urlscan.io logo urlscan.io
SecurityTrails logo

vakantie-winactie.nl-baw-promotions.com Open in urlscan Pro
34.243.65.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vm-2a-r49.ipv4.per01.ds.network/file.html?cbbbbccc290fcwwBfcdc9KcBcsH7TckzFcbbbbc
Effective URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Submission: On December 28 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 10 domains to perform 20 HTTP transactions. The main IP is 34.243.65.215, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is vakantie-winactie.nl-baw-promotions.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 21st 2019. Valid for: 3 months.
This is the only time vakantie-winactie.nl-baw-promotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 27.54.94.82 38719 (DREAMSCAP...)
1 1 35.186.245.208 15169 (GOOGLE)
2 2 52.40.184.167 16509 (AMAZON-02)
11 34.243.65.215 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:3::621 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 136.144.170.26 20857 (TRANSIP-A...)
20 6
1    27.54.94.82 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: vm-2a-r49.ipv4.per01.ds.network
vm-2a-r49.ipv4.per01.ds.network
1    35.186.245.208 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 208.245.186.35.bc.googleusercontent.com
www.blundergigantic.com
2    52.40.184.167 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-40-184-167.us-west-2.compute.amazonaws.com
traffictrck.com
dutchloader.com
11    34.243.65.215 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
vakantie-winactie.nl-baw-promotions.com
5    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
1    136.144.170.26 (Eindhoven, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: cloudwik.managedomain.nl
push.researchtip.com
Domain Requested by
11 vakantie-winactie.nl-baw-promotions.com vakantie-winactie.nl-baw-promotions.com
5 cdnjs.cloudflare.com vakantie-winactie.nl-baw-promotions.com
1 push.researchtip.com vakantie-winactie.nl-baw-promotions.com
1 cdn.onesignal.com vakantie-winactie.nl-baw-promotions.com
1 cdn.jsdelivr.net vakantie-winactie.nl-baw-promotions.com
1 code.jquery.com vakantie-winactie.nl-baw-promotions.com
1 dutchloader.com 1 redirects
1 traffictrck.com 1 redirects
1 www.blundergigantic.com 1 redirects
1 vm-2a-r49.ipv4.per01.ds.network 1 redirects
20 10

This site contains no links.

Subject Issuer Validity Valid
*.nl-baw-promotions.com
Let's Encrypt Authority X3		 2019-12-21 -
2020-03-20		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
push.researchtip.com
Let's Encrypt Authority X3		 2019-12-02 -
2020-03-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Frame ID: 4283904E90FC279FEA9B049573400575
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://vm-2a-r49.ipv4.per01.ds.network/file.html?cbbbbccc290fcwwBfcdc9KcBcsH7TckzFcbbbbc HTTP 302
    https://www.blundergigantic.com/7BZ2W/2Q2DNTG/?sub1=2_20002_2437919&sub2=1598_3316199_2067358_31&sub3=1 HTTP 302
    http://traffictrck.com/?c=12320&s1=5&s2=f0d83cb98787424dab8e4bfa925a8442 HTTP 302
    https://dutchloader.com/?c=5114&s1=352-5&s2=5e06f93337060 HTTP 302
    https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

6
IPs

5
Countries

2827 kB
Transfer

3648 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vm-2a-r49.ipv4.per01.ds.network/file.html?cbbbbccc290fcwwBfcdc9KcBcsH7TckzFcbbbbc HTTP 302
    https://www.blundergigantic.com/7BZ2W/2Q2DNTG/?sub1=2_20002_2437919&sub2=1598_3316199_2067358_31&sub3=1 HTTP 302
    http://traffictrck.com/?c=12320&s1=5&s2=f0d83cb98787424dab8e4bfa925a8442 HTTP 302
    https://dutchloader.com/?c=5114&s1=352-5&s2=5e06f93337060 HTTP 302
    https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
vakantie-winactie.nl-baw-promotions.com/
Redirect Chain
  • http://vm-2a-r49.ipv4.per01.ds.network/file.html?cbbbbccc290fcwwBfcdc9KcBcsH7TckzFcbbbbc
  • https://www.blundergigantic.com/7BZ2W/2Q2DNTG/?sub1=2_20002_2437919&sub2=1598_3316199_2067358_31&sub3=1
  • http://traffictrck.com/?c=12320&s1=5&s2=f0d83cb98787424dab8e4bfa925a8442
  • https://dutchloader.com/?c=5114&s1=352-5&s2=5e06f93337060
  • https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0e12e094e1e2f92d7a50c1279366f6165e2683dd04fc1436cd24c7f42b126068

Request headers

Host
vakantie-winactie.nl-baw-promotions.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Server
Apache
Set-Cookie
PHPSESSID=07jaon2rr3mse62bol33iv9rq4; path=/; HttpOnly
Cache-Control
max-age=0, must-revalidate, private
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

status
302
date
Sat, 28 Dec 2019 06:41:56 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://vakantie-winactie.nl-baw-promotions.com?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
server
Apache/2.4.27 (Amazon) PHP/5.6.33
x-powered-by
PHP/5.6.33
set-cookie
PHPSESSID=6f2smqav301qvl1knkvo8h8cq6; path=/
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
style.css
vakantie-winactie.nl-baw-promotions.com/css/ 		175 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/css/style.css
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7072febeb19adf357c1e103cc86838fafa9285c6b7a04933adc033124cd42066

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 15:37:38 GMT
Server
Apache
ETag
"2ba7b-599fc39718dae-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30688
396-cer-ynaqvat.css
vakantie-winactie.nl-baw-promotions.com/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/396-cer-ynaqvat.css
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7b9c73e3427ac2d2db5f9f4f91171a268bec75c5f5467611899267ec9aa2eac4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
br
cf-cache-status
HIT
age
5004162
cf-ray
54c18d2b997edfad-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 17 Dec 2020 06:41:57 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
br
cf-cache-status
HIT
age
5096664
cf-ray
54c18d2b9981dfad-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:15:38 GMT
server
cloudflare
etag
W/"5afd483a-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 17 Dec 2020 06:41:57 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
jquery-3.3.1.slim.js
code.jquery.com/ 		214 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7cd5c914895c6b4e4120ed98e73875c6b4a12b7304fbf9586748fe0a1c57d830

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-35711"
Vary
Accept-Encoding
X-HW
1577515317.dop148.fr8.shc,1577515317.dop148.fr8.t,1577515317.cds054.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64581
vue
cdn.jsdelivr.net/npm/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Sat, 28 Dec 2019 06:41:57 GMT
content-length
34100
x-served-by
cache-ams21024-AMS, cache-fra19155-FRA
etag
W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
validator.min.js
cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/validator.min.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7477ff6231f5038b5ec04b0a51298d9d5d390c36df18dde0ecd32af3ac601a1f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
br
cf-cache-status
HIT
age
19542057
cf-ray
54c18d2ba983dfad-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:15:10 GMT
server
cloudflare
etag
W/"5afd481e-1e31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 17 Dec 2020 06:41:57 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.000
jquery.fittext.min.js
cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/ 		567 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/jquery.fittext.min.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
br
cf-cache-status
HIT
age
13474432
cf-ray
54c18d2ba986dfad-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:15:11 GMT
server
cloudflare
etag
W/"5afd481f-237"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 17 Dec 2020 06:41:57 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
br
cf-cache-status
HIT
age
13474452
cf-ray
54c18d2ba989dfad-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-d34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 17 Dec 2020 06:41:57 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
logo_header.png
vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-tp-ah-test-5c7fe26d47bc5/ 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-tp-ah-test-5c7fe26d47bc5/logo_header.png
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
787cfe51e70210c126f578632cf740ca72729fb3f323afc5512e3a2c8f1cc07b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Last-Modified
Fri, 08 Mar 2019 15:27:04 GMT
Server
Apache
ETag
"464ee-58396dae558e2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
287982
canarische-eilanden_card2.png
vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/ 		462 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/canarische-eilanden_card2.png
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
98fab7cb6e4b24e5120d16eeab5726add9efe872f9c3c91d5ab1c287dd49851c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Last-Modified
Tue, 12 Nov 2019 11:35:05 GMT
Server
Apache
ETag
"73611-59724a3c20ecf"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
472593
canarische-eilanden_card3.png
vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/ 		398 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/canarische-eilanden_card3.png
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
76dd0972cf78545353bcce76854fe66073f92b74698ca557020b8d7b65b2a536

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Last-Modified
Tue, 12 Nov 2019 11:35:06 GMT
Server
Apache
ETag
"6361f-59724a3c9afef"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
407071
canarische-eilanden_card1.png
vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/ 		550 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/canarische-eilanden_card1.png
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
aeffa0a21ec7348e59246bd98887e7fc684d1421e6640bd014beee095ca1afbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Last-Modified
Tue, 12 Nov 2019 11:35:04 GMT
Server
Apache
ETag
"898a3-59724a3b9352f"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
563363
vendor.js
vakantie-winactie.nl-baw-promotions.com/js/ 		453 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/js/vendor.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cd1811f1f3ec93196cf9dc0283f2f623f7f355f0055ed1b04a185b01d75e9f9f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 15:37:41 GMT
Server
Apache
ETag
"7154b-599fc39a7ff2e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
main.js
vakantie-winactie.nl-baw-promotions.com/js/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/js/main.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
72de9c244bb3fb5f0636911f24178a85f94d791b7a08e716fedefbf376a06439

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 15:37:42 GMT
Server
Apache
ETag
"d2e0-599fc39b28e4e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15143
396-cer-ynaqvat.js
vakantie-winactie.nl-baw-promotions.com/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vakantie-winactie.nl-baw-promotions.com/396-cer-ynaqvat.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0ff2561e8b7ae569d2695703ae612b61e95c8078189803e1e5505d37b5472f22

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Cache-Control
max-age=0, must-revalidate, private
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 06:41:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2739
etag
W/"2a5de8dd720175aa229445a5937a6c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
54c18d2bb926dfc3-FRA
expires
Sat, 28 Dec 2019 18:41:57 GMT
appartement-canarische-eilanden.jpg
vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/ 		826 KB
827 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vakantie-winactie.nl-baw-promotions.com/images/nl/landingpages/nl-2019-d-reizen-canarische-eilanden-baw-5dc552461b432/appartement-canarische-eilanden.jpg
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.65.215 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-65-215.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fbbeff8c391385842a0dd3ceff7406a2ac8e420f2dda9e0eceb378a8048319f5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Last-Modified
Fri, 15 Nov 2019 10:43:14 GMT
Server
Apache
ETag
"ce90f-5976043d99bd3"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
846095
script.php
push.researchtip.com/examples/ 		720 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://push.researchtip.com/examples/script.php?url=https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Requested by
Host: vakantie-winactie.nl-baw-promotions.com
URL: https://vakantie-winactie.nl-baw-promotions.com/?aff=262&cid=5114&oid=1012&req=5e06f9341c4d9&s1=352-5&s2=5e06f93337060&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.170.26 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
cloudwik.managedomain.nl
Software
Apache /
Resource Hash
356a1f61fec442d78860cbe42d9b50b300c96cc219eadbcd57e6c6b6186daebc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 06:41:57 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
407

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Vue object| Translator object| fos object| Routing boolean| imitateProcessing function| getParamFromURL function| addslashes function| replacePlaceholders function| setValueToLocalStorage function| getAge function| getCurrentDisplayBlock function| disableDisplayBlock function| changeCoRegButtonColor function| imitationProcessingCheckData object| answersForPhoneRecheck function| telemarketingQuestionsProcess function| saveAnswersForQuestion function| createSubQuestions function| createDirectSubQuestion function| createSubQuestionInHisPosition function| removeQuestion function| getQuestions function| createPremiumQuestionsHtml function| createCheckboxQuestion function| createOneQuestion function| createQuestionImage function| initDatePicker function| createQuestionDate function| createQuestionGrid function| createQuestionFreshButton function| createQuestionRadio function| createQuestionDropdown function| createQuestionButton function| repeatProcess function| getRepeatAttrHtml function| getRecheckAttrHtml function| createRecheckingBlock object| priorityDisplayBlocks string| subdomain string| domain string| scheme string| privacyUrl string| termsUrl string| lpCookiePrivacyUrl string| sponsorPath string| amountQuestionsPerPage object| premiumQuestions string| colorButtons string| exitUrl boolean| forPreview string| pixelUrl boolean| showAllQuestions object| script object| OneSignal string| test

1 Cookies

Domain/Path Name / Value
vakantie-winactie.nl-baw-promotions.com/ Name: PHPSESSID
Value: 07jaon2rr3mse62bol33iv9rq4

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
dutchloader.com
push.researchtip.com
traffictrck.com
vakantie-winactie.nl-baw-promotions.com
vm-2a-r49.ipv4.per01.ds.network
www.blundergigantic.com
136.144.170.26
2001:4de0:ac19::1:b:1b
2606:4700::6811:4004
2606:4700::6812:e234
27.54.94.82
2a04:4e42:3::621
34.243.65.215
35.186.245.208
52.40.184.167
0e12e094e1e2f92d7a50c1279366f6165e2683dd04fc1436cd24c7f42b126068
0ff2561e8b7ae569d2695703ae612b61e95c8078189803e1e5505d37b5472f22
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
356a1f61fec442d78860cbe42d9b50b300c96cc219eadbcd57e6c6b6186daebc
7072febeb19adf357c1e103cc86838fafa9285c6b7a04933adc033124cd42066
72de9c244bb3fb5f0636911f24178a85f94d791b7a08e716fedefbf376a06439
7477ff6231f5038b5ec04b0a51298d9d5d390c36df18dde0ecd32af3ac601a1f
76dd0972cf78545353bcce76854fe66073f92b74698ca557020b8d7b65b2a536
787cfe51e70210c126f578632cf740ca72729fb3f323afc5512e3a2c8f1cc07b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b9c73e3427ac2d2db5f9f4f91171a268bec75c5f5467611899267ec9aa2eac4
7cd5c914895c6b4e4120ed98e73875c6b4a12b7304fbf9586748fe0a1c57d830
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
98fab7cb6e4b24e5120d16eeab5726add9efe872f9c3c91d5ab1c287dd49851c
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
aeffa0a21ec7348e59246bd98887e7fc684d1421e6640bd014beee095ca1afbe
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed
cd1811f1f3ec93196cf9dc0283f2f623f7f355f0055ed1b04a185b01d75e9f9f
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fbbeff8c391385842a0dd3ceff7406a2ac8e420f2dda9e0eceb378a8048319f5