Aug 2020 17:51:05 GMT
Server
AmazonS3
ETag
"70f2eea9dbd0eeacebc3e72d3cac9804"
x-amz-version-id
NurHvr2X7zbcQWKkOJOAmgBV8J01.RIO
Via
1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
RhNHZO5aJFWUe7G3_vi48uHZ7bikb_GJghkXgdG6YyknrHjfwBCnvQ==
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
  • https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
121 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a27cade39cb7812c5c71a9b2e358a9a90699b8eb0417d4ecba1220a012bf267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44998
x-xss-protection
0
last-modified
Sat, 31 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Oct 2020 10:36:38 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Date
Sat, 31 Oct 2020 10:36:38 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
assets.ub-analytics.com/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/sp-2.14.0.js
Requested by
Host: assets.ub-analytics.com
URL: https://assets.ub-analytics.com/ub.js?1597177540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.206.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-125.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 10:15:30 GMT
content-encoding
gzip
age
1729269
x-cache
Hit from cloudfront
status
200
content-length
30399
last-modified
Mon, 10 Aug 2020 16:38:07 GMT
server
AmazonS3
etag
"8ba0854cfc77fc805dad68834d087ceb"
x-amz-version-id
1cJ_KgGUMQKF.rOFFJhj7mtqvBAcV9IH
via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Y3ysGBpS2QIO65VMh5e9lec5ZumJ3dkZ_3LgzG5bKwhuyFYbyt3nfw==
fa5bf90a-2a4a-499c-8ec3-48783c5afc27
http://info.sendio.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:http://info.sendio.com/fa5bf90a-2a4a-499c-8ec3-48783c5afc27
Requested by
Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		5 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Requested by
Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d6f4376ec07b325c6312510a83f85d2804b276161c3d8f12d2bea4cb9776db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 31 Oct 2020 10:36:38 GMT
server
ESF
date
Sat, 31 Oct 2020 10:36:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Oct 2020 10:36:38 GMT
c68cd79a-ransomware-rising-2017-2x-100_10f00800e605400f01g01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/c68cd79a-ransomware-rising-2017-2x-100_10f00800e605400f01g01o.jpg
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
52.222.177.192 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-192.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d91949af99fcd9998523f414f760d5cac73532d3d9f5c796f8b22b646dd178f6

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 06:19:33 GMT
Via
1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 17 Jun 2020 20:55:26 GMT
Server
AmazonS3
Age
3989825
ETag
"e941e5560790e13caf7d9787e770ec82"
X-Cache
Hit from cloudfront
x-amz-version-id
mlsx4ZZ.nS0EysPwUZXiFP2NXTX4fcXi
Cache-Control
max-age=31557600
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8861
X-Amz-Cf-Id
6O0X4WLN_WDvdDAjj0Um1PAd4L3fRjUxd3AkIGitaRcCyUr0txMD9w==
be394274-opt-inbox-process-2x-100_10f00800e606b00f00x01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/be394274-opt-inbox-process-2x-100_10f00800e606b00f00x01o.jpg
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
52.222.177.192 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-192.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
364c300e5f07d59556bfa81c934e4418ceac51360a75edeb369a4d909d1879b3

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 02:33:50 GMT
Via
1.1 bf65a83733ea7a81d9100310d3bbbfb8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 17 Jun 2020 20:55:26 GMT
Server
AmazonS3
Age
3916969
ETag
"c0f843c77b614e04636945a70c02901e"
X-Cache
Hit from cloudfront
x-amz-version-id
ffkTDNrYUGyfrd2OshOZ5VrR8P_jPSPB
Cache-Control
max-age=31557600
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
7495
X-Amz-Cf-Id
p_bGscJBVXl5OclYf6Dc8MlFqF39YEjEVuzAYfv9k8tkPhKhSZDAsQ==
6b908d56-sendio-logo-transparent-white_102i014000000000000028.png
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/6b908d56-sendio-logo-transparent-white_102i014000000000000028.png
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
52.222.177.192 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-192.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46b892a13b7fd3da59852ea941f619f1131cb3830e5e17ed1d5f82b5c6cebf7f

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 14:30:38 GMT
Via
1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 17 Jun 2020 20:55:26 GMT
Server
AmazonS3
Age
3701160
ETag
"4d38649edf994ebd256300e63b308bdd"
X-Cache
Hit from cloudfront
x-amz-version-id
64kFVxjoJ_CipptvC2abzILAWa7NQDyk
Cache-Control
max-age=31557600
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1036
X-Amz-Cf-Id
GTSy5Zi5PJy8rwXeuPjDtxm5VeErV_D51rezLm9q6AdmSLCoacg0Pw==
4234500b-sendio-eblast-ransomware-header-100_10fs05l0f004t00f00f01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/4234500b-sendio-eblast-ransomware-header-100_10fs05l0f004t00f00f01o.jpg
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
52.222.177.192 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-192.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c821f6ccf608fb19f6026dd54d411ccd349fa6db3b2c1ade4e3cc6eb72a5a0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 18:51:49 GMT
Via
1.1 6c314f9bc806736c483494e492792b33.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 17 Jun 2020 20:55:26 GMT
Server
AmazonS3
Age
4981490
ETag
"80f77cd5a884966d5c85967e5c0b505d"
X-Cache
Hit from cloudfront
x-amz-version-id
aNesFfg_.XA1j8N.6yUFd0V6cvuHp6tc
Cache-Control
max-age=31557600
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8444
X-Amz-Cf-Id
H60IIhkx8WpQ4oM-pjAMTTP6MyuFqf7X0FEcmuvutf8f6GY4y75faA==
pubads_impl_2020102901.js
securepubads.g.doubleclick.net/gpt/ 		273 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 08:43:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98487
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:38 GMT
i
events.ub-analytics.com/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://events.ub-analytics.com/i?stm=1604140598866&e=pv&url=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&page=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=1a44fffc-358d-4e46-8a29-454aef2404f8&dtm=1604140598863&vp=1600x1200&ds=1600x1650&vid=1&sid=de54ed99-7d37-458c-bc35-b68b51ed6caa&duid=1c012a18-5ea7-4c34-b75f-6b1077f172ba&uid=89.249.64.2031607210202352657&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMmQ1NWZiODEtNzJlYy00OGUzLWFjYWMtNWIzZDU2NDQxNThlIiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
34.224.248.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-248-58.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 31 Oct 2020 10:36:39 GMT
Server
akka-http/10.0.9
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://info.sendio.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 16:29:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
151616
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Fri, 29 Oct 2021 16:29:42 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://info.sendio.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 09:05:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
91873
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 30 Oct 2021 09:05:25 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4850
date
Sat, 31 Oct 2020 09:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 31 Oct 2020 11:15:48 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
gzip
etag
"O/+l6c17R2TQ0JQMJXOiXA=="
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 07 Nov 2020 10:36:38 GMT
/
f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/ 		479 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e50bc8bb6547d8d2fc54d5e97cba6168870b9ffcaf036f3cf42e010db4d098b

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
x-amz-apigw-id
VRaonHj9joEFVxA=
etag
86c0636c9f0613423971c3d77587aa7e-v0.178.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, MISS
content-type
application/json
status
200
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
none
access-control-allow-origin
*
api.js
www.google.com/recaptcha/ 		909 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
807cdae5df6ef1d8ea8ef7131273619d39a74ef84b7d81adfbb5588e9baf3a00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Sat, 31 Oct 2020 10:36:38 GMT
dmedianet.js
contextual.media.net/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU1XQQDB
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.97 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7a8a0dd4afa272e1cb244835dffa0c79ebb969bdc594a71018cb133077483680
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h
10-4
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"ccfb755d88414da63f50328ca4195756"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=300
date
Sat, 31 Oct 2020 10:36:38 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-7
expires
Sat, 31 Oct 2020 10:41:38 GMT
/
610df60283ce46159d7012c382c77621.js.ubembed.com/ 		479 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://610df60283ce46159d7012c382c77621.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be21514e2b4f118e34b782481ea5a484031f3a49f731b66f1439b0de00c94d73

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
x-amz-apigw-id
VRaomFbVDoEFb9g=
etag
b20d8593f284c2b04157c7eff194e165-v0.178.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, MISS
content-type
application/json
status
200
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
none
access-control-allow-origin
*
choice.js
quantcast.mgr.consensu.org/choice/1ZtptYybLEE7k/info.sendio.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/1ZtptYybLEE7k/info.sendio.com/choice.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:9800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 31 Oct 2020 10:36:38 GMT
via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
last-modified
Thu, 21 May 2020 21:03:42 GMT
server
AmazonS3
age
1280
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
text/html
status
403
cache-control
public, max-age=7200
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
0
x-amz-cf-id
5QSTpXF7RTDRcqujOrgPTaxzLz7zspQMrpoJMcqmI8GBFzEVEszN6A==
i.js
i.kissmetrics.com/ 		39 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
http://i.kissmetrics.com/i.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
184.72.216.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-216-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 31 Oct 2020 10:36:12 GMT
Server
nginx
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
39
Expires
Mon, 30 Nov 2020 10:36:12 GMT
30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
scripts.kissmetrics.com/ 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
HTTP/1.1
Server
52.222.176.228 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-176-228.ham50.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
59d9d5aba2ed62ed84361fca07b6624b77a5b624110fb240523a9f31c7a96eb0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 31 Oct 2020 10:30:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Oct 2018 21:08:04 GMT
Server
nginx/1.6.2
X-Amz-Cf-Pop
HAM50-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via
1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
X-Amz-Cf-Id
YLcpi_DB8ZwGahzZZ5b5ezAoJD2tv5hsDgCAWKkVpmx7vXMvgcSjuQ==
collect
stats.g.doubleclick.net/j/ 		4 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-384915-1&cid=1829785974.1604140599&jid=1819036743&gjid=558187313&_gid=375522487.1604140599&_u=YGBAgAABAAAAAE~&z=1267816973
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 31 Oct 2020 10:36:38 GMT
status
200
content-type
text/plain
access-control-allow-origin
http://info.sendio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_cam...
  • https://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_ca...
35 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&ul=en-us&de=UTF-8&dt=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1819036743&gjid=558187313&cid=1829785974.1604140599&tid=UA-384915-1&_gid=375522487.1604140599&gtm=2wgal2P4WWZ5&z=2127227802
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 09:14:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4911
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j87&a=1440993628&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&ul=en-us&de=UTF-8&dt=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1819036743&gjid=558187313&cid=1829785974.1604140599&tid=UA-384915-1&_gid=375522487.1604140599&gtm=2wgal2P4WWZ5&z=2127227802
Non-Authoritative-Reason
HSTS
rules-p-1ZtptYybLEE7k.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
  • https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
3 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:35:17 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
82
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
p-Ae1IDxc3w-Tb-VdP6qIyYK4gqqTSfie59bqYeSUpRY6kHP3ZKGIA==

Redirect headers

Date
Sat, 31 Oct 2020 10:36:38 GMT
Via
1.1 c47c25ef93083c096cbff8a42ea330d9.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
HAM50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
jYAZ0pnFOqtPokRrT8IljNsy-9Ku5JlkTsEirg0CsO8GtsiSSvqJdw==
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-384915-1&cid=1829785974.1604140599&jid=1819036743&_u=YGBAgAABAAAAAE~&z=1657571087
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-384915-1&cid=1829785974.1604140599&jid=1819036743&_u=YGBAgAABAAAAAE~&z=1657571087
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.178.1/ 		162 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.178.1/bundle.js
Requested by
Host: f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
URL: https://f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-111.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 14:40:43 GMT
content-encoding
gzip
last-modified
Wed, 11 Dec 2019 22:14:50 GMT
server
AmazonS3
age
4391757
etag
W/"2c662c7609e2ae1af50939453dcb717e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
7Z0A-K9VkUfFvd8-ccraYFZeT-USvQLLojzQm-DZ5B5wbH-TqnZVPQ==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://info.sendio.com
Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 09:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3085
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137574
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 04:07:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Oct 2021 09:45:14 GMT
e
trk.kissmetrics.com/ 		43 B
376 B 		Other
General
Check archive.org
Download Go to
Full URL
http://trk.kissmetrics.com/e
Requested by
Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol
HTTP/1.1
Server
52.72.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-155-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 31 Oct 2020 10:36:39 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 31 Oct 2020 10:36:38 GMT
e
trk.kissmetrics.com/ 		43 B
376 B 		Other
General
Check archive.org
Download Go to
Full URL
http://trk.kissmetrics.com/e
Requested by
Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol
HTTP/1.1
Server
52.72.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-155-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 31 Oct 2020 10:36:39 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 31 Oct 2020 10:36:38 GMT
e
trk.kissmetrics.com/ 		43 B
376 B 		Other
General
Check archive.org
Download Go to
Full URL
http://trk.kissmetrics.com/e
Requested by
Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol
HTTP/1.1
Server
52.72.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-155-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 31 Oct 2020 10:36:39 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 31 Oct 2020 10:36:38 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=info.sendio.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=info.sendio.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2165354577456962&correlator=506149933789506&output=ldjh&impl=fifs&eid=21068404&vrg=2020102901&gdpr_consent=tcunavailable&tcfe=1&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201031&iu_parts=277638779%2CLP_SAV_300x250_Top_TargetBlank%2CLP_SAV_MAR2017_300x250_TargetBlank&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1592427326&dt=1604140599515&dlt=1604140598713&idt=282&frm=20&biw=1600&bih=1200&oid=3&adxs=938%2C938&adys=319%2C589&adks=2105499697%2C1283621901&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&dssz=38&icsg=168306688&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&ga_vid=1829785974.1604140599&ga_sid=1604140600&ga_hid=1440993628&fws=4%2C4&ohw=300%2C300&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
d2617614bd110da28677859a035890ae79b02b8f83d73e82a86bc77bdc82420e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14025
x-xss-protection
0
google-lineitem-id
5197590702,159435619
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138290853135,108346023619
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://info.sendio.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18ede500a885fd0b217b09c8226c224c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://18ede500a885fd0b217b09c8226c224c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 2DE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhNlDy0ZkciLcsgFG3GgJzQhZRBcrRI8ffxnbiNZOmS0a7SWExS7eNMTb-Oz8c3k4Lm801k7L8YegIW6crvA5sL1ngdQNXGZ_tx5_ASxX2rVlGGeM_P2GzpI3Ualsi5OU2rygQRHWHHgHKOnTPWwpuHp8lG3BK7lFMtlVv9LNf47hTWavynVsvv4pkdTzYC3IQzXdAPjBCczMhjC7Iy3k6W0Ewj1hxuVzxVgOqbdcTxf9xfG3U0XMWuZM9TDwO2i_SeE-BvNuy1UxN8AS6CmQV4dDjDaZxSKg&sai=AMfl-YRnlexKdakKvK6uYmMNgbamND-pXGPphLNubLwTAxepV-HxkP8lUy7QNba69E6Mv6CVurixBJuTl-eWiFfb7_W3kK5-HwPTvgB5FzsX8jMvTrENr1R0ZhfzjANS1gw&sig=Cg0ArKJSzNbOD8t1CdGaEAE&adurl=
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame 2DE7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 01:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7216
x-xss-protection
0
server
cafe
etag
9928567655033844918
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Nov 2020 01:35:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame 2DE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 03:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Nov 2020 03:33:57 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 2DE7 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
l
www.google.com/ads/measurement/ Frame 2DE7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRb9eIZm6qdLiY34COaWeepQzaMt1fjsouk5VgzyyRGtgHw1Kf6XO0TtgTpH7WXUR0Jdtpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
11998061179317164195
tpc.googlesyndication.com/simgad/ Frame 2DE7 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11998061179317164195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0d0aeb62ec5a730ec6d52904aa340b7963d269dc8ba60be5ad00f0c0882f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 21:56:14 GMT
x-content-type-options
nosniff
age
218425
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51053
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 15:56:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 21:56:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRoU3eyhoCCCnZYafD6BSt3lFT43F8CakaBPwf3ga8oCeYQUhJdMOKoIkZBcXvI0HSiqwVOO5bMxM96HnmD-q2_Tc2F6htdeiAJEiEv_FLjI5z9BUV5cte0tlHes1AHjOuXmOMn9qssj-ul_DcVdqVSySh0gczjryBd1NEAXmUmGEYuqUHg3MxJDSt_abnM3hb04OeU6Q817PEq6TVo5xbQNWXZ58tcu0BWvv_aeVMaS4s4Yv2yilgR1f7XO5D6fnUSkv_lRcNhtx90gcNGtubYa2Jwj8JI3cnFTU&sai=AMfl-YSCj6mvQV18zj9YHy-ZCO2UlKI7fo9vTzDvimrft5UJgmnWA4qfwCXidifjzMVSc6nBQHFSYZfJROMTUDkQQeHcfKv-PIRnyG-srvxMXw0XpLi999xJswLe5kMKp3M&sig=Cg0ArKJSzDpfHA55v2lBEAE&adurl=
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame 92DB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 01:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7216
x-xss-protection
0
server
cafe
etag
9928567655033844918
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Nov 2020 01:35:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame 92DB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 03:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Nov 2020 03:33:57 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 92DB 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
12938613454478336496
tpc.googlesyndication.com/simgad/ Frame 92DB 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12938613454478336496
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b776378d4076ba65400e79c1974d12a4b6861a6d7ea69a908afbc92e78f8a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 16:30:17 GMT
x-content-type-options
nosniff
age
65182
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23952
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 19:02:35 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Oct 2021 16:30:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
771fe1f6eea682c729d33d4f3136aa9bccb1a6b657839449485b0cfb8805e77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6628
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js?21068404
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 10:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Sat, 31 Oct 2020 10:36:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92DB 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaT21o3nHXgKaVsSXTSWkklpkg5ZaejAf1SHDHNU2sgXynLYVUoObjXPwTU7QZwl55sx8BX8uD2z4POL1gZ8OVAmpwQidwDvlPpE1tfVfAYBRPUK3ykwqwwMjG3dIwpVwlf9NK_A07C9iwQM1Qn_RAXScyVk0mVP81VnDyjfPQjenEYNB-3un2crB3xrHlGti5qVIQIKw7b7K_XhgXnN1H_8OJ83otp9YKBEXyGnmWIOpUPORmnEMYUZZpiz4xGQf5nc6fE12X1t8cQusqWC6l57fIiCHgfg-9XvqvjA&sai=AMfl-YQsqFzF7QTgOjxkp_pa4GhXVPJqhJogBQCbL6Y9dq3gwLAYr3CWN9XppcVFEVlVVEMd7jmDi2XKCTmPxvl74M0ZnnK2oA2Z-es7BdSsJ7y-X8fDHnCYgb4hk2IIGj8&sig=Cg0ArKJSzOO74nscMBvSEAE&adurl=
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 92DB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82b384341a330fdce38df60cdacd7cbf5ecf708a3aa4b00ed624906800b28533

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2DE7 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwE4E4nKZKz3lRS3BTMTbMbS3yOB-gauhkHYsU4jjV-EvcopD5bFg7WLims4Jw35tPYItVgYILbqOr2-2v5u_UAgsV6JcNEA3yXFSDFvxgcMDs_3LSlmHDBaiABaB-qfO1HK8TR86oKBsVZFqKIi_Dg0BVo5TvgAzWsHrzSn1VYA598lSUVL_8aPEcjqS3l396E6IyksEp1XtfyXyqhSUeklJOOtS9OGiwRe3LFZAgVrGOJ9DdDQ3OUsx5CJMSjWab6ZdOZz2eQ_0oS57ancqWe5uuCkn4JynNlQ&sai=AMfl-YT1gi-IRNLVHrvnYkvDjDxKf4uY8zZ6ZlN1witUXgVbddDboTplzWqDPaHfYmlI-KkVyUmAWMbARTI6vMhsT2awBH8c0_qtitLbXdTg99JYfyvfPrgEEYSlogfcY6U&sig=Cg0ArKJSzHF1PpxxXi5DEAE&adurl=
Requested by
Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 2DE7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac54deef341ba7505fe5c784143cecfbde5be2f55dd2c31a1886db495a44dfa7

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E865 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sat, 31 Oct 2020 09:36:30 GMT
expires
Sun, 31 Oct 2021 09:36:30 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3609
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102901&jk=2165354577456962&bg=!oqGloYHNAAU7ZAKtO1hYXM8pU-X_MQIAAABJUgAAABBoAQcKASvKPDs7ahkQgmm7Br92WYVYuMM9IBY6aWQiqeizmfZYPhU0sSWRwc7xa8zpD1LsNol9sdUOnKVihSsDt1Z3X0r6Q-CR8q0_ij9tfezd-XH5lkSoE-NkiICpR1cf_Pp37OED_L8WhJC-7HeYdehHbsnaPBhlKG4-ryI9xRwizJY8ljf1dMegEjmLaALqpeZOSEVM0mX-L10FoqmOvlnU35GafLOKY00VW-uo8-l1mzSbatmeoVGTZ9YkgCrYQQiNGNT6EAMB-gzTGn_d0P23op222-Xcd0H0hqf4vIT5S94lMecItELqaYzsi12mXma7ae9ApHVBxnUOWFoYirDPEBbEI99qPdKaPKPs-qnvJA76DD_x6wLmIqvyEqRXNbz-BMIpVYMLGT6TKbBDLZkBzx-IyB9F3TP3HjFAixPfmTwIu2R8k68_N-jCd8Wfe7GplVgaMPPASzOF8cHDVbMJ44iPyNb8ydPVD-jUxgCDsgjYmL4zpcDPhm34zRdfvG2xeQfuwqeX8A2FKNK8iZNzNeoL5-ROU1LG7KATG0Atdva8tGsaHIpesIpHwYhv9UX8afoc75tBDKzcCJY8Bphx_Fjff0vcdJb5OO9PVOcAi9Eq-vi7HJw4K5xuFGWJ-T-drBRf-7feugCO_Vy6dsHuw2Abe8uIWPVmEfWD3HuN4s5jRk_TGLixqR6RovTMyTdHliKWVh0_a7c-MWkoZsL0gHntYZ9303V7BzBxi9SQZLnlnAXNmgMVqiq5BUkXgDBnTmKF9ZGU83BgwLSk_qNCa2yo0qdxXNyRvsVE5LN7GsccXEJuEXOR5Tui97lsNBUh6mNw-57HlEe5b6uv5TJCLPwSRGbbQ13naycW2FAN83s-scRFQcrMIh_Dxf-ZfIc9incI02-wYK8CBiThbCcrPyC429_5LJZUvJZcQuLN5P0K2cg6uLjaLE1tcDKrJrQY7Iv1VhR3yXaYJY1mTOY0BuR-F6rV6yZY_87FSJlOWYEYEE15nV_d9EMVvKiE0_k
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 10:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 92DB 		42 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMgP5ukp34Isjf2bHpMNANyVv725lPdXoIR0h9WtPWwa9SMsJQGWCEpf-6kUZnrilbTRdPKtkQvMPs-evD_kIjZtW9OB_CKmn69gYnZ_k&sig=Cg0ArKJSzM7LKvSIxcz4EAE&adk=1283621901&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=589,938,839,1238&mcvt=1009&rs=0&ht=0&tfs=107&tls=1116&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=5&niot_cbk=19&md=2&btr=0&cpmav=0&lm=2&rst=1604140599612&dlt&rpt=93&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C1650&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-4-11-11-0-0-0&tvt=1113&is=300%2C250&iframe_loc=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201030
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 10:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DE7 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVT4TBDgnWpjaxO_1EHPO0ZNjBqHOHuVEzLgsjewl7ADaq2xBhL2MmTzxIOsEdIHyW_aJmOb4iASXzvyOYTBoropxesDKT0NszqsHlyFI&sig=Cg0ArKJSzKBKdaY3cDCmEAE&adk=2105499697&tt=-1&bs=1600%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=319,938,569,1238&mcvt=1007&rs=0&ht=0&tfs=103&tls=1110&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=9&md=2&btr=0&cpmav=0&lm=2&rst=1604140599610&dlt&rpt=96&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C1650&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1109&is=300%2C250&iframe_loc=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201030
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Oct 2020 10:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| trustedTypes function| $ function| jQuery object| lp object| ub object| googletag object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| ggeac object| google_js_reporting_queue function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents object| _kmq string| _kmk function| _kms object| _mNHandle string| medianet_versionId function| __tcfapi function| __uspapi object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| timestamp object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define object| _mN_dy object| recaptcha object| ube string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

12 Cookies

Domain/Path Name / Value
.sendio.com/ Name: km_lv
Value: 1604140599
.sendio.com/ Name: kvcd
Value: 1604140599253
.info.sendio.com/ Name: _ga
Value: GA1.3.1829785974.1604140599
.sendio.com/ Name: ubvt
Value: 89.249.64.2031607210202352657
.sendio.com/ Name: km_vs
Value: 1
.sendio.com/ Name: _gcl_au
Value: 1.1.2028111404.1604140599
.info.sendio.com/ Name: _dc_gtm_UA-384915-1
Value: 1
.info.sendio.com/ Name: _gid
Value: GA1.3.375522487.1604140599
info.sendio.com/ Name: ubvs
Value: 89.249.64.2031607210202352657
info.sendio.com/trusted-sender/ Name: ubrs
Value: weighted
.sendio.com/ Name: km_ai
Value: Lhdl%2F7PfXgC%2F47Q0ou73jA2rbWk%3D
info.sendio.com/trusted-sender/ Name: ubpv
Value: b%2C2d55fb81-72ec-48e3-acac-5b3d5644158e

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js(Line 191)
Message:
reCAPTCHA couldn't find user-provided function: onloadCallback
console-api warning (Line 4)
Message:
USP is not accessible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18ede500a885fd0b217b09c8226c224c.safeframe.googlesyndication.com
610df60283ce46159d7012c382c77621.js.ubembed.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.ub-analytics.com
assets.ubembed.com
builder-assets.unbounce.com
code.jquery.com
contextual.media.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
fonts.googleapis.com
fonts.gstatic.com
i.kissmetrics.com
info.sendio.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
sav.sendio.net
scripts.kissmetrics.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trk.kissmetrics.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
151.101.193.131
18.196.95.178
184.72.216.220
184.73.176.125
2001:4de0:ac19::1:b:3a
216.58.212.162
23.210.250.97
2600:9000:2070:9800:9:46dc:4700:93a1
2600:9000:2093:d000:6:44e3:f8c0:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2001
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:825::2002
2a00:1450:400c:c07::9c
2a00:1450:400c:c0c::84
34.224.248.58
52.222.176.228
52.222.177.192
52.72.155.146
52.85.32.111
54.192.206.125
54.192.206.64
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0a27cade39cb7812c5c71a9b2e358a9a90699b8eb0417d4ecba1220a012bf267
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
22d6f4376ec07b325c6312510a83f85d2804b276161c3d8f12d2bea4cb9776db
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8
33182948e9715ac7fd11c9366c04f76f2f6efa3f3c4ae01da2886fa97b95db1e
364c300e5f07d59556bfa81c934e4418ceac51360a75edeb369a4d909d1879b3
46b892a13b7fd3da59852ea941f619f1131cb3830e5e17ed1d5f82b5c6cebf7f
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
4e50bc8bb6547d8d2fc54d5e97cba6168870b9ffcaf036f3cf42e010db4d098b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
59d9d5aba2ed62ed84361fca07b6624b77a5b624110fb240523a9f31c7a96eb0
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
72c821f6ccf608fb19f6026dd54d411ccd349fa6db3b2c1ade4e3cc6eb72a5a0
771fe1f6eea682c729d33d4f3136aa9bccb1a6b657839449485b0cfb8805e77a
7a8a0dd4afa272e1cb244835dffa0c79ebb969bdc594a71018cb133077483680
7b0d0aeb62ec5a730ec6d52904aa340b7963d269dc8ba60be5ad00f0c0882f1a
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
807cdae5df6ef1d8ea8ef7131273619d39a74ef84b7d81adfbb5588e9baf3a00
82b384341a330fdce38df60cdacd7cbf5ecf708a3aa4b00ed624906800b28533
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ac54deef341ba7505fe5c784143cecfbde5be2f55dd2c31a1886db495a44dfa7
b776378d4076ba65400e79c1974d12a4b6861a6d7ea69a908afbc92e78f8a336
be21514e2b4f118e34b782481ea5a484031f3a49f731b66f1439b0de00c94d73
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2617614bd110da28677859a035890ae79b02b8f83d73e82a86bc77bdc82420e
d91949af99fcd9998523f414f760d5cac73532d3d9f5c796f8b22b646dd178f6
de91c6775a817cc5cad1fcede538b8ba1c448beefb408acefbd82a7cd3efc4dd
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff61dbcb8a6d538257c26ca8f375855ac7f03dd9ab57937877fcb9423ae76f45