urlscan.io logo urlscan.io
SecurityTrails logo

antispam2.xefi.fr Open in urlscan Pro
134.90.141.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://antispam2.xefi.fr/invitation?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm...
Effective URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&u...
Submission: On May 21 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 134.90.141.12, located in Lyon, France and belongs to XEFI, FR. The main domain is antispam2.xefi.fr. The Cisco Umbrella rank of the primary domain is 942789.
TLS certificate: Issued by Thawte TLS RSA CA G1 on October 25th 2023. Valid for: a year.
This is the only time antispam2.xefi.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 134.90.141.12 198330 (XEFI)
3 2620:1ec:48:1... 8075 (MICROSOFT...)
21 2
Apex Domain
Subdomains		 Transfer
19 xefi.fr
antispam2.xefi.fr — Cisco Umbrella Rank: 942789
2 MB
3 mailinblack.com
cdn.mailinblack.com — Cisco Umbrella Rank: 418518
233 KB
21 2
Domain Requested by
19 antispam2.xefi.fr 1 redirects antispam2.xefi.fr
3 cdn.mailinblack.com antispam2.xefi.fr
21 2

This site contains links to these domains. Also see Links.

Domain
www.mailinblack.com
Subject Issuer Validity Valid
*.xefi.fr
Thawte TLS RSA CA G1		 2023-10-25 -
2024-11-24		 a year crt.sh
cdn.mailinblack.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Frame ID: 51FD50115F91F1F73D86D62481611F9C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentification MailInBlack anti-spam

Page URL History Show full URLs

  1. https://antispam2.xefi.fr/invitation?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&... HTTP 301
    https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2136 kB
Transfer

3358 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://antispam2.xefi.fr/invitation?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise HTTP 301
    https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
antispam2.xefi.fr//invitation/
Redirect Chain
  • https://antispam2.xefi.fr/invitation?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
  • https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
8e71cc248b481bb2a5d9cefabcf5c663591ed490605235cc334d109fcdc861b8

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-language
fr-FR
content-type
text/html;charset=UTF-8
date
Tue, 21 May 2024 12:59:40 GMT
server
nginx

Redirect headers

content-length
162
content-type
text/html
date
Tue, 21 May 2024 12:59:40 GMT
location
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
angular.min.js
antispam2.xefi.fr//invitation/lib/angular/ 		163 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
angular-animate.min.js
antispam2.xefi.fr//invitation/lib/angular-animate/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/lib/angular-animate/angular-animate.min.js
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
944d97642ede32b747f8a45a2973d683562ab007037619aa1403db3c6e5ffd4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
angular-translate.js
antispam2.xefi.fr//invitation/lib/angular-translate/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/lib/angular-translate/angular-translate.js
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
eaf77f7216c558780a8e3b5702f20c39946fa6720037ba0c62f52cd17bc8ce56

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
angular-translate-loader-url.js
antispam2.xefi.fr//invitation/lib/angular-translate-loader-url/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/lib/angular-translate-loader-url/angular-translate-loader-url.js
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
4977955e3f9496f9ae6270cce8a38d9a78eb6b24ae4e31d4f0ca99ef90bfef18

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
invitation.js
antispam2.xefi.fr//invitation/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/js/invitation.js
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
dffefafbd98462a9de81bf4fa245d5c140607bcd71de4fea1ebe5948e947a1b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
font.css
antispam2.xefi.fr//invitation/css/ 		1 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr//invitation/css/font.css
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
24c1950dc1c4555f534b9a5afcf94d36cbee0c805ff375ac31ab3781ef45937f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 11:25:06 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
all.css
cdn.mailinblack.com/cdn/v1/font-awesome/css/ 		96 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/cdn/v1/font-awesome/css/all.css
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
902101cf2f8e9a2966e432ce970c1ec93d7828c5663f376737e3501b0b174454

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 21 May 2024 12:59:41 GMT
content-encoding
br
last-modified
Tue, 23 Apr 2019 14:47:16 GMT
vary
Accept-Encoding
x-azure-ref
20240521T125941Z-1768fdbf57dcdngv89xq8r4ykw00000004yg0000000000xu
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
577a97b1-401e-0154-3084-aa3b70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
69579703
x-cache-info
L1_T2
adInvitationEnvelopeCheck.png
antispam2.xefi.fr//protect/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antispam2.xefi.fr//protect/assets/images/adInvitationEnvelopeCheck.png
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
91530fe8963616766f3752c7f16e78b91721489efddf2d59863ae3ea674193eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr//invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 09:56:39 GMT
server
nginx
content-encoding
gzip
etag
W/"65d325d7-5c3"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=300, public
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:40 GMT
getI18n
antispam2.xefi.fr/invitation/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/invitation/getI18n?lang=fr
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
455a583566eecbc48a104c930545a1403db245a76518f78746ea562f0f9a5ab6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
server
nginx
content-type
application/json
captchaB64
antispam2.xefi.fr/invitation/ 		25 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/invitation/captchaB64
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
dde4c6eafe8a885617d06b5f4fdf9d83f400ba8ee5fd9053d23a8657a03e32d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
server
nginx
content-type
image/png
nextRecipients
antispam2.xefi.fr/invitation/ 		2 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/invitation/nextRecipients
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
server
nginx
content-type
application/json
getFields
antispam2.xefi.fr/invitation/ 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/invitation/getFields?timestamp=1716296381411
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
70475ed5bca432202b76bd30d3451faa37e67f8f6a6bc5ef0d8e149259648eb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:59:40 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
server
nginx
content-type
application/json
background_confirmation.svg
antispam2.xefi.fr//protect/assets/images/ 		447 KB
448 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antispam2.xefi.fr//protect/assets/images/background_confirmation.svg
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
9bfded101ceabaf8f9540e11e6015fc12177551b0e7f2f3ca901428986813467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 09:56:40 GMT
server
nginx
etag
"65d325d8-6fdd9"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=300, public
accept-ranges
bytes
content-length
458201
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:40 GMT
OpenSans-Regular.ttf
cdn.mailinblack.com/cdn/v1/fonts/ 		212 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/cdn/v1/fonts/OpenSans-Regular.ttf
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/
Origin
https://antispam2.xefi.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 21 May 2024 12:59:41 GMT
content-encoding
br
last-modified
Mon, 20 May 2019 13:51:08 GMT
vary
Accept-Encoding
x-azure-ref
20240521T125941Z-1768fdbf57dq494z9zb6sxdt7w00000004vg00000000gf38
content-type
application/font-sfnt
access-control-allow-origin
*
x-ms-request-id
ed0b759c-e01e-00a6-3f85-aa3d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
69579703
OpenSans-Semibold.ttf
cdn.mailinblack.com/cdn/v1/fonts/ 		216 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/cdn/v1/fonts/OpenSans-Semibold.ttf
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/
Origin
https://antispam2.xefi.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 21 May 2024 12:59:41 GMT
content-encoding
br
last-modified
Mon, 20 May 2019 13:51:07 GMT
vary
Accept-Encoding
x-azure-ref
20240521T125941Z-1768fdbf57dq494z9zb6sxdt7w00000004vg00000000gf39
content-type
application/font-sfnt
access-control-allow-origin
*
x-ms-request-id
15a124f9-801e-0026-0767-aac232000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
69579703
logo_protect_orange.png
antispam2.xefi.fr/protect/assets/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antispam2.xefi.fr/protect/assets/images/logo_protect_orange.png
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
0132e8784fed4438966059b8e877969e5a64d6be6b9513a4299293f353c9ff43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 09:56:40 GMT
server
nginx
content-encoding
gzip
etag
W/"65d325d8-5e5b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=300, public
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:40 GMT
logo_mib_orange.png
antispam2.xefi.fr/protect/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antispam2.xefi.fr/protect/assets/images/logo_mib_orange.png
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
a259d353d891b477b8fa3a3f3b661f3fa240988f698f46ced8fe164dd0b7c144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 09:56:40 GMT
server
nginx
content-encoding
gzip
etag
W/"65d325d8-210b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=300, public
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:40 GMT
ad_default_image.gif
antispam2.xefi.fr/protect/assets/images/ 		2 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antispam2.xefi.fr/protect/assets/images/ad_default_image.gif
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
deedc2d17b806fe888631d39ce1516d7d359c73a67c44ef95bb24c85d441e4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 09:56:39 GMT
server
nginx
content-encoding
gzip
etag
W/"65d325d7-1ef13b"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=300, public
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:40 GMT
captchaAudio
antispam2.xefi.fr/invitation/ 		100 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/invitation/captchaAudio
Requested by
Host: antispam2.xefi.fr
URL: https://antispam2.xefi.fr//invitation/lib/angular/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
d6b8f273e44a7ceeffdeaefc01005036547a014940547c07630f597bd3aa586f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 12:59:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
0
favicon-32px.png
antispam2.xefi.fr/assets/favicon/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://antispam2.xefi.fr/assets/favicon/favicon-32px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.90.141.12 Lyon, France, ASN198330 (XEFI, FR),
Reverse DNS
antispam2.xefi.fr
Software
nginx /
Resource Hash
3a09e7fee4776440e779cfbefbd4912e7bd14f4a3e1d51a597a870915730b338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://antispam2.xefi.fr/invitation/?lang=fr&id=9e224a31-c851-438d-9f80-608415cebf09&utm_source=DA-fr&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 21 May 2024 12:59:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 15 Mar 2024 10:30:08 GMT
server
nginx
content-encoding
gzip
etag
W/"65f42330-1d63"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
max-age=300, public
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:04:41 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| angular object| adminWebApp function| addStyle function| inIframe number| ng339

1 Cookies

Domain/Path Name / Value
antispam2.xefi.fr/invitation/ Name: SESSION
Value: 4b856e3a-a59b-46e2-9bf0-1d9c2d33932d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antispam2.xefi.fr
cdn.mailinblack.com
134.90.141.12
2620:1ec:48:1::45
0132e8784fed4438966059b8e877969e5a64d6be6b9513a4299293f353c9ff43
24c1950dc1c4555f534b9a5afcf94d36cbee0c805ff375ac31ab3781ef45937f
3a09e7fee4776440e779cfbefbd4912e7bd14f4a3e1d51a597a870915730b338
455a583566eecbc48a104c930545a1403db245a76518f78746ea562f0f9a5ab6
4977955e3f9496f9ae6270cce8a38d9a78eb6b24ae4e31d4f0ca99ef90bfef18
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
70475ed5bca432202b76bd30d3451faa37e67f8f6a6bc5ef0d8e149259648eb3
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
8e71cc248b481bb2a5d9cefabcf5c663591ed490605235cc334d109fcdc861b8
902101cf2f8e9a2966e432ce970c1ec93d7828c5663f376737e3501b0b174454
91530fe8963616766f3752c7f16e78b91721489efddf2d59863ae3ea674193eb
944d97642ede32b747f8a45a2973d683562ab007037619aa1403db3c6e5ffd4f
9bfded101ceabaf8f9540e11e6015fc12177551b0e7f2f3ca901428986813467
a259d353d891b477b8fa3a3f3b661f3fa240988f698f46ced8fe164dd0b7c144
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2
d6b8f273e44a7ceeffdeaefc01005036547a014940547c07630f597bd3aa586f
dde4c6eafe8a885617d06b5f4fdf9d83f400ba8ee5fd9053d23a8657a03e32d2
deedc2d17b806fe888631d39ce1516d7d359c73a67c44ef95bb24c85d441e4ec
dffefafbd98462a9de81bf4fa245d5c140607bcd71de4fea1ebe5948e947a1b9
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
eaf77f7216c558780a8e3b5702f20c39946fa6720037ba0c62f52cd17bc8ce56