urlscan.io logo urlscan.io
SecurityTrails logo

enews.4wd.com Open in urlscan Pro
104.18.28.128  Public Scan

Go To Rescan Add Verdict Report
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 104.18.28.128, located in and belongs to CLOUDFLARENET, US. The main domain is enews.4wd.com.
This is the only time enews.4wd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.18.28.128 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 93.184.220.43 15133 (EDGECAST)
9 104.18.6.244 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
21 5
4    104.18.28.128 (None, )

ASN13335 (CLOUDFLARENET, US)
enews.4wd.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)
mediacdn.espssl.com
9    104.18.6.244 (None, )

ASN13335 (CLOUDFLARENET, US)
recs.listrakbi.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 recs.listrakbi.com enews.4wd.com
6 mediacdn.espssl.com enews.4wd.com
4 enews.4wd.com 1 redirects enews.4wd.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com enews.4wd.com
21 5

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
s3.wac.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-26 -
2022-11-26		 a year crt.sh
listrakbi.com
Cloudflare Inc ECC CA-3		 2021-08-09 -
2022-08-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Frame ID: 124F4ECF98B1E90E8B6D57CB1BD32839
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop What's #Trending at 4WP

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

86 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

444 kB
Transfer

486 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://enews.4wd.com/q/y40I-uhXZCk6Q3enCbqxVrKvbKasO_7tm3 HTTP 302
  • http://enews.4wd.com/q/8Tb5nAhWoGKMaiB9Ojy8QFzG45PvRzOjjx

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
enews.4wd.com/q/ 		43 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
HTTP/1.1
Server
104.18.28.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
47fd8c50b925e91a4cbf62b13ef92d94a07b1bb2e293c85f8a951b15e1877165

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 21 Dec 2021 13:29:47 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
6c1176147a9668e9-FRA
Content-Encoding
gzip
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:500,500i,700,700i|Roboto+Condensed:400,400i,700,700i|
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bbb98afc550ff6e144240acc575e5f1b75207f942cc0c78266c2bd5651db8ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 13:29:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 21 Dec 2021 13:29:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Dec 2021 13:29:47 GMT
2020.10.15-4WP-NEW-LOGO.png
mediacdn.espssl.com/7816/Shared/4WP/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/2020.10.15-4WP-NEW-LOGO.png
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
2f99ea24ef48123c34dff6d135374fe3940365c3c9a584ab85020fb6bbd6f0df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Fri, 16 Oct 2020 17:03:15 GMT
server
ECS (frb/67BC)
age
58614
etag
"69d2e13cdea3d61:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
8237
2021-05-13-MONTHLONG-H1.jpg
mediacdn.espssl.com/7816/Shared/4WP/ 		317 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/2021-05-13-MONTHLONG-H1.jpg
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
cfaa8a955a5f6920e57ca7be8d4f64cd73a50a7bbd4b153391e91cf4721a43fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Sat, 15 May 2021 06:37:25 GMT
server
ECS (frb/67D5)
age
167
etag
"9884dc45449d71:0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
324253
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/21/178/198/email/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/21/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d942d10a892474b9b40a962ee7b3154580af241d2e6fc7048fb35fe1f376332

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191dac68e6-FRA
x-aspnet-version
4.0.30319
content-length
8472
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/21/178/198/email/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/21/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86cf8327fb8889fef9d4b412f1d3f3ae14f8b6bb2bbf558d8bf22b573e1a2b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191dae68e6-FRA
x-aspnet-version
4.0.30319
content-length
8758
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/21/178/198/email/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/21/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d10ab106ff6e5094c0f51c675e8138749387a725e439aa0954b6226d338f54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191db068e6-FRA
x-aspnet-version
4.0.30319
content-length
6681
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/240/178/198/email/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/240/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1872660de0fa3a62ba5590f874c7d7e0a6d104c25c8e11043564e9a25ce5bc2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191db268e6-FRA
x-aspnet-version
4.0.30319
content-length
6646
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/240/178/198/email/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/240/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e406fb8d09efa1287dd0f01d6cbd9e171290240f19db780e6b1ad0a3e6efd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191db468e6-FRA
x-aspnet-version
4.0.30319
content-length
7124
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/240/178/198/email/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/240/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3960fe37e9dace35f6f6aaa53f58f8a60a951a7755fcd0738fbd221a031a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176191db668e6-FRA
x-aspnet-version
4.0.30319
content-length
8424
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/459/178/198/email/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/21/459/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb074d2db0fd1735f48e46fe24bf6a09223dcc2fd88f1dccb7a3c422ce33b3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176192dd768e6-FRA
x-aspnet-version
4.0.30319
content-length
7419
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/459/178/198/email/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/220/459/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f667ef91a6c6dd12005f96f22b27ab4a42e32554e020a362fe088d17c8340d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176192dda68e6-FRA
x-aspnet-version
4.0.30319
content-length
6306
joel.gomez@enbridge.com
recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/459/178/198/email/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/948c9685-d9c6-4d1b-9195-ef53b3c7cf1b/bbb36b34-2e0f-4e2b-9ac6-5a61ed5e77c6/b861dc8c-1159-45dc-9f8b-bec643dc0ad3/419/459/178/198/email/joel.gomez@enbridge.com
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2552fe2ca0a91600dbe03219784404119de25eca5536444d7eebe74799019b81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
6c1176192ddf68e6-FRA
x-aspnet-version
4.0.30319
content-length
6295
facebook.png
mediacdn.espssl.com/7816/Shared/4WP/Template/ 		898 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/Template/facebook.png
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
2e1e5f16b9930e374965dc620dd717d5c119a4fb7c213ffc329ab48a3efd6360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Fri, 01 Nov 2019 17:50:45 GMT
server
ECS (frb/674C)
age
167
etag
"8aba7e3dc90d51:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
898
instagram.png
mediacdn.espssl.com/7816/Shared/4WP/Template/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/Template/instagram.png
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
53240e824c7c0d8b410b5f0757882067f113dd6632c341fe43c5dccdc95c3097

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Fri, 01 Nov 2019 17:50:45 GMT
server
ECS (frb/6796)
age
58614
etag
"ba34fee2dc90d51:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1820
youtube.png
mediacdn.espssl.com/7816/Shared/4WP/Template/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/Template/youtube.png
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
fe3699a31e6e1c554efa9c1505e502908af853c40c8e239c8f9f82db2b4ff853

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Fri, 01 Nov 2019 17:50:45 GMT
server
ECS (frb/67BD)
age
58614
etag
"16595e3dc90d51:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1022
twitter.png
mediacdn.espssl.com/7816/Shared/4WP/Template/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/7816/Shared/4WP/Template/twitter.png
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
180b35126e2150ee4df9be26c9c30c7d0dd7ce6c8a05bed5f67288288bff0ae2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:29:47 GMT
last-modified
Fri, 01 Nov 2019 17:50:45 GMT
server
ECS (frb/6738)
age
58614
etag
"a2f72e3dc90d51:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1350
8Tb5nAhWoGKMaiB9Ojy8QFzG45PvRzOjjx
enews.4wd.com/q/
Redirect Chain
  • http://enews.4wd.com/q/y40I-uhXZCk6Q3enCbqxVrKvbKasO_7tm3
  • http://enews.4wd.com/q/8Tb5nAhWoGKMaiB9Ojy8QFzG45PvRzOjjx
70 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enews.4wd.com/q/8Tb5nAhWoGKMaiB9Ojy8QFzG45PvRzOjjx
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
HTTP/1.1
Server
104.18.28.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d946e379f4620deb1cf7a91bdf5294f46625bb783df97901524fb9dbf7eeecb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 21 Dec 2021 13:29:53 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
CF-RAY
6c117639d9ae68e9-FRA
Content-Length
70

Redirect headers

Date
Tue, 21 Dec 2021 13:29:52 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Location
/q/8Tb5nAhWoGKMaiB9Ojy8QFzG45PvRzOjjx
Cache-Control
private
Connection
keep-alive
CF-RAY
6c1176194e1c68e9-FRA
Content-Length
70
email-decode.min.js
enews.4wd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enews.4wd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: enews.4wd.com
URL: http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
Protocol
HTTP/1.1
Server
104.18.28.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.4wd.com/q/0lHSoDVYvKQ9YFU3ryMihN7Y8apFzYqg1Tv23hvRhVBkvYYQuUa-pulFg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 21 Dec 2021 13:29:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 Dec 2021 14:16:35 GMT
Server
cloudflare
ETag
W/"61bc9bc3-4d7"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=172800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6c1176192dba68e9-FRA
Vary
Accept-Encoding
Expires
Thu, 23 Dec 2021 13:29:47 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:500,500i,700,700i|Roboto+Condensed:400,400i,700,700i|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://enews.4wd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 21:52:10 GMT
x-content-type-options
nosniff
age
574657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19724
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 21:52:10 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:500,500i,700,700i|Roboto+Condensed:400,400i,700,700i|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://enews.4wd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 20:05:06 GMT
x-content-type-options
nosniff
age
581081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 20:05:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
recs.listrakbi.com/ Name: AWSALBCORS
Value: N7xdTx2PhY2EtEcSJ5lZ4bFn9Hic0eHlu/dG1Vk/x4hEorQzVYmnelbbme1tYJ2FTMB0/JVD81Yk00rXniz1Niw5KKkyTnx65p0JW12tKk4DuKo8g3NcUM18jUAw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

enews.4wd.com
fonts.googleapis.com
fonts.gstatic.com
mediacdn.espssl.com
recs.listrakbi.com
104.18.28.128
104.18.6.244
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
93.184.220.43
180b35126e2150ee4df9be26c9c30c7d0dd7ce6c8a05bed5f67288288bff0ae2
1872660de0fa3a62ba5590f874c7d7e0a6d104c25c8e11043564e9a25ce5bc2d
20e406fb8d09efa1287dd0f01d6cbd9e171290240f19db780e6b1ad0a3e6efd5
2552fe2ca0a91600dbe03219784404119de25eca5536444d7eebe74799019b81
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e1e5f16b9930e374965dc620dd717d5c119a4fb7c213ffc329ab48a3efd6360
2f99ea24ef48123c34dff6d135374fe3940365c3c9a584ab85020fb6bbd6f0df
3f667ef91a6c6dd12005f96f22b27ab4a42e32554e020a362fe088d17c8340d3
47fd8c50b925e91a4cbf62b13ef92d94a07b1bb2e293c85f8a951b15e1877165
53240e824c7c0d8b410b5f0757882067f113dd6632c341fe43c5dccdc95c3097
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53d10ab106ff6e5094c0f51c675e8138749387a725e439aa0954b6226d338f54
6bb074d2db0fd1735f48e46fe24bf6a09223dcc2fd88f1dccb7a3c422ce33b3b
7bbb98afc550ff6e144240acc575e5f1b75207f942cc0c78266c2bd5651db8ee
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
9d942d10a892474b9b40a962ee7b3154580af241d2e6fc7048fb35fe1f376332
ab3960fe37e9dace35f6f6aaa53f58f8a60a951a7755fcd0738fbd221a031a09
cfaa8a955a5f6920e57ca7be8d4f64cd73a50a7bbd4b153391e91cf4721a43fe
d946e379f4620deb1cf7a91bdf5294f46625bb783df97901524fb9dbf7eeecb7
e86cf8327fb8889fef9d4b412f1d3f3ae14f8b6bb2bbf558d8bf22b573e1a2b0
fe3699a31e6e1c554efa9c1505e502908af853c40c8e239c8f9f82db2b4ff853