urlscan.io logo urlscan.io
SecurityTrails logo

start.waldo.fyi Open in urlscan Pro
3.69.136.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.waldo.fyi/v1/track?utm_medium=email&utm_source=apollo&utm_campaign=v9&utm_term=MR1B&redirect=https://start...
Effective URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Submission: On August 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is start.waldo.fyi.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.
This is the only time start.waldo.fyi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.138.17.42 16509 (AMAZON-02)
1 3.69.136.55 16509 (AMAZON-02)
2 13.32.99.44 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 99.86.247.218 16509 (AMAZON-02)
1 54.236.100.80 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
30 10
1    108.138.17.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-42.fra56.r.cloudfront.net
api.waldo.fyi
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
start.waldo.fyi
2    13.32.99.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-44.fra60.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:2250:1600:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    99.86.247.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-218.vie50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    54.236.100.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-100-80.compute-1.amazonaws.com
events.ub-analytics.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
55 KB
4 gstatic.com
fonts.gstatic.com
110 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 17276
36 KB
2 waldo.fyi
api.waldo.fyi
start.waldo.fyi
9 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 24364
245 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
30 8
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net start.waldo.fyi
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com start.waldo.fyi
www.google-analytics.com
2 d34qb8suadcc4g.cloudfront.net start.waldo.fyi
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com start.waldo.fyi
1 events.ub-analytics.com start.waldo.fyi
1 fonts.googleapis.com builder-assets.unbounce.com
1 www.googletagmanager.com start.waldo.fyi
1 start.waldo.fyi
1 api.waldo.fyi 1 redirects
30 10

This site contains no links.

Subject Issuer Validity Valid
start.waldo.fyi
R3		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.ub-analytics.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Frame ID: 08890C62FA0146F72456913DED60921A
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://api.waldo.fyi/v1/track?utm_medium=email&utm_source=apollo&utm_campaign=v9&utm_term=MR1B&re... HTTP 302
    https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

30
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

232 kB
Transfer

459 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.waldo.fyi/v1/track?utm_medium=email&utm_source=apollo&utm_campaign=v9&utm_term=MR1B&redirect=https://start.waldo.fyi/research_lp/ HTTP 302
    https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
start.waldo.fyi/research_lp/
Redirect Chain
  • https://api.waldo.fyi/v1/track?utm_medium=email&utm_source=apollo&utm_campaign=v9&utm_term=MR1B&redirect=https://start.waldo.fyi/research_lp/
  • https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
52 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
017058329bff5db39147a76d5af83ceb608b56c3e7e75952d4f7a9d48a03a750

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-location
https://start.waldo.fyi/research_lp/
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 00:12:08 GMT
etag
"a:0a64eb50bf8e94ec539e56c32de93bd1"
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
link
<https://start.waldo.fyi/research_lp/>; rel="canonical"
p3p
CP="This is not a privacy policy."
transfer-encoding
chunked
x-proxy-backend
page-server
x-unbounce-pageid
5003cbd5-ae82-440e-beef-2c894a2b1c54
x-unbounce-variant
a
x-unbounce-visitorid
b8ae3e7e-bcbe-4466-b9c1-6de1254fd4f0

Redirect headers

content-length
2
content-type
application/json; charset=utf-8
date
Fri, 12 Aug 2022 00:12:08 GMT
location
https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
vary
Origin
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-apigw-id
WuUh2EJPCYcFueQ=
x-amz-cf-id
HL5EMvUmJwcWiU3H_43MJ6203KxTy4VNkoWKTDec22go_jiR-GH85Q==
x-amz-cf-pop
FRA56-P7
x-amzn-remapped-content-length
2
x-amzn-requestid
0fb94319-8b6e-4a60-bdcb-02f5aad58e56
x-amzn-trace-id
Root=1-62f59ad8-533a3123552f099e1de266cd;Sampled=0
x-cache
Miss from cloudfront
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 01:12:18 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 22:28:54 GMT
server
AmazonS3
age
16239592
etag
"43729a62fb549c1f6784cd5cc32082e0"
x-cache
Hit from cloudfront
x-amz-version-id
kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
1gFotwEih7sDOCcy5_kxogPBz7harSxXhrQ1jE_iVmr9Fc3jAKtmOA==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 05 May 2022 05:19:25 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
8535165
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
d5Rr1wE6Kag01QS9WonJ8WLVVwwcrwtGunfcBZOWJUv6UjezNq2B6Q==
main.bundle-384ff03.z.js
builder-assets.unbounce.com/published-js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 17:18:57 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 16:47:26 GMT
server
AmazonS3
age
3307993
etag
"1825a0c47b2e38b6cf30a4072987bce1"
x-cache
Hit from cloudfront
x-amz-version-id
8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
33495
x-amz-cf-id
29E2KeI_mX5-Gr38Ssf4zbX6xVco-hxGv_i9cOW3hDArTiqfvnIDyA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4209
date
Thu, 11 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 01:02:00 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
13761874
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
yxSc5A94KgKxy-5DquLwmpRqEPkzBr2KVv81RXn3Xm1dp1aObXD3Bw==
3e1f3ded-8221-4461-9742-487df8767988
https://start.waldo.fyi/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://start.waldo.fyi/3e1f3ded-8221-4461-9742-487df8767988
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CArvo:italic%7CLato:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffd48a41aa59707f0f3d944143567b17be7f5c98810e4034a5299b21c443b0f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:12:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:12:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:12:09 GMT
888cd57a-waldo-logo-white_103v010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/888cd57a-waldo-logo-white_103v010000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"72a11ad5edc2ad213086494336773faf"
x-cache
Hit from cloudfront
x-amz-version-id
Ytm2wYeLNWKto3MElkPkj5hcRoCYCCVu
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
1465
x-amz-cf-id
ffzsFErTpLrTjOrPAY6u55LhxSHYQXatrISPq5H5KUy8a9Q3IXi0Dw==
0196f7f9-waldo-logo_103400t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/0196f7f9-waldo-logo_103400t000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"9d9e235e2d7d9cca33b359941bf9140c"
x-cache
Hit from cloudfront
x-amz-version-id
Bb4kfzNC5cVsUaS.oUw6avy9TgxlpSg_
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
1022
x-amz-cf-id
1FmqtSUa-XbTGRLA3ArjWdqPi1Z3VWjH9Q2eGC1rWZOnv0Zdx6SN5A==
123ece73-folder_1018018000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		506 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/123ece73-folder_1018018000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"b6b9ebe4f01dc5272cfae5618dd0ee75"
x-cache
Hit from cloudfront
x-amz-version-id
yefFwk60yEYZdlEyO48gZKBg2v2xNCkI
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
506
x-amz-cf-id
Wp8FXxTCFzKo71u8N5pBoW69iIX74IlLk95vLOpyVB0yOQfoCLCGDQ==
8163fd25-love_1012012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		584 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/8163fd25-love_1012012000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"ce4d16a0a075094dcd6e98ba04a0cf1b"
x-cache
Hit from cloudfront
x-amz-version-id
S2eq4.mHh681N4if3wMY4atyzFmDuvsI
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
584
x-amz-cf-id
J0E12fSzdvnuD_choSW8i6SiCZfOTXR9_NRD0rU_A8p-ctJb0lliUQ==
5b90f216-textio_102l01d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		866 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5b90f216-textio_102l01d000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"7b2838c0b9f1f0ce43649926389b7fce"
x-cache
Hit from cloudfront
x-amz-version-id
QEMGwZdynpk0HM7aSWKQ5.CASGR3BblY
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
866
x-amz-cf-id
F1rJGZi37Z4nebuaJ8AGmHmucOIYniOa99MZ5PHLR31T0W-MntzJNw==
5e58a377-cox_108304807b04800g000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5e58a377-cox_108304807b04800g000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"5a5a696336f254b042417d4921041d12"
x-cache
Hit from cloudfront
x-amz-version-id
xPXQcx4CYrHx_H1XXB_vP6YVrKVRjccU
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
3097
x-amz-cf-id
nZgM5VmU-ft_Z4fMxhMVYOQx7wvblSTyHV6kXLt4fUFaWn41T5FFCA==
5c522ac2-mck_108a02j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5c522ac2-mck_108a02j000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:03 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54667
etag
"d80c807056603814a65e113faeb7bc5b"
x-cache
Hit from cloudfront
x-amz-version-id
371._R6iUP40cCk08pUPiGxwVtphiJKa
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
4431
x-amz-cf-id
DLt1iL-tbQWsQ0pdxidFGZeSsQYqp8lRxnoq1KARr0o-AZhB_87cjw==
ab0a0b80-arrow_1018018000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		434 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ab0a0b80-arrow_1018018000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"2a1b0a29eb7be01c723b6542e036b2eb"
x-cache
Hit from cloudfront
x-amz-version-id
Ccvj.Hvz._R4rn20YljQwWiInp.hVUV9
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
434
x-amz-cf-id
HpCv2l2j334c3D9f9qC3V-LnRheSO-VVhY4XllUJboPJe9rxCp3nBA==
ecaf6d7c-idea_1013013000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		550 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ecaf6d7c-idea_1013013000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"a1ba14487783e14cecef223241c27f73"
x-cache
Hit from cloudfront
x-amz-version-id
K2qiW2da47Dh1auF16xQJ5pKi3e2yvem
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
550
x-amz-cf-id
BT7yQK7VtnFydkR28okNDd91yLMGoo1TgTYr0XpHflTKIMo-S-Ua7g==
7234cff4-meta-logo_102b00v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		786 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/7234cff4-meta-logo_102b00v000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"ba153e420f6ef64bbf903a74fd7083d5"
x-cache
Hit from cloudfront
x-amz-version-id
sNyvUz7elw1KfZB.k_0ZU0tblTJq0gRX
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
786
x-amz-cf-id
10JQ3ZJVEYXRJee9-vLgmL27aV5WKhU7Tnwi6WSVjP-v8w3rOvhhOA==
6643a81e-bloomberg-logo_103p01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/6643a81e-bloomberg-logo_103p01e000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"99e014db102e3e5c940852f80e8f73dc"
x-cache
Hit from cloudfront
x-amz-version-id
nKLZp2pZ6U_MUnew2c1mdbAyDQ1WDEqq
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
1121
x-amz-cf-id
yJtVNZ7SJ3PCfaw00Npc1GLmnZIWy9D51iQc4QJ1ZZN5NfLrAEBeSw==
d2dd3b1d-penn-logo_101z00r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		546 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/d2dd3b1d-penn-logo_101z00r000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"f1b1f891cb4d41fbf0ec782c0e9cc6a0"
x-cache
Hit from cloudfront
x-amz-version-id
PaX6KYYp13N.vhoIeU6E0p_UPba6vt1g
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
546
x-amz-cf-id
VzKEV9tO9AqROpa22T0YoitJpcoNpShapLleYOs_TR0_Poj5HUXMbw==
f1a667b9-stanford-logo_1033015000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/f1a667b9-stanford-logo_1033015000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"e663d7d8dbce3d84fee68f943786cfa6"
x-cache
Hit from cloudfront
x-amz-version-id
3GdwsDKyzBiF0pWCYf0koxkmlP5wi78a
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
1155
x-amz-cf-id
xcyZPL5bW8Zc2WnKeCCDp0ksUv0Dcxqbw98k-2QU-_OauV6l5iSjZQ==
a90d8afa-unilever-logo_103b019000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/a90d8afa-unilever-logo_103b019000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-218.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:01:04 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 00:38:01 GMT
server
AmazonS3
age
54666
etag
"31d9f916773408968511a61a1a4fe843"
x-cache
Hit from cloudfront
x-amz-version-id
IiicJU4aAzDrdLBqfCkxS01YCWOtPkSN
cache-control
max-age=31557600
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/png
content-length
1592
x-amz-cf-id
g_g5VRbJh4jp0xCWHshO-8tKRKmt0Pq5M_zuE25uem_DOCKPh0APWA==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1660263129170&e=pv&url=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dv9%26utm_medium%3Demail%26utm_source%3Dapollo%26utm_term%3DMR1B&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=44d6129e-151a-4a1c-bc76-7546019f55ec&dtm=1660263129167&vp=1600x1200&ds=1600x2494&vid=1&sid=f2881d34-b62d-4446-913c-dfaf9c60eef0&duid=69aae7c9-c29d-4eef-8c67-390152c5b6f4&uid=b8ae3e7e-bcbe-4466-b9c1-6de1254fd4f0&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTAwM2NiZDUtYWU4Mi00NDBlLWJlZWYtMmM4OTRhMmIxYzU0IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=v9&utm_medium=email&utm_source=apollo&utm_term=MR1B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.100.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-100-80.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:12:09 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1145764807&t=pageview&_s=1&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dv9%26utm_medium%3Demail%26utm_source%3Dapollo%26utm_term%3DMR1B&dp=%2Fresearch_lp%2Fa%3Futm_campaign%3Dv9%26utm_medium%3Demail%26utm_source%3Dapollo%26utm_term%3DMR1B&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1969807914&gjid=410320978&cid=119496044.1660263129&tid=UA-202760123-1&_gid=548003661.1660263129&_r=1&_slc=1&z=1518310689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.waldo.fyi/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:12:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://start.waldo.fyi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 06:43:45 GMT
x-content-type-options
nosniff
age
581304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26100
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:41:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Aug 2023 06:43:45 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:26:35 GMT
x-content-type-options
nosniff
age
103534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:26:35 GMT
tDbN2oWUg0MKqSIg75Tv.woff2
fonts.gstatic.com/s/arvo/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arvo/v20/tDbN2oWUg0MKqSIg75Tv.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:03:30 GMT
x-content-type-options
nosniff
age
126519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16932
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 13:03:30 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options
nosniff
age
198240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:08:09 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1145764807&t=timing&_s=2&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dv9%26utm_medium%3Demail%26utm_source%3Dapollo%26utm_term%3DMR1B&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1422&pdt=1&dns=0&rrt=623&srt=14&tcp=18&dit=1032&clt=1032&_gst=993&_gbt=1089&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=119496044.1660263129&tid=UA-202760123-1&_gid=548003661.1660263129&z=621218458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 13:07:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39864
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ub string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
start.waldo.fyi/research_lp/ Name: ubpv
Value: a%2C5003cbd5-ae82-440e-beef-2c894a2b1c54
api.waldo.fyi/ Name: utm
Value: %7B%22utm_campaign%22%3A%22v9%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22apollo%22%2C%22utm_term%22%3A%22MR1B%22%7D
start.waldo.fyi/ Name: ubvs
Value: b8ae3e7e-bcbe-4466-b9c1-6de1254fd4f0
.waldo.fyi/ Name: ubvt
Value: b8ae3e7e-bcbe-4466-b9c1-6de1254fd4f0
.waldo.fyi/ Name: _ga
Value: GA1.2.119496044.1660263129
.waldo.fyi/ Name: _gid
Value: GA1.2.548003661.1660263129
.waldo.fyi/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.waldo.fyi
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
start.waldo.fyi
www.google-analytics.com
www.googletagmanager.com
108.138.17.42
13.32.99.44
2600:9000:2250:1600:1d:11cf:5800:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
3.69.136.55
54.236.100.80
99.86.247.218
017058329bff5db39147a76d5af83ceb608b56c3e7e75952d4f7a9d48a03a750
0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b
64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469
a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886
aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3
eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13
ffd48a41aa59707f0f3d944143567b17be7f5c98810e4034a5299b21c443b0f6