www.quoka.de
Open in
urlscan Pro
99.86.3.70
Public Scan
Effective URL: https://www.quoka.de/mein-konto/login.html?to=%2Finserieren%2Fanzeige-aufgeben.html%3F
Submission Tags: falconsandbox
Submission: On January 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on October 8th 2021. Valid for: a year.
This is the only time www.quoka.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-70.fra6.r.cloudfront.net
www.quoka.de | |
qus.quoka.de |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com
consentmanager.mgr.consensu.org |
ASN60068 (CDN77 ^_^, GB)
cdn.consentmanager.mgr.consensu.org | |
cdn.consentmanager.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-60.fra6.r.cloudfront.net
ats.rlcdn.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54113 (FASTLY, US)
5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net
geo.privacymanager.io |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-26.fra56.r.cloudfront.net
assets.ubembed.com |
ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com |
ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
quoka.de
1 redirects
www.quoka.de — Cisco Umbrella Rank: 136387 qus.quoka.de — Cisco Umbrella Rank: 693741 |
1 MB |
6 |
consensu.org
consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 14785 cdn.consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 16154 |
97 KB |
4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
153 KB |
4 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864 |
1 KB |
3 |
rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1554 api.rlcdn.com — Cisco Umbrella Rank: 812 |
76 KB |
2 |
ubembed.com
5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com — Cisco Umbrella Rank: 733593 assets.ubembed.com — Cisco Umbrella Rank: 10642 |
49 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
84 KB |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329 |
542 B |
1 |
crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1894 |
336 B |
1 |
hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5428 |
240 B |
1 |
sift.com
cdn.sift.com — Cisco Umbrella Rank: 12499 |
20 KB |
1 |
consentmanager.net
cdn.consentmanager.net — Cisco Umbrella Rank: 31982 |
2 KB |
1 |
privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747 |
597 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 |
5 KB |
1 |
pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473 |
80 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
64 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 |
51 KB |
55 | 17 |
Domain | Requested by | |
---|---|---|
25 | www.quoka.de |
1 redirects
www.quoka.de
|
4 | www.facebook.com |
connect.facebook.net
www.facebook.com |
3 | cdn.consentmanager.mgr.consensu.org |
www.quoka.de
consentmanager.mgr.consensu.org cdn.consentmanager.mgr.consensu.org |
3 | consentmanager.mgr.consensu.org |
www.quoka.de
|
2 | mug.criteo.com |
www.quoka.de
|
2 | ats.rlcdn.com |
ads.pubmatic.com
|
2 | gum.criteo.com | 1 redirects |
2 | connect.facebook.net |
www.quoka.de
connect.facebook.net |
1 | api.rlcdn.com |
ads.pubmatic.com
|
1 | match.adsrvr.org |
ads.pubmatic.com
|
1 | id.crwdcntrl.net |
ads.pubmatic.com
|
1 | hexagon-analytics.com | |
1 | cdn.sift.com |
www.quoka.de
|
1 | cdn.consentmanager.net |
www.quoka.de
|
1 | assets.ubembed.com |
5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com
|
1 | geo.privacymanager.io |
ats.rlcdn.com
|
1 | 5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | qus.quoka.de |
www.quoka.de
|
1 | ads.pubmatic.com |
www.quoka.de
|
1 | www.googletagmanager.com |
www.quoka.de
|
1 | pagead2.googlesyndication.com |
www.quoka.de
|
55 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.consentmanager.net |
quoka.zendesk.com |
info.quoka.de |
company.quoka.de |
www.vol.at |
russmedia.com |
play.google.com |
itunes.apple.com |
www.jugendschutzprogramm.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.quoka.de Amazon |
2021-10-08 - 2022-11-06 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
consentmanager.mgr.consensu.org R3 |
2021-12-31 - 2022-03-31 |
3 months | crt.sh |
1376624012.rsc.cdn77.org R3 |
2021-12-02 - 2022-03-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.pubmatic.com DigiCert SHA2 Secure Server CA |
2021-03-30 - 2022-04-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-08 - 2022-02-06 |
3 months | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-12-01 - 2022-02-26 |
3 months | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2022-01-04 - 2023-02-05 |
a year | crt.sh |
*.privacymanager.io Amazon |
2021-09-25 - 2022-10-24 |
a year | crt.sh |
assets.ubembed.com Amazon |
2021-03-06 - 2022-04-04 |
a year | crt.sh |
*.sift.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-07 - 2023-01-20 |
a year | crt.sh |
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-04 |
a year | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2021-04-29 - 2022-05-31 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.quoka.de/mein-konto/login.html?to=%2Finserieren%2Fanzeige-aufgeben.html%3F
Frame ID: 124CA56C104D40270E97665C43E1E583
Requests: 48 HTTP requests in this frame
Frame:
https://www.quoka.de/assets/img/common/russmedia_endorsement.svg
Frame ID: 44067C662B14E3E4463456CF954C7DD3
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 03E3FB33A5E4067A887407166FD76850
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.10/plugins/login_button.php?app_id=150233495165294&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df656af4bacfbd4%26domain%3Dwww.quoka.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.quoka.de%252Ff50470415e0aec%26relation%3Dparent.parent&container_width=460&locale=de_DE&login_text=&scope=email%2Cpublic_profile%2Cuser_friends&sdk=joey&show_faces=false&size=large&use_continue_as=false&width=300
Frame ID: F861F24C7BC114FA7606603CC085905A
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Login von Quoka.de - jetzt anmelden & inserierenSendPage URL History Show full URLs
-
https://www.quoka.de/inserieren/anzeige-aufgeben.html
HTTP 302
https://www.quoka.de/mein-konto/login.html?to=%2Finserieren%2Fanzeige-aufgeben.html%3F Page URL
Detected technologies
Unbounce (Editors) ExpandDetected patterns
- ubembed\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Sift (Analytics) Expand
Detected patterns
- cdn\.sift(?:science)?\.com/s\.js
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: consentmanager.net
Search URL Search Domain Scan URL
Title: Hilfebereich
Search URL Search Domain Scan URL
Title: Sicheren Zahlung
Search URL Search Domain Scan URL
Title: Versand via DHL
Search URL Search Domain Scan URL
Title: Weitere Informationen für Dich findest Du hier.
Search URL Search Domain Scan URL
Title: Ãœber Quoka
Search URL Search Domain Scan URL
Title: Ãœber uns
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Presse
Search URL Search Domain Scan URL
Title: Werbung
Search URL Search Domain Scan URL
Title: Vorarlberg Online
Search URL Search Domain Scan URL
Title: Russmedia-Gruppe
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.quoka.de/inserieren/anzeige-aufgeben.html
HTTP 302
https://www.quoka.de/mein-konto/login.html?to=%2Finserieren%2Fanzeige-aufgeben.html%3F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.quoka.de%2F&domain=www.quoka.de&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=Znxn4nx2SW5GZVpQcU1ld3AzVU1NbGNtYVhTZHZ0UytRTzZvWXdZMmtRTEZFd0wrcXF3cWxUcEFFUXJ4cXNWN3lFM05wOFZvd25qZ2VtYUIyNUdHcCtCSTR0ODkvb3gyTW5KTGtrdDI3dmhrZzU1RGhXSEFRbjdSTlpvQ0ZxTlVFN3dPOUdvT25ZSFQ5N2RNR2pBYnlIdllSNU5lTnhsNEpZUkdmU3FYNTdFdVcrREl4STBEZkU5c2c2cVVIWm5KSkF1TkRMbDVXME1LMUpsTUFzUG1sU0JwVDJNdm9YdncvMUgxUnQ5Nkh1NjVDT1dnPXw&cppv=2
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
www.quoka.de/mein-konto/ Redirect Chain
|
110 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f6ef0432a89cb3c6cb63186d067ed37_master-min.css
www.quoka.de/assets/css/quoka/ |
594 KB 148 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9df6faa0db6e3df0e5f2b476ec561fb9_customercenter-min.css
www.quoka.de/assets/css/quoka/ |
128 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp.min.css
www.quoka.de/delivery/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid-ads.js
www.quoka.de/assets/js/ |
18 B 397 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quoka_logo.svg
www.quoka.de/assets/img/quoka/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading_90x68.gif
www.quoka.de/assets/img/common/ |
814 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play_store.png
www.quoka.de/img/quoka/editorials/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_store01.png
www.quoka.de/img/quoka/editorials/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jusprog-age-xml-18.png
www.quoka.de/assets/img/common/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fcaa6cff8a2efb6d5df562abba53c695_master-min.js
www.quoka.de/assets/js/quoka/ |
2 MB 495 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bfd7b4c0499003439fc63cbf4be02cf9_customercenter-min.js
www.quoka.de/assets/js/quoka/ |
250 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.simplyscroll.css
www.quoka.de/assets/css/lib/jquery-simplyscroll/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmp.php
consentmanager.mgr.consensu.org/delivery/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp_en.min.js
cdn.consentmanager.mgr.consensu.org/delivery/ |
337 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
211 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160303/3635/ |
258 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cpg2_pbjs_20211102.min.js
www.quoka.de/assets/js/vendor/ |
317 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/de_DE/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular-webfont.woff
www.quoka.de/assets/fonts/roboto/regular/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bookmark-icns-se199db4a91.png
www.quoka.de/assets/img/quoka/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-footer-headline.png
www.quoka.de/assets/img/quoka/backgrounds/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.woff2
www.quoka.de/assets/fonts/ |
13 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Bold-webfont.woff
www.quoka.de/assets/fonts/roboto/bold/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Italic-webfont.woff
www.quoka.de/assets/fonts/roboto/italic/ |
28 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
russmedia_endorsement.svg
www.quoka.de/assets/img/common/ Frame 4406 |
16 KB 6 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Quinn_Winter.png
www.quoka.de/assets/img/common/icons/ |
443 KB 444 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
340 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
www.quoka.de/ |
14 B 318 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user-blue.svg
www.quoka.de/assets/img/common/icon/ |
697 B 747 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getsearchhistory.php
qus.quoka.de/services/quus/ |
2 B 465 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ats.js
ats.rlcdn.com/ |
109 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Redirect Chain
|
355 B 619 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bV8xLndfMTkwNDYuZF85MDA4LnhfNC52LnAudF85MDA4.js
cdn.consentmanager.mgr.consensu.org/delivery/customdata/ |
130 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/de_DE/ |
290 KB 82 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 03E3 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com/ |
4 KB 2 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
geo.privacymanager.io/ |
30 B 597 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.1/ |
173 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
langpurpose_de.min.js
cdn.consentmanager.mgr.consensu.org/delivery/lang/ |
42 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
consentmanager.mgr.consensu.org/delivery/info/ |
43 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
consentmanager.mgr.consensu.org/delivery/info/ |
43 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmplogo2.svg
cdn.consentmanager.net/delivery/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
cdn.sift.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_button.php
www.facebook.com/v2.10/plugins/ Frame F861 |
32 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
635096.gif
hexagon-analytics.com/images/ |
43 B 240 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
szGrb_tkxMW.png
www.facebook.com/rsrc.php/v3/yN/r/ Frame F861 |
575 B 630 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S2mYDTEtxPf.js
www.facebook.com/rsrc.php/v3iN_84/yC/l/de_DE/ Frame F861 |
521 KB 137 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cavalry_endpoint.php
www.facebook.com/platform/ Frame F861 |
67 B 101 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ats.js
ats.rlcdn.com/ |
109 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
id.crwdcntrl.net/ |
63 B 336 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rid
match.adsrvr.org/track/ |
109 B 542 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
envelope
api.rlcdn.com/api/identity/ |
44 B 326 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
400 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| cmp_getlang boolean| gdprAppliesGlobally number| cmp_id string| cmp_params string| cmp_host string| cmp_cdn function| cmp_addFrame function| cmp_rc function| cmp_stub function| cmp_msghandler function| cmp_setStub function| __cmapi function| __cmp function| __tcfapi function| __uspapi function| cmpEditConsent object| dataLayer string| ua_virtualPath string| ua_pageType string| ua_pageTypeInfo object| OneSignal string| CookieDomain string| ViewName string| DisplayName string| DisplayDomain string| ApplicationContext boolean| USE_LAZY_LOADING boolean| blnIsAuthenticated boolean| blnIsSearchAutoCompleteEnabled string| strEntranceModule boolean| blnQDebug object| qng object| OnlineStatusSettings object| VideoChatSettings object| DhlDeliverySettings object| ProfileSettings object| ChatBotSettings object| Fsk18AuthSettings object| MicroserviceSettings boolean| adblock object| blockAdBlock boolean| blnAllowUnreadMessageFunction string| strQuusDomain object| objClientDataVars object| _sift object| googletag boolean| ahsLoaded function| cmpFireAhsLoaded object| adHandler object| adHandlerPaused object| dfpSlotEvents object| PWT object| pbjs string| socialLoginRedirectToCCIndex string| socialLoginEntrance function| getLocationSearchParam function| strstr function| strtr function| base64_encode function| base64_decode boolean| isIphone boolean| isAndroidPhone boolean| isTierTablet boolean| isTierIphone boolean| isTierRichCss boolean| isTierGenericMobile string| engineWebKit string| deviceIphone string| deviceIpod string| deviceIpad string| deviceMacPpc string| deviceAndroid string| deviceGoogleTV string| deviceXoom string| deviceHtcFlyer string| deviceNuvifone string| deviceSymbian string| deviceS60 string| deviceS70 string| deviceS80 string| deviceS90 string| deviceWinPhone7 string| deviceWinMob string| deviceWindows string| deviceIeMob string| devicePpc string| enginePie string| deviceBB string| vndRIM string| deviceBBStorm string| deviceBBBold string| deviceBBBoldTouch string| deviceBBTour string| deviceBBCurve string| deviceBBCurveTouch string| deviceBBTorch string| deviceBBPlaybook string| devicePalm string| deviceWebOS string| deviceWebOShp string| engineBlazer string| engineXiino string| deviceKindle string| engineSilk string| vndwap string| wml string| deviceTablet string| deviceBrew string| deviceDanger string| deviceHiptop string| devicePlaystation string| deviceNintendoDs string| deviceNintendo string| deviceWii string| deviceXbox string| deviceArchos string| engineOpera string| engineNetfront string| engineUpBrowser string| engineOpenWeb string| deviceMidp string| uplink string| engineTelecaQ string| devicePda string| mini string| mobile string| mobi string| maemo string| linux string| qtembedded string| mylocom2 string| manuSonyEricsson string| manuericsson string| manuSamsung1 string| manuSony string| manuHtc string| svcDocomo string| svcKddi string| svcVodafone string| disUpdate string| uagent function| DetectIphone function| DetectIpod function| DetectIpad function| DetectIphoneOrIpod function| DetectIos function| DetectAndroid function| DetectAndroidPhone function| DetectAndroidTablet function| DetectAndroidWebKit function| DetectGoogleTV function| DetectWebkit function| DetectS60OssBrowser function| DetectSymbianOS function| DetectWindowsPhone7 function| DetectWindowsMobile function| DetectBlackBerry function| DetectBlackBerryTablet function| DetectBlackBerryWebKit function| DetectBlackBerryTouch function| DetectBlackBerryHigh function| DetectBlackBerryLow function| DetectPalmOS function| DetectPalmWebOS function| DetectWebOSTablet function| DetectGarminNuvifone function| DetectSmartphone function| DetectArchos function| DetectBrewDevice function| DetectDangerHiptop function| DetectMaemoTablet function| DetectSonyMylo function| DetectOperaMobile function| DetectOperaAndroidPhone function| DetectOperaAndroidTablet function| DetectSonyPlaystation function| DetectNintendo function| DetectXbox function| DetectGameConsole function| DetectKindle function| DetectAmazonSilk function| DetectMobileQuick function| DetectMobileLong function| DetectTierTablet function| DetectTierIphone function| DetectTierRichCss function| DetectTierOtherPhones function| InitDeviceScan function| Qregistry object| qgtm object| qgtma object| qgtmah object| qgtmfp object| qgtmewe object| qgtmec object| qgtmi object| qgtmc object| qgtmpn object| qgtmib object| qgtmprofile object| qcd function| qconst object| qcc object| qcr object| qua object| qdom object| qc function| initHeaderForm object| qbs string| qbsWpTopHeight string| qbsWpBgColor object| qbsWpBgBuildCmd string| qbsBnrWidth string| qbsBnrHeight string| qbsLayout string| qbsDivId string| qbsClickUrl boolean| qbsUseBgClick object| gptUnitsRendered number| qbsScheduler number| qbsScheduleCalls function| qbsSchedule function| qbsExecCmd function| qbsInitVars function| qbsInitWallPaper function| qbsBuildWallPaper function| qbsWpBgDivResize function| qbsWpBgClick function| qbsSetBannerWidthHeightByID function| gptAfterRender function| gptMoveContent function| qbsGetDocHeight object| dfpEventOptions function| Hash function| isEmptyObject object| sprintfWrapper function| sprintf undefined| $ function| jQuery function| Cookies function| Swiper function| _ function| md5 string| txt object| jQuery172011969445608296736 function| BlockAdBlock object| strHostName object| strOsSearch number| _intScheduleCalls object| _objGptIframe object| qgpt object| qib function| PhotoSwipe function| PhotoSwipeUI_Default object| qx undefined| _adPositionStrategy object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| authService function| initVueComponents object| qcp object| qf object| qcst object| qcma object| qt undefined| $body string| strAction boolean| strXhrNotificationsAction boolean| strXhrHomelistAction boolean| blnNotification boolean| blnNewsletter boolean| aryNotifications boolean| objListAction string| strAppView string| strCountUrl undefined| aryParam function| moment object| plupload boolean| strListActionStatus object| aryQuery object| objQuery function| cmpFireTiLoaded number| k object| aryCookie string| strCookieName boolean| blnIsSafari object| objSuggestionsModal object| $img function| amazonLibraryForFramework object| _0x3f11 function| _0x1c11 function| pbjsChunk object| _pbjsGlobals function| owpbjsChunk object| owpbjs object| ucTag object| OWT function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 string| cmp_config_data_cs object| cmp_config_data object| cmp_scripts object| cmp_scripturls string| cmp_proto string| cmp_warn object| FB function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_affiliatedomains function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_storage function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_cookielist function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole function| cmp_regulations function| cmp_getregulation function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getcss object| cmpmngr object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_tag_manager string| google_user_agent_client_hint object| cmp_timer object| google_tag_data object| ats function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled object| ube number| cmpGDPR number| cmpCCPA string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP object| utag_data function| __siftFlashCB undefined| Sift object| PluginDetect20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.quoka.de/ | Name: QSESSID Value: 9sdassp2drm7vet6r8eriqb1a944mjbj |
|
.quoka.de/ | Name: MSIMILITY Value: SID%02WS9Fbm56UVF4ZE02WWJuWHdHYU1Nd2hFcEpQWWdmYnVIRzJIb0NyTWFaOXFuZnluOEJTRjJoVTdlRGZFTTNpMw |
|
.quoka.de/ | Name: PARTNER Value: VIEW%02quoka%01COOKIEBEGIN%021643544884 |
|
.quoka.de/ | Name: QUUHS Value: QPV%021%01SESSIONID%02 |
|
.qus.quoka.de/ | Name: QUUS Value: ARYSEARCHHISTORY%02 |
|
www.quoka.de/ | Name: _pbjs_userid_consent_data Value: 6683316680106290 |
|
.quoka.de/ | Name: _pubcid Value: 2bbbacb9-abaf-4d48-bf38-df2dc69ca478 |
|
.quoka.de/ | Name: _gcl_au Value: 1.1.2098365374.1643544885 |
|
www.quoka.de/ | Name: _lr_geo_location Value: DE |
|
.quoka.de/ | Name: __cmpconsent12150 Value: CPTmlIAPTmlIAAfQWCDECACgAAAAAAAAAAigAAAMEgCAFOAM-ArABggBQKAEABUALYSAEABUALYaAEABUALYiAEABUALYqAEABUALYyAEABUALY6AEABUALZCAEABUALZKAEABUALZSAEABUALY |
|
.quoka.de/ | Name: __cmpcvcu12150 Value: __s587_s23_s896_s24_s33_c7626_c7627__ |
|
.quoka.de/ | Name: __cmpcpcu12150 Value: ____ |
|
www.quoka.de/ | Name: cto_bidid Value: v2STcV9MSW00Rkl1dGdjRTZtRDNieFdnNWRuQ0pLZmlhaURhNFFpR2hPVUJaNlBtTjZrNUg2a0k5QmQ1UTlhcyUyRmdXcUdWNVFIZ1B6VXNnb1h6a1p2bDNMJTJGeWclM0QlM0Q |
|
www.quoka.de/ | Name: cto_bundle Value: 1NMokl9ucm5pWjlhWU55Q2sxRzg5NTdzUDZJZGU0MEolMkZqTmRHWEt3VzYlMkZ5VlBEd2ZDNGVyMDRZQzBxJTJGUGZOdkJ0UW4lMkJiZ1olMkZpZjh5Ukt6R0pUanIwSTFXMEtpY2l0eW03d1c4NTh0VzNLaTNnZkQlMkI4cWQ4UG1JbyUyQlBXc0l0NlNTZkNw |
|
.quoka.de/ | Name: __ssid Value: 816f7c8d9e3c0740e97ea3e2d66dacc |
|
www.quoka.de/ | Name: _lr_retry_request Value: true |
|
www.quoka.de/ | Name: _lr_env_src_ats Value: false |
|
.adsrvr.org/ | Name: TDID Value: 59ed2696-15bd-4c3e-afaf-57f8bb39fe16 |
|
www.quoka.de/ | Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2259ed2696-15bd-4c3e-afaf-57f8bb39fe16%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-30T12%3A14%3A47%22%7D |
|
.quoka.de/ | Name: panoramaId_expiry Value: 1643631287317 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5de1f35175014a7e8cdfbb62b1074ae1.js.ubembed.com
ads.pubmatic.com
api.rlcdn.com
assets.ubembed.com
ats.rlcdn.com
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
cdn.sift.com
connect.facebook.net
consentmanager.mgr.consensu.org
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hexagon-analytics.com
id.crwdcntrl.net
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
qus.quoka.de
www.facebook.com
www.googletagmanager.com
www.quoka.de
143.204.215.111
151.101.129.131
178.250.0.157
2.18.233.180
2a00:1450:4001:80e::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2008
2a02:2638::1c
2a02:6ea0:c700::11
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.102.232.42
34.120.133.55
34.96.67.224
35.71.131.137
52.209.129.133
65.9.61.26
87.230.98.74
99.86.3.60
99.86.3.70
00064deb9b4f7445dd3cacc7bbd5ac5246562c07f14df596c72547acd4a0feb9
01859b5ef514fc0072a01e895dc9639cf4bfc9440430f47b59ae8518365a94c7
0222d097ec341d422f64b07b2bf8de13e3204382bd2d6b05533a0b35fbc222f0
0726fb8e6a000595120a5494e46cd4d40c8b77b8aa74d2627c26a91deabdb041
0bc18664330e912d363b8c4a7ea26bf61cb38d4ce5ba892d8d16ad579b50ada9
0bcbbfabf23a89588dffa14f33625090be1ecde32ea216c927a2397451124ee8
10d76e76650e1c806d3b3f24cf46801aa33543c6689aad9fc27bb400e93985c4
12c710caf87870dd4638e6ac634d33f8799b202842fe1ff3cf385f19376a5e2a
1cdebf80128cc4a45142b1520cee7f1ff10e51d2eb5a45c534e311045595a2ec
2233132f2402deba0a0b947abd0ac59e62c9c7fcf437e4227a7a0ac05f11a1e0
30c1fcba66f3fc305aa3d2eb3c96528c9a7258370a3d8dfc4acf1112b08dc298
3cf52cd542d747939bf53126d0f55183003dfe3d24d989ba3ad5344c16a551bc
3f9662460a9037944411879b79665b7fed06a0acbb3256115294c85812d3b817
45bbdc177b4cb54cca65cea882e5f01c34bf1f3b71656b279fbcc5bf10b2882e
4606ee91c1cd9c64597971ce65bd1e73333a2c1ff7f56668ebd43687493e005f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55f6cda39c7711e114118a3a6a419e973b43ce14e5977a5351fe3f2aad1efa16
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6fbd61d72a9d73f23e43fa84232e3f89c5966271939c018209f6bd5a15c52453
6ff26db473e4c63fe5dd526b27d63f9cac0eea34eadd4c341b64669dbdc4eab0
71070638cc14ee55aeb8652d35da0099f3fc9d47b1ad828364f90f5024399661
7120d63b06a1a123697eef860a4bcb19fc7f911b0454f32ca5582b7a20acf99c
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
75f527fbaa9c085d67889a6d29a38315325c369f1147807e4bbce2a2f8fcd029
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7a55b66ff11244780be410354f0d74736c8271d5761ecefe7344741e2960f721
93f7b69f553957969d377d755c958ea0e57f782f16dfa5dc82267a74e126206f
9c965f779d36257fbf41ada1dc05757a58ae72166e96c7c169d0fad59f558982
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a2b1fc87d67be3f5f24a72c5f48b41b6d741a2c1b5157c944d5f55c24a1205e2
a4fa0f7729647dc82e8fc38cf5b284ca2832b9a0c6e7eae15f35c51d66c000cc
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
a738a1a6c8b14d6afbb5235a18cf4c8e9af8dca5cf267d20ed99b0188f45244a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad85b5378d0845ddf7c470427eadafb867e368fb6e316f52ca448453e692ec60
b0bf6424f6b9e02ddbf830daeed07e465a1c980fda23d3a7dd0c4e5344982567
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
c0b7b530260e550cbc8373968fbee449ad8a5edc74165e494f8cacb32ccb8ff6
c1ba81aca91b12bac8d9d32a6f18b52a7d21487283ccdabc48d1c2d686bfefe4
c51c5b256fa7de09035dc972add00ce1b3fa74fbac19a422e44ceb7a2feca753
cc13312ee3b6502a952a55e249a3a71bcf95da36b45593ab8cab48d0d07275e6
ccd46f00ee9291954c9533b108da87bd800d3d3c846c5d886012af16a52814ce
d2f1785b4a01f987b7a93f620be19141ba57e72bfee8d258ec3b2ee940ae31b3
d6f4db5c42f2be358cd4755ff5789858b2081cf43ae48113af76f36bc06be3ad
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3109baabe695a894a78f554405e937f96907836ebbb5acfdda75e2d0ba35b14
f5502a16ff2d4b8338e7954e91d93d930e8b10d74d8302a921d0517a84b8eb20
f9dce56fefb05e76bf6ce52913ce45df430292de228fba9822892cf71babbb38
fc064f6229bcdda5389b60be1d2706313875559ffc59fdbfccccb5cdc61892ad