URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Submission: On November 04 via manual from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 18.245.31.40, located in United States and belongs to AMAZON-02, US. The main domain is a4d5a3.mailupclient.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 8th 2024. Valid for: a year.
This is the only time a4d5a3.mailupclient.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 18.245.31.40 16509 (AMAZON-02)
12 18.173.154.67 16509 (AMAZON-02)
1 18.202.192.165 16509 (AMAZON-02)
1 34.36.213.229 396982 (GOOGLE-CL...)
3 34.107.204.85 396982 (GOOGLE-CL...)
21 5
Apex Domain
Subdomains
Transfer
13 musvc3.net
gibitre.img.musvc3.net
gibitre.musvc3.net
6 MB
4 mailupclient.com
a4d5a3.mailupclient.com
23 KB
3 beefree.io
data.pendo-pro.beefree.io
2 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 626
162 KB
21 4
Domain Requested by
12 gibitre.img.musvc3.net a4d5a3.mailupclient.com
4 a4d5a3.mailupclient.com a4d5a3.mailupclient.com
3 data.pendo-pro.beefree.io cdn.pendo.io
1 cdn.pendo.io a4d5a3.mailupclient.com
1 gibitre.musvc3.net a4d5a3.mailupclient.com
21 5

This site contains links to these domains. Also see Links.

Domain
gibitre.musvc3.net
Subject Issuer Validity Valid
*.mailupclient.com
Amazon RSA 2048 M03
2024-02-08 -
2025-03-07
a year crt.sh
*.musvc1.net
Amazon RSA 2048 M02
2024-01-31 -
2025-02-28
a year crt.sh
*.musvc0.net
R10
2024-10-11 -
2025-01-09
3 months crt.sh
cdn.pendo.io
WR3
2024-09-19 -
2024-12-18
3 months crt.sh
data.pendo-pro.beefree.io
WR3
2024-10-08 -
2025-01-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Frame ID: BC529906748AED02A1F52EDB2F926226
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

GIbitre Instruments - New LASER REVOLUTION HARDNESS CHECK-DRIVE

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

5976 kB
Transfer

6337 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
a4d5a3.mailupclient.com/f/rnl.aspx/
50 KB
19 KB
Document
General
Full URL
https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-40.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c802f774b025065434a4875e8c38af535c51403bea63a9aa1f453a87c63d1c38
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
private
content-encoding
gzip
content-length
18486
content-type
text/html; charset=utf-8
date
Mon, 04 Nov 2024 02:00:41 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
x-amz-cf-id
fQkQpn6O5isDW7oB3ZrPJ-YhwvE-xNtTbf95r_3MDud42-pP8ZlVMg==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
Logo_Scritta_Ombra.jpg
gibitre.img.musvc3.net/static/144513/assets/shared/
108 KB
109 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/shared/Logo_Scritta_Ombra.jpg
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
e7ecb51fd03a58adc37c294cdbcb2086ca76f6b6105319177e220a388755fff4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"fc2685cb670f83b914ca3460ec18e0a9"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
111036
X-Amz-Cf-Id
fOsFXBqjAWvjtQNkAqDoVm2neZbVfI-_o6Yqk2h7Y1f_LhupS5GffQ==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 30 Jul 2020 17:05:42 GMT
X-Amz-Cf-Pop
MUC50-P3
DuMiRe_Dett_01.png
gibitre.img.musvc3.net/static/144513/assets/1/
844 KB
844 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/DuMiRe_Dett_01.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
07529e13237a2a3cd0ae44e36108db90c718264f467b870d06ffb140a3c5c54a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"b50cc78f9375ed017b3309b34c54625a"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
863842
X-Amz-Cf-Id
Ax3ILMFebJwwG-CoB_H2S_VngMf9Wqxg111G1ZmMJv6Hl2bJQjGcGg==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 14:43:46 GMT
X-Amz-Cf-Pop
MUC50-P3
Cambio_Teste.png
gibitre.img.musvc3.net/static/144513/assets/1/
708 KB
708 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/Cambio_Teste.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
14f0e2d44f2311438b49fa108ca7c00bd2a81e16f1d19f2c16056abbb767bc00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"d863cceb840520306f145bd2f948f0ca"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
724756
X-Amz-Cf-Id
cRsZPqCPgMRnEP1WdEJwfcOvlSa8RhGki_NbN2oYAGG_fI4wr9lLCg==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 15:12:53 GMT
X-Amz-Cf-Pop
MUC50-P3
LaserRevolutionDrtive-IRHD%20N_p.png
gibitre.img.musvc3.net/static/144513/assets/1/
724 KB
725 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/LaserRevolutionDrtive-IRHD%20N_p.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
7f1b846e2a8127b83ef521066e846bb8054391ba0267df557f1aa3aaff4ea14f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"72137e4a72fcd8804587e3774d21f8da"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
741483
X-Amz-Cf-Id
oVX8JRbRiTKA8XnpTB6UywxID33UXprgefHaGkZALao2YHn3tdwF-A==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 17:09:26 GMT
X-Amz-Cf-Pop
MUC50-P3
Samples_Shore.png
gibitre.img.musvc3.net/static/144513/assets/1/
121 KB
121 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/Samples_Shore.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
ad5428312881c513f0238a0f1af237e88219475f234c5668da4ec2ad0fa79309

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"70f28944f3ca751e4f901c381255efc4"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
123503
X-Amz-Cf-Id
C5LwS8RCo2o1naRYZ2pHIW63fWH-E2w3WFE8QEXO9eKzUWsaHEfR3g==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 15:35:18 GMT
X-Amz-Cf-Pop
MUC50-P3
DuMiRe_Dett_02.png
gibitre.img.musvc3.net/static/144513/assets/1/
1 MB
1 MB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/DuMiRe_Dett_02.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
8f58ed7ebd9816a011f85b7e136e8694ce8b17c352c8f92ac3a17cae7fdcfdae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"b361e9e5f9c6adf82153bd8c85bd03cc"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1323287
X-Amz-Cf-Id
gMhFOctoerUzf-O229B_eeHraospb_25uwmU8fhx8H4WiqjLLe2lwA==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 17:52:24 GMT
X-Amz-Cf-Pop
MUC50-P3
Part_Custom_001.png
gibitre.img.musvc3.net/static/144513/assets/1/
97 KB
97 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/Part_Custom_001.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
e2e334df44bcde78e7e883c7c561f69dca735cc84149165a1360e8811cad3b62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"e16ea6170ab1e074c2bfec827920dc83"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
99114
X-Amz-Cf-Id
O0zXlHkN8eftheM5AkZQm1cZPIKrk3W1ET0-5F0yYkqNHXQxESVKyA==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 15:45:22 GMT
X-Amz-Cf-Pop
MUC50-P3
Pc_Hardness.png
gibitre.img.musvc3.net/static/144513/assets/1/
2 MB
2 MB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/Pc_Hardness.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
0c7f2519132c625560172b1ff2903de660d9c5ac143d07575b2250809e6b16af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"b426e60f9a25e59b06ed911165fb73b1"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1748987
X-Amz-Cf-Id
fWIJMShr1FJVT59V8UET3stBooCoh_tRifaJ_oJE9y_V0nLZyyPBkw==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 15:53:10 GMT
X-Amz-Cf-Pop
MUC50-P3
LogoAccrediaBreve(0).png
gibitre.img.musvc3.net/static/144513/assets/1/
178 KB
178 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/assets/1/LogoAccrediaBreve(0).png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
1df613491d447d37fb405d215e7e9208bbd465d42cde7a86b0028cda548373ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"5ffd400aed6d893be7b6b827485bef59"
Age
477
X-Extra-Info-Account-Id
144513
Connection
keep-alive
Via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
181832
X-Amz-Cf-Id
Z1qBAAKVF9q731djuCU5x4vB8OODX-ucCe682JIPhdvYbNUlHTYbDA==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Oct 2024 17:48:59 GMT
X-Amz-Cf-Pop
MUC50-P3
linkedin@2x.png
gibitre.img.musvc3.net/static/144513/images/social/circle-color/
2 KB
2 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/images/social/circle-color/linkedin@2x.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
9ced501d2eb40b9d7a3d214a9dfbf38798b8501458712cc420bd59fd8401fe19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"9d28dac4e3e815c2e23f167867ccb97c"
Age
478
Connection
keep-alive
Via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1945
X-Amz-Cf-Id
nquCX_gawViGhoko_GF4gGkeHOpictxsJ89BYldPNHEznqQnq3mDtA==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 02 Aug 2021 10:21:49 GMT
X-Amz-Cf-Pop
MUC50-P3
youtube@2x.png
gibitre.img.musvc3.net/static/144513/images/social/circle-color/
2 KB
3 KB
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/images/social/circle-color/youtube@2x.png
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
3b6d6af7db1c2cb27fa09c999a17ba97be66c5d706af75b18471ba4584dee06b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"9d28dac4e3e815c2e23f167867ccb97c"
Age
478
Connection
keep-alive
Via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
2119
X-Amz-Cf-Id
zqIONGs-1uW8Ca7BpluPcaVp9wxeMb47fymZjOI9S8aJ5KUhTewHsg==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/png
Last-Modified
Mon, 02 Aug 2021 10:21:49 GMT
X-Amz-Cf-Pop
MUC50-P3
trans.gif
gibitre.img.musvc3.net/static/144513/images/footer/
43 B
667 B
Image
General
Full URL
https://gibitre.img.musvc3.net/static/144513/images/footer/trans.gif
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-67.muc50.r.cloudfront.net
Software
/
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

Cache-Control
public, max-age=1200
ETag
"6b638d2f4f10f6e9d24889a448957ed6"
Age
478
Connection
keep-alive
Via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
43
X-Amz-Cf-Id
mTSIQ2wttNSaBJJ7143xFzuscYkOcG8OCEIon_l2A85TOpHcrlsfZw==
Date
Mon, 04 Nov 2024 01:52:44 GMT
Content-Type
image/gif
Last-Modified
Mon, 02 Nov 2015 14:04:11 GMT
X-Amz-Cf-Pop
MUC50-P3
c
gibitre.musvc3.net/e/
74 B
235 B
Image
General
Full URL
https://gibitre.musvc3.net/e/c?q=9%3d8YDa8X%26v%3dW%26u%3dVC%26K%3d8bHWC%26C%3dI7h6k8ian8Ea-BdjW-DYEA-lAG9-I8C7lWF6mYhb%26sO%3dAeFZ%26k%3dH5O38C.JlO%264%3da0ZDW8WJf
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.192.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-192-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
4efd6006709a6baf14e224b9b07b0f0b
cache-control
no-cache
date
Mon, 04 Nov 2024 02:00:41 GMT
content-type
image/png
frontendPendoLoader.js
a4d5a3.mailupclient.com/js/
2 KB
2 KB
Script
General
Full URL
https://a4d5a3.mailupclient.com/js/frontendPendoLoader.js
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-40.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM

Response headers

content-encoding
gzip
etag
"0841794e125db1:0"
age
57
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
3RAtMwuVLdLEQd_s2z1wJ8YLGI_x30XNlwnZSikZfOv1znW1RSRqWA==
date
Mon, 04 Nov 2024 02:00:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 06:54:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=1200
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1270
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
pendo.js
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/
498 KB
162 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/js/frontendPendoLoader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5d444e89d6377f850a3372d543e7e32cb8e9d5e91b4bf6f6bfca45d12fbed8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=tbtsfg==, md5=KNWMIzRw4tCpgHhuWBVXjw==
etag
"28d58c233470e2d0a980786e5815578f"
age
1170
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
164981
date
Mon, 04 Nov 2024 01:41:11 GMT
last-modified
Thu, 31 Oct 2024 18:13:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0qGnyk6fCjiAsIDurQ3KdiVox8EpNb1cLDzH2cLZkuHnwsQqZVgaFHbgLiBkD0JRxgiLpS9PvwWw
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=450
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730398433147645
content-length
164981
server
UploadServer
GetPendoSettings
a4d5a3.mailupclient.com/frontend/webMethods/Console.asmx/
60 B
482 B
XHR
General
Full URL
https://a4d5a3.mailupclient.com/frontend/webMethods/Console.asmx/GetPendoSettings
Requested by
Host: a4d5a3.mailupclient.com
URL: https://a4d5a3.mailupclient.com/js/frontendPendoLoader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-40.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4dd74dc71d7842bf1331dd6fef9683a221004d7659ff4dad1e5deba7b8f7848a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Referer
https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM

Response headers

strict-transport-security
max-age=15768000
cache-control
private, max-age=0
x-content-type-options
nosniff
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
60
x-amz-cf-id
BMMtFwZhOA3Cnpr2ppQNx4rbv989T1XiUvI8ioM-bxkP5xJmBqawpQ==
x-xss-protection
1; mode=block
date
Mon, 04 Nov 2024 02:00:41 GMT
content-type
application/json; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P8
vary
Accept-Encoding
favicon.ico
a4d5a3.mailupclient.com/
1 KB
2 KB
Other
General
Full URL
https://a4d5a3.mailupclient.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-40.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9063c91acbe12169ea933d2aa5226a7b01f55affa6fcdc444d49ea2ec2e7c457
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/f/rnl.aspx/?fgf=rtwnv_a9fe=q_bd9=ns_9-39.=4a5k1b79c2a8fc9gd6&.1&x=pp&swa45723ca/96d=tzwqNCLM

Response headers

etag
"0841794e125db1:0"
age
53
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
LXVbm4liOeJRVVutwfkCEYYPpH5XWQHAbAj9MU_dzBZ3vMkVKO1kWA==
date
Mon, 04 Nov 2024 02:00:42 GMT
content-type
image/x-icon
last-modified
Thu, 24 Oct 2024 06:54:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=1200
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1406
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/ptm.gif/
42 B
103 B
Image
General
Full URL
https://data.pendo-pro.beefree.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.253.1_prod&ct=1730685642434&jzb=eJzVk9Fr2zAQxv8XP-Qpsy1ZluOAKSVsMGg6WFYYjGHOlpypk2VHkpMmJf97z21nuj2UPQxG_WTdd3f67n7o233gj70MloES0njVHIN5UNnu4KQtvWpRIVkS80XKGWUkmwd75ZTvbKkEFsWYDXXdDcY_BQhjKUkwOliNxx_e924ZRcBECknYgtJDX2uFV4V110ZNZI0OwfV30UWzbQrrD2ZfQt7IYldWIi-MK_N3SR4WDNKfpMrymsKiqfOt4LOQzO6Kvp-5A7A0o0kNUc5F4U-H3fXqao0metv1LljeB50W5UufZtD6L0c5YxuwaPgLVB-nUv90CJoPn9v3K3qsVLy5jNMTNmkstPJRhPVK6FP_9XajB766-oSik7tBmhrXGuOej16ivSTLz_OJQys9vMaA0jfK4Nn0-Dv51mC2A2zHuaUpbzbjtp9nmfL-5HA56RgS4MfimEWERDSmDJvupXWqMximIU2TkJToQfxzkG685FGWllM-XDe361ZX2eHmN85k4syy9AVn3YF4lXP6RjmPg_0aB3NDHo9fsiCM59l_goBvZnps_Pz9AYq7kAk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
48
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 04 Nov 2024 02:00:42 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*
da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/guide.js/
3 KB
2 KB
Script
General
Full URL
https://data.pendo-pro.beefree.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?id=12&jzb=eJxFj8FOAyEYhN-FQ08VCsu2sgkxxpOJejF63fwFdiVSoMC2jabvXmp0vf0zA5P5vtHBZltCetSoQyu0RKBUmHz50ZTzljbVnJKr8qOUmDtCgOsWGrwD66aonDW-YBV2ZCDJOww5nsjdMA4ylaM_9CAGI_f9Vgvpcy9uGoElh_aTbjdCMbgdlBj1eoHp4iRjXOQj8HbDGgVErLUsX8f9y8PTcx0RnH7_H-sn55ZoZwpoKIC6meR62j8aB36cYDRVGt-_vaLzTDi_-6WsSYRUWe7nvFq1_Pp5xQmlhK0Yr6UHk7INvtoMs7bBtI8paHQ-XwDuUGku&v=2.253.1_prod&ct=1730685642436
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0debc653ec30a32e900c5d44fdaa55103334f43cbc74f94c51ebbb009451592a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

access-control-max-age
600
content-encoding
gzip
access-control-allow-methods
GET,POST
x-content-type-options
nosniff
alt-svc
clear
date
Mon, 04 Nov 2024 02:00:42 GMT
content-type
application/javascript
access-control-allow-headers
*
strict-transport-security
max-age=63072000
cache-control
no-store
x-envoy-upstream-service-time
26
access-control-allow-credentials
false
via
1.1 google
access-control-allow-origin
*
content-length
1361
server
istio-envoy
da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/guide.gif/
42 B
115 B
Image
General
Full URL
https://data.pendo-pro.beefree.io/data/guide.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730685642438&v=2.253.1_prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a4d5a3.mailupclient.com/

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
31
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 04 Nov 2024 02:00:42 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pendo object| _pendo_OHgEBmIv

1 Cookies

Domain/Path Name / Value
a4d5a3.mailupclient.com/ Name: BIGipServercu_front_80_pool
Value: !WIjWdM0VcYQcBPVUXMs9ewgVEiLeb/46fYvCkh5CBth79EicKUj9xbACi0r9HXJ00Lwlx346zgadjUg=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4d5a3.mailupclient.com
cdn.pendo.io
data.pendo-pro.beefree.io
gibitre.img.musvc3.net
gibitre.musvc3.net
18.173.154.67
18.202.192.165
18.245.31.40
34.107.204.85
34.36.213.229
07529e13237a2a3cd0ae44e36108db90c718264f467b870d06ffb140a3c5c54a
0c7f2519132c625560172b1ff2903de660d9c5ac143d07575b2250809e6b16af
0debc653ec30a32e900c5d44fdaa55103334f43cbc74f94c51ebbb009451592a
14f0e2d44f2311438b49fa108ca7c00bd2a81e16f1d19f2c16056abbb767bc00
1df613491d447d37fb405d215e7e9208bbd465d42cde7a86b0028cda548373ae
3b6d6af7db1c2cb27fa09c999a17ba97be66c5d706af75b18471ba4584dee06b
4dd74dc71d7842bf1331dd6fef9683a221004d7659ff4dad1e5deba7b8f7848a
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
7f1b846e2a8127b83ef521066e846bb8054391ba0267df557f1aa3aaff4ea14f
8f58ed7ebd9816a011f85b7e136e8694ce8b17c352c8f92ac3a17cae7fdcfdae
9063c91acbe12169ea933d2aa5226a7b01f55affa6fcdc444d49ea2ec2e7c457
9ced501d2eb40b9d7a3d214a9dfbf38798b8501458712cc420bd59fd8401fe19
ad5428312881c513f0238a0f1af237e88219475f234c5668da4ec2ad0fa79309
b5d444e89d6377f850a3372d543e7e32cb8e9d5e91b4bf6f6bfca45d12fbed8b
c802f774b025065434a4875e8c38af535c51403bea63a9aa1f453a87c63d1c38
e2e334df44bcde78e7e883c7c561f69dca735cc84149165a1360e8811cad3b62
e7ecb51fd03a58adc37c294cdbcb2086ca76f6b6105319177e220a388755fff4
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0