urlscan.io logo urlscan.io
SecurityTrails logo

bumsen.com Open in urlscan Pro
52.28.222.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11
Effective URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Submission: On May 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 52.28.222.232, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is bumsen.com.
TLS certificate: Issued by Amazon on September 1st 2020. Valid for: a year.
This is the only time bumsen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a05:d018:88e:df10:fc38:7d04:db6c:e2ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trackthis.club
1    2a05:d018:483:6130:ae19:9853:af9e:ceef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmconvtrck.com
1    52.28.222.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-222-232.eu-central-1.compute.amazonaws.com
bumsen.com
10    209.197.3.7 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x007.map2.ssl.hwcdn.net
q8u4v9f3.map2.ssl.hwcdn.net
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
10 q8u4v9f3.map2.ssl.hwcdn.net bumsen.com
q8u4v9f3.map2.ssl.hwcdn.net
2 www.google-analytics.com www.googletagmanager.com
bumsen.com
2 trackthis.club 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com bumsen.com
1 bumsen.com gdmconvtrck.com
1 gdmconvtrck.com trackthis.club
17 7

This site contains no links.

Subject Issuer Validity Valid
bumsen.com
Amazon		 2020-09-01 -
2021-10-01		 a year crt.sh
*.map2.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-03-10 -
2022-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Frame ID: 9FD3C7A2CB07EFC6957FA02CBFE76088
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11 Page URL
  2. http://trackthis.club/?a=46719&c=239971&oc=126562&sr=t&s2=lev11&vt=1621485967918&h=eed5fdd420e8ce9... HTTP 302
    https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

88 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

518 kB
Transfer

667 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11 Page URL
  2. http://trackthis.club/?a=46719&c=239971&oc=126562&sr=t&s2=lev11&vt=1621485967918&h=eed5fdd420e8ce98959ef88d47cd1784fe46f87d&req=http%3A%2F%2Ftrackthis.club%2F%3Fa%3D46719%26c%3D239971%26mt%3D3%26s2%3Dlev11&mt=3&sip=2a01:4f8:192:5414::2&sh=1b5a76848efd466b6f5c656b407ea527e6453560&us=5d370c616fdf4a5cbf4048763a055ee6 HTTP 302
    https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
trackthis.club/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11
Protocol
HTTP/1.1
Server
2a05:d018:88e:df10:fc38:7d04:db6c:e2ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
abed49b484dfa142e85176532a81de64306ba35b1dd56eb0957b860228a59ade

Request headers

Host
trackthis.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Server
nginx
Date
Thu, 20 May 2021 04:46:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding
gzip
user
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gdmconvtrck.com/user?a=46719&c=239971
Requested by
Host: trackthis.club
URL: http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11
Protocol
HTTP/1.1
Server
2a05:d018:483:6130:ae19:9853:af9e:ceef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ca7733f0ce9a9de89c04a92541d1e74298a49bd8aba85e5a6fabbd5230e6e7a

Request headers

Referer
http://trackthis.club/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 04:46:08 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*, *
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request /
bumsen.com/landers/3/
Redirect Chain
  • http://trackthis.club/?a=46719&c=239971&oc=126562&sr=t&s2=lev11&vt=1621485967918&h=eed5fdd420e8ce98959ef88d47cd1784fe46f87d&req=http%3A%2F%2Ftrackthis.club%2F%3Fa%3D46719%26c%3D239971%26mt%3D3%26s2...
  • https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Requested by
Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/user?a=46719&c=239971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.222.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-222-232.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c23472d7595a30159a931c5b660a4f86394d755643aa0d6ca5f6f4cef890df10

Request headers

:method
GET
:authority
bumsen.com
:scheme
https
:path
/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://trackthis.club/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
http://trackthis.club/?a=46719&c=239971&mt=3&s2=lev11

Response headers

date
Thu, 20 May 2021 04:46:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=z5u+q5IeBkilN3CyVD6hWd6/FvyGL9BV1bhg2kcKNETmgkw/e9RD1MiAfbKG3SBI5L+NiywVG/dFl6tCyNLrcirR6vl84t03Uxlt0yIvFjb8mZOw7Bs4Az0F2ZEp; Expires=Thu, 27 May 2021 04:46:08 GMT; Path=/ AWSALBCORS=z5u+q5IeBkilN3CyVD6hWd6/FvyGL9BV1bhg2kcKNETmgkw/e9RD1MiAfbKG3SBI5L+NiywVG/dFl6tCyNLrcirR6vl84t03Uxlt0yIvFjb8mZOw7Bs4Az0F2ZEp; Expires=Thu, 27 May 2021 04:46:08 GMT; Path=/; SameSite=None; Secure
server
nginx
vary
Accept-Encoding
geo_city
Prague
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 20 May 2021 04:46:08 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
gdm_uid_v2_1_001=kh8e7oXZcvcP+/1gdJ3796VLHRZQhx45j2X/zVUEMxBGv3VPffVJojfZ2rKPb3eK; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/; Secure; SameSite=None gdm_suid_v2_1_001=kh8e7oXZcvcP+/1gdJ3796VLHRZQhx45j2X/zVUEMxBGv3VPffVJojfZ2rKPb3eK; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/; Secure; SameSite=None gdm_click_freq_v1_1_001=Zx/e5c23JD1zwirfu9eGF+oYZpQ6LCgwFQDrdCBNgVbXtMHlyNXSk36FKaXdlYEl; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/ gdm_click_adv_freq_v2_1_001=tLNvq1xyKin7IqvRzGETtF0xHZ4PLcfoLSuG61rkLm9HbOG21RP5B77sJ1mfLGWi; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/; Secure; SameSite=None gdm_sid_v2_3_001=gQ2MrQwsmFQoyCPwWkUkL22VenNP1DOEqfD1Hrj/FwO4wa92sQ1f2UTWGN/jUoRRC05JCEprKKmI2PCQ/wf00XcnfVJkKi8RbZY0tdhNOzhyR7imV4LutonJ01if3jcMYdWRUCQByizOImHF3KoaWgEKxqus5Gjqr6nCumSUYHibG/wJyhkipY5hQcfJ9LiWyQ941zHI4SUsdF+SuMYEE5eBQ4FQKLD/aePoOhN8kfQUdJGM41S4wc5AdEG6USx2zvRzzLQKm/oItDcZQh/6a6AH71e+oWL9aKMCcNFSnsJfpiylFkz9dnv0BM6+ePr05vRFqqXzjY2KlTCF1ymAqJ8cSUpXOEou4huNVLbw2mZjz9qYYKDU8g9ynCJZBScdiwQBbwyuE6PXua5so9CCb1JQHWsEcvMqzmmOpOt+ZVEE6mSpDHKG7vYwEET6OeICnv4TLJzmIzT7ikk3El3mHiqXwKa+bb2K7PFbhKTNS3nVOd6jpSp5622O8yI96uWX6VPpOgC+GyOt01aiw8Ejz4LSh80iJw2QfKMkHyAbcQCpK472uZYeEbYdGYslYcX6ZTm52nfJBKI09yM0wVwcIFRGRsA3n55FhIrTRzluCY4g0EM87yMxVlCJKSF8cJiQ61Ps5at8aI4Tras6l+9RKrKD6gDjQqLfcdEU2BMfVlGH+dbQx4DfE3Bay7tiySOQW0Jfq7wxlfYDNM0nwx4LDWgmfhLZfHgCy1hKxQf95SglMgNwgq2zKP8D1rcKX5PnXAj69D90JZhUuF4aAXtw0gzdN9zCKnBvoj9NrvShQiFN4zRqDpA/sPHqBpzWrOH8rW/dnzjpPTu+sB7iPPxnz4SCaEtfu398MzXX/08wSgGuAluzoDtc4EtIMMMXusjZ4nAgsOYxQDK7PdpYOYuNvrr80dWDKnM4JoeRsl6eXZgQxUmZu39WZwCP7vmdYXaO6PwxVMuPLSuR/GHFsVlG5dr0aIT/pwyxg9MvSJnpy3Eg1ThAxbuGKgeUF2SlGX56fBX/eaFNH08Rd8m79pVYHPuOFGfJcS79UWgS3Zid+yc=; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=kh8e7oXZcvcP+/1gdJ3796VLHRZQhx45j2X/zVUEMxBGv3VPffVJojfZ2rKPb3eK; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/ gdm_sid_v1_3_001=gQ2MrQwsmFQoyCPwWkUkL22VenNP1DOEqfD1Hrj/FwO4wa92sQ1f2UTWGN/jUoRRC05JCEprKKmI2PCQ/wf00XcnfVJkKi8RbZY0tdhNOzhyR7imV4LutonJ01if3jcMYdWRUCQByizOImHF3KoaWgEKxqus5Gjqr6nCumSUYHibG/wJyhkipY5hQcfJ9LiWyQ941zHI4SUsdF+SuMYEE5eBQ4FQKLD/aePoOhN8kfQUdJGM41S4wc5AdEG6USx2zvRzzLQKm/oItDcZQh/6a6AH71e+oWL9aKMCcNFSnsJfpiylFkz9dnv0BM6+ePr05vRFqqXzjY2KlTCF1ymAqJ8cSUpXOEou4huNVLbw2mZjz9qYYKDU8g9ynCJZBScdiwQBbwyuE6PXua5so9CCb1JQHWsEcvMqzmmOpOt+ZVEE6mSpDHKG7vYwEET6OeICnv4TLJzmIzT7ikk3El3mHiqXwKa+bb2K7PFbhKTNS3nVOd6jpSp5622O8yI96uWX6VPpOgC+GyOt01aiw8Ejz4LSh80iJw2QfKMkHyAbcQCpK472uZYeEbYdGYslYcX6ZTm52nfJBKI09yM0wVwcIFRGRsA3n55FhIrTRzluCY4g0EM87yMxVlCJKSF8cJiQ61Ps5at8aI4Tras6l+9RKrKD6gDjQqLfcdEU2BMfVlGH+dbQx4DfE3Bay7tiySOQW0Jfq7wxlfYDNM0nwx4LDWgmfhLZfHgCy1hKxQf95SglMgNwgq2zKP8D1rcKX5PnXAj69D90JZhUuF4aAXtw0gzdN9zCKnBvoj9NrvShQiFN4zRqDpA/sPHqBpzWrOH8rW/dnzjpPTu+sB7iPPxnz4SCaEtfu398MzXX/08wSgGuAluzoDtc4EtIMMMXusjZ4nAgsOYxQDK7PdpYOYuNvrr80dWDKnM4JoeRsl6eXZgQxUmZu39WZwCP7vmdYXaO6PwxVMuPLSuR/GHFsVlG5dr0aIT/pwyxg9MvSJnpy3Eg1ThAxbuGKgeUF2SlGX56fBX/eaFNH08Rd8m79pVYHPuOFGfJcS79UWgS3Zid+yc=; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/ gdm_uid_v1_1_001=kh8e7oXZcvcP+/1gdJ3796VLHRZQhx45j2X/zVUEMxBGv3VPffVJojfZ2rKPb3eK; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/ gdm_click_freq_v2_1_001=Zx/e5c23JD1zwirfu9eGF+oYZpQ6LCgwFQDrdCBNgVbXtMHlyNXSk36FKaXdlYEl; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/; Secure; SameSite=None gdm_click_adv_freq_v1_1_001=tLNvq1xyKin7IqvRzGETtF0xHZ4PLcfoLSuG61rkLm9HbOG21RP5B77sJ1mfLGWi; Expires=Wed, 18-Aug-2021 04:46:08 GMT; Path=/
Location
https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Content-Language
en-US
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
style.css
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
c0dd94ef9395fd49dd99a39078bdbfa669679d880821a365958b12554d68d98a

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 14:12:17 GMT
Server
nginx
ETag
W/"609be241-1bef"
X-HW
1621485968.dop214.lo4.t,1621485968.cds004.lo4.shn,1621485968.dop214.lo4.t,1621485968.cds246.lo4.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1950
jquery.min.js
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/jquery.min.js
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
W/"60803a02-16b81"
X-HW
1621485968.dop043.lo4.t,1621485968.cds081.lo4.shn,1621485968.dop043.lo4.t,1621485968.cds225.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32825
function.js
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/ 		140 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/function.js
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
d28f19ff0948629fc86e68136f33994f1c22b5b8c4d73f018d44c20dfa35f4a3

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
"60803a02-8c"
X-HW
1621485968.dop213.lo4.t,1621485968.cds072.lo4.shn,1621485968.dop213.lo4.t,1621485968.cds018.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
125
radar-scanner.gif
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/radar-scanner.gif
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
"60803a02-1905f"
X-HW
1621485968.dop043.lo4.t,1621485968.cds081.lo4.shn,1621485968.dop043.lo4.t,1621485968.cds241.lo4.c
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
102495
loader.js
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/ 		992 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/js/loader.js
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
1f5e24fd22aaf6adc92a3f79846fbedfa1674c8f71e68fa7638bb1b3bac2d338

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 14:46:53 GMT
Server
nginx
ETag
"60803add-3e0"
X-HW
1621485968.dop043.lo4.t,1621485968.cds081.lo4.shn,1621485968.dop043.lo4.t,1621485968.cds076.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
405
gtm.js
www.googletagmanager.com/ 		86 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5T6MM55
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0bf00a68b85eef6a2825d86753d5a83897f90da9fad1d4ae05d4617412231b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 20 May 2021 04:46:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33295
x-xss-protection
0
last-modified
Thu, 20 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 May 2021 04:46:08 GMT
bgwomen.jpg
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/bgwomen.jpg
Requested by
Host: q8u4v9f3.map2.ssl.hwcdn.net
URL: https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
daf8d30e1568bd025f08fb9b6c405cbd0da6f9e83731cacb60cdbf82d2df9363

Request headers

Referer
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
"60803a02-2829a"
X-HW
1621485968.dop214.lo4.t,1621485968.cds004.lo4.shn,1621485968.dop214.lo4.t,1621485968.cds090.lo4.c
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
164506
girl_phone.jpg
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/girl_phone.jpg
Requested by
Host: q8u4v9f3.map2.ssl.hwcdn.net
URL: https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
7cc4e75e375ae76743e378afafdeb7f9d8a2aeb88eb46c74e272a9b7d585ff76

Request headers

Referer
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:46:53 GMT
Server
nginx
ETag
"60803add-14262"
X-HW
1621485968.dop043.lo4.t,1621485968.cds081.lo4.shn,1621485968.dop043.lo4.t,1621485968.cds022.lo4.c
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82530
warning.png
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/warning.png
Requested by
Host: q8u4v9f3.map2.ssl.hwcdn.net
URL: https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
6ebabeeb0c613ab768b0e5bfe6d959b78b04393b8772f8cd1ea16a246c08831d

Request headers

Referer
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
"60803a02-544"
X-HW
1621485968.dop213.lo4.t,1621485968.cds072.lo4.shn,1621485968.dop213.lo4.t,1621485968.cds219.lo4.c
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1348
sos.png
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/sos.png
Requested by
Host: q8u4v9f3.map2.ssl.hwcdn.net
URL: https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
3b8f3fb29ec95eeb546d4ad0b10f7731ccabbe57f89af984adb97adcbe8bfea1

Request headers

Referer
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:43:14 GMT
Server
nginx
ETag
"60803a02-3477"
X-HW
1621485968.dop213.lo4.t,1621485968.cds072.lo4.shn,1621485968.dop213.lo4.t,1621485968.cds215.lo4.c
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13431
bgprofiles.jpg
q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/img/bgprofiles.jpg
Requested by
Host: q8u4v9f3.map2.ssl.hwcdn.net
URL: https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.7 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x007.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
fe48f75b813cb86064bd97305944c96b2a3ee551340cd213a6d8475332c0c2c3

Request headers

Referer
https://q8u4v9f3.map2.ssl.hwcdn.net/landers/3/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Thu, 20 May 2021 04:46:08 GMT
Last-Modified
Wed, 21 Apr 2021 14:46:53 GMT
Server
nginx
ETag
"60803add-1088d"
X-HW
1621485968.dop043.lo4.t,1621485968.cds081.lo4.shn,1621485968.dop043.lo4.t,1621485968.cds032.lo4.c
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
67725
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T6MM55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4572
date
Thu, 20 May 2021 03:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 20 May 2021 05:29:56 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-158819006-5&cid=790492007.1621485969&jid=622156470&gjid=2018277946&_gid=986882451.1621485969&_u=YGBAgEABAAAAAE~&z=1757465962
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 20 May 2021 04:46:08 GMT
content-type
text/plain
access-control-allow-origin
https://bumsen.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1075786923&t=pageview&_s=1&dl=https%3A%2F%2Fbumsen.com%2Flanders%2F3%2F%3Fs1%3Dckdler_de_desk%26s2%3D46719%26tracking_id%3D507a8ac56a1d4267a2c0f26d6f1ce55b1675a%26s3%3D&dr=http%3A%2F%2Ftrackthis.club%2F&ul=en-us&de=UTF-8&dt=Bumsen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=622156470&gjid=2018277946&cid=790492007.1621485969&tid=UA-158819006-5&_gid=986882451.1621485969&gtm=2wg5c15T6MM55&cd8=ckdler_de_desk-46719&z=1938617899
Requested by
Host: bumsen.com
URL: https://bumsen.com/landers/3/?s1=ckdler_de_desk&s2=46719&tracking_id=507a8ac56a1d4267a2c0f26d6f1ce55b1675a&s3=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bumsen.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 06:00:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81960
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| redirectTo object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.bumsen.com/ Name: _dc_gtm_UA-158819006-5
Value: 1
.bumsen.com/ Name: _gid
Value: GA1.2.986882451.1621485969
.bumsen.com/ Name: _ga
Value: GA1.2.790492007.1621485969
.bumsen.com/ Name: _gcl_au
Value: 1.1.194427055.1621485969
bumsen.com/ Name: AWSALBCORS
Value: z5u+q5IeBkilN3CyVD6hWd6/FvyGL9BV1bhg2kcKNETmgkw/e9RD1MiAfbKG3SBI5L+NiywVG/dFl6tCyNLrcirR6vl84t03Uxlt0yIvFjb8mZOw7Bs4Az0F2ZEp
bumsen.com/ Name: AWSALB
Value: z5u+q5IeBkilN3CyVD6hWd6/FvyGL9BV1bhg2kcKNETmgkw/e9RD1MiAfbKG3SBI5L+NiywVG/dFl6tCyNLrcirR6vl84t03Uxlt0yIvFjb8mZOw7Bs4Az0F2ZEp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bumsen.com
gdmconvtrck.com
q8u4v9f3.map2.ssl.hwcdn.net
stats.g.doubleclick.net
trackthis.club
www.google-analytics.com
www.googletagmanager.com
209.197.3.7
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9c
2a05:d018:483:6130:ae19:9853:af9e:ceef
2a05:d018:88e:df10:fc38:7d04:db6c:e2ef
52.28.222.232
1f5e24fd22aaf6adc92a3f79846fbedfa1674c8f71e68fa7638bb1b3bac2d338
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3b8f3fb29ec95eeb546d4ad0b10f7731ccabbe57f89af984adb97adcbe8bfea1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca7733f0ce9a9de89c04a92541d1e74298a49bd8aba85e5a6fabbd5230e6e7a
6ebabeeb0c613ab768b0e5bfe6d959b78b04393b8772f8cd1ea16a246c08831d
7cc4e75e375ae76743e378afafdeb7f9d8a2aeb88eb46c74e272a9b7d585ff76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
abed49b484dfa142e85176532a81de64306ba35b1dd56eb0957b860228a59ade
b0bf00a68b85eef6a2825d86753d5a83897f90da9fad1d4ae05d4617412231b0
c0dd94ef9395fd49dd99a39078bdbfa669679d880821a365958b12554d68d98a
c23472d7595a30159a931c5b660a4f86394d755643aa0d6ca5f6f4cef890df10
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317
d28f19ff0948629fc86e68136f33994f1c22b5b8c4d73f018d44c20dfa35f4a3
daf8d30e1568bd025f08fb9b6c405cbd0da6f9e83731cacb60cdbf82d2df9363
fe48f75b813cb86064bd97305944c96b2a3ee551340cd213a6d8475332c0c2c3