urlscan.io logo urlscan.io
SecurityTrails logo

www.doop.de Open in urlscan Pro
2a00:1158:5:38d::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.versicherungsvergleich.org/u/nrd.php?p=eAZrjvJo5u_45894_11044280_1_6472&ems_l=14141377&i=1&d=NjA0NjAwNTQ4%7CZUFacmp2Sm81dQ%...
Effective URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Submission: On July 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2a00:1158:5:38d::, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.doop.de.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 24th 2022. Valid for: a year.
This is the only time www.doop.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.175.192.11 1764 (NEXTLAYER-AS)
1 2 2a00:1158:5:3... 8972 (GD-EMEA-D...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
4 213.73.83.195 34171 (SNAFU-LIG-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 9
1    217.175.192.11 (Austria)

ASN1764 (NEXTLAYER-AS, AT)
link.versicherungsvergleich.org
2    2a00:1158:5:38d:: (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
doop.de
www.doop.de
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
5    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
fdeam-de.fgrp.net
1    2a02:26f0:ef::5c7b:c209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    213.73.83.195 (Germany)

ASN34171 (SNAFU-LIG-AS, DE)
de.fgrp.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 fgrp.net
fdeam-de.fgrp.net
de.fgrp.net
307 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 666
p.typekit.net — Cisco Umbrella Rank: 786
45 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
82 KB
2 doop.de
doop.de
www.doop.de
3 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819
21 KB
1 versicherungsvergleich.org
link.versicherungsvergleich.org — Cisco Umbrella Rank: 779735
706 B
20 7
Domain Requested by
5 fdeam-de.fgrp.net www.doop.de
fdeam-de.fgrp.net
4 de.fgrp.net
3 use.typekit.net www.doop.de
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com
1 p.typekit.net www.doop.de
1 maxcdn.bootstrapcdn.com www.doop.de
1 www.doop.de
1 doop.de 1 redirects
1 link.versicherungsvergleich.org
20 10

This site contains links to these domains. Also see Links.

Domain
www.finanzen.de
www.verivox.de
ec.europa.eu
Subject Issuer Validity Valid
link.versicherungsvergleich.org
Starfield Secure Certificate Authority - G2		 2021-10-01 -
2022-10-01		 a year crt.sh
www.doop.de
Starfield Secure Certificate Authority - G2		 2022-02-24 -
2023-03-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
fdeam-de.fgrp.net
GTS CA 1D4		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.fgrp.net
Starfield Secure Certificate Authority - G2		 2022-01-20 -
2023-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Frame ID: 4BC276A02BAAEA8D1851138E2967D3FB
Requests: 17 HTTP requests in this frame

Frame: https://fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/31.cache.js
Frame ID: 8E7CEC1C19C110CE29FAE1D171583B2A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DOOP - Sei ein Held. Für Deine Kinder.

Page URL History Show full URLs

  1. https://link.versicherungsvergleich.org/u/nrd.php?p=eAZrjvJo5u_45894_11044280_1_6472&ems_l=14141377&i=1&d=NjA0NjAwNT... Page URL
  2. https://doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&s... HTTP 301
    https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

20
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

478 kB
Transfer

1279 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.versicherungsvergleich.org/u/nrd.php?p=eAZrjvJo5u_45894_11044280_1_6472&ems_l=14141377&i=1&d=NjA0NjAwNTQ4%7CZUFacmp2Sm81dQ%3D%3D%7C&_esuh=_11_0104fbdaff61172817ab45e8e22d53e0c864a51d043e4ce3698d6f11e51ad8ac Page URL
  2. https://doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894 HTTP 301
    https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nrd.php
link.versicherungsvergleich.org/u/ 		647 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://link.versicherungsvergleich.org/u/nrd.php?p=eAZrjvJo5u_45894_11044280_1_6472&ems_l=14141377&i=1&d=NjA0NjAwNTQ4%7CZUFacmp2Sm81dQ%3D%3D%7C&_esuh=_11_0104fbdaff61172817ab45e8e22d53e0c864a51d043e4ce3698d6f11e51ad8ac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.192.11 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
4face07b4d11b9ce6653cf097a461b090a916a4a13653a8b2671c10fc16fed77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
382
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 07:06:30 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-af
suite11-web2
x-fe
suite11-web2
x-hf
suite-haproxy01e
Primary Request privacy-terms.php
www.doop.de/
Redirect Chain
  • https://doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
  • https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1158:5:38d:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
b35db4a934d7b6059eb7261c36b879a1c3982b8379a49eaaecf3173e1ae34fa1

Request headers

Referer
https://link.versicherungsvergleich.org/u/nrd.php?p=eAZrjvJo5u_45894_11044280_1_6472&ems_l=14141377&i=1&d=NjA0NjAwNTQ4%7CZUFacmp2Sm81dQ%3D%3D%7C&_esuh=_11_0104fbdaff61172817ab45e8e22d53e0c864a51d043e4ce3698d6f11e51ad8ac
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 07:06:30 GMT
server
nginx
vary
Accept-Encoding
x-cache-status
BYPASS

Redirect headers

content-length
328
content-type
text/html; charset=iso-8859-1
date
Fri, 15 Jul 2022 07:06:30 GMT
location
https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
server
nginx
x-cache-status
BYPASS
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doop.de/
Origin
https://www.doop.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
access-control-allow-origin
*
cdn-cachedat
03/10/2022 17:25:09
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"2f624089c65f12185e79925bc5a7fc42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3647ae2e4443156f0d0862f7d7b2ec5b
cf-ray
72b0a7e66d26910a-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
yso3pei.js
use.typekit.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/yso3pei.js
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aef95b4d45d565dff008772aae9a348e17ba1021fc9b4b0f0d94c02f6a90e703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 15 Jul 2022 07:06:30 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6681
fdeam.nocache.js
fdeam-de.fgrp.net/s/cms/js/fdeam/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdeam-de.fgrp.net/s/cms/js/fdeam/fdeam.nocache.js
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3c2403b42aa8f9eb553ec4ebe3785e0246dd4a8d6ebd58b29e08f3212e64fa5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:30 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"4blcZA"
content-type
application/javascript
x-cloud-trace-context
19187e0974b55bf725e4df8f504f71bb
cache-control
public, max-age=1
content-length
3088
expires
Fri, 15 Jul 2022 07:06:31 GMT
l
use.typekit.net/af/357d3c/00000000000000000001743c/27/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/357d3c/00000000000000000001743c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9d488f29313f4d28894cc8e0366c06aaf7c9f4b2d74afdb27bc56cc6aa3631e4

Request headers

Referer
https://www.doop.de/
Origin
https://www.doop.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:30 GMT
server
nginx
etag
"d0718025ebeed99974766a14f5af3894b92ffa14"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18816
l
use.typekit.net/af/8b7d27/00000000000000000001743d/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8b7d27/00000000000000000001743d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f413bbbd90e3c5ac0b3bcaa92a86c2d16f9ac55966eca29a792a8f025c68a7d5

Request headers

Referer
https://www.doop.de/
Origin
https://www.doop.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:30 GMT
server
nginx
etag
"0b6954ddb42765b61cbefe03527c63f11df3faa9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19276
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=yso3pei&ht=tk&h=www.doop.de&f=10441.10442&a=5720738&js=1.21.0&app=typekit&e=js&_=1657868790858
Requested by
Host: www.doop.de
URL: https://www.doop.de/privacy-terms.php?sc_src=email_11044280&sc_lid=604600548&sc_uid=eAZrjvJo5u&sc_llid=45894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:30 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
8F5C789A5E5B063EF75CD153F8A55E8E.cache.js
fdeam-de.fgrp.net/s/cms/js/fdeam/ 		235 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdeam-de.fgrp.net/s/cms/js/fdeam/8F5C789A5E5B063EF75CD153F8A55E8E.cache.js
Requested by
Host: fdeam-de.fgrp.net
URL: https://fdeam-de.fgrp.net/s/cms/js/fdeam/fdeam.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e9c7eea565318c3085ebe1f8a94ee1975ecf0dd033a1855a7e544d8e2aca30dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 02:43:28 GMT
content-encoding
gzip
server
Google Frontend
age
15782
etag
"4blcZA"
content-type
application/javascript
x-cloud-trace-context
d1720594e1c09f94a1f75187149563aa;o=1
cache-control
public, max-age=2592000
content-length
90619
expires
Sun, 14 Aug 2022 02:43:28 GMT
31.cache.js
fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/ Frame 8E7C 		557 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/31.cache.js
Requested by
Host:
URL: fdeam-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b32f95ded48af1faa054098e15c4f9a7638b478c950004ddf2238a6c8fb69d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:14:59 GMT
content-encoding
gzip
server
Google Frontend
age
10291
etag
"4blcZA"
content-type
application/javascript
x-cloud-trace-context
c3e23be70010e4a98612a01876b93f09
cache-control
public, max-age=2592000
content-length
207959
expires
Sun, 14 Aug 2022 04:14:59 GMT
6.cache.js
fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/ Frame 8E7C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/6.cache.js
Requested by
Host:
URL: fdeam-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ff3f8b3d4a980642882d160395159b5c28f7780dad94548162d390c06336ec36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:31 GMT
content-encoding
gzip
server
Google Frontend
etag
"4blcZA"
content-type
application/javascript
x-cloud-trace-context
fccd7c888ca594fb63ea65e08d231601
cache-control
public, max-age=2592000
expires
Sun, 14 Aug 2022 07:06:31 GMT
json.php
de.fgrp.net/api/ 		201 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.fgrp.net/api/json.php?locale=de_DE&json=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22cmsGwt.initialize%22%2C%22params%22%3A%7B%22request%22%3A%7B%22designId%22%3A%2211510%22%2C%22contentTypeKey%22%3A%22cmsImprintGwt%22%2C%22siteKey%22%3A%22httpswwwdoopde%22%2C%22entryToken%22%3A%22cms%2Fimprint%2Fimprint%22%2C%22tracking%22%3A%7B%22referer%22%3A%22https%3A%2F%2Flink.versicherungsvergleich.org%2F%22%7D%2C%22slotPanelWidth%22%3A830%2C%22clientWidth%22%3A1600%2C%22clientHeight%22%3A1200%7D%7D%2C%22id%22%3A1%7D&callback=__gwt_jsonp__.P0.onSuccess
Requested by
Host:
URL: fdeam-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.73.83.195 , Germany, ASN34171 (SNAFU-LIG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ff5901811ed62050a446be3295f6250c459ed72f818b0127990b5df58b55f6ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 07:06:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
authorization, content-type
Content-Length
182
Keep-Alive
timeout=15, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT
json.php
de.fgrp.net/api/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.fgrp.net/api/json.php?locale=de_DE&json=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22cmsGwt.initialize%22%2C%22params%22%3A%7B%22request%22%3A%7B%22designId%22%3A%2211510%22%2C%22contentTypeKey%22%3A%22cmsImprintGwt%22%2C%22siteKey%22%3A%22standard%22%2C%22entryToken%22%3A%22cms%2Fimprint%2Fimprint%22%2C%22tracking%22%3A%7B%22referer%22%3A%22https%3A%2F%2Flink.versicherungsvergleich.org%2F%22%7D%2C%22slotPanelWidth%22%3A830%2C%22clientWidth%22%3A1600%2C%22clientHeight%22%3A1200%7D%7D%2C%22id%22%3A1%7D&callback=__gwt_jsonp__.P1.onSuccess
Requested by
Host:
URL: fdeam-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.73.83.195 , Germany, ASN34171 (SNAFU-LIG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
f7c9622c5ba5525a0ed10cf3364ab0f71efc7a5216bcee112c5abcb50763b6d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 07:06:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
authorization, content-type
Content-Length
2917
Keep-Alive
timeout=15, max=99
Expires
Thu, 19 Nov 1981 08:52:00 GMT
cmsImprintGwt.css
de.fgrp.net/s/cms/design/11510/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de.fgrp.net/s/cms/design/11510/css/cmsImprintGwt.css
Requested by
Host:
URL: fdeam-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.73.83.195 , Germany, ASN34171 (SNAFU-LIG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
2e141e07c6940bd90e9800c1c143b93ab34c7d202a126d2df7ca4555e0bdf97b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 07:06:32 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
3013
Access-Control-Allow-Headers
authorization, content-type
Last-Modified
Wed, 13 Jul 2022 07:55:03 GMT
Server
Apache
ETag
"2f1e-5e3ab1a47a9b0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Fri, 22 Jul 2022 07:06:32 GMT
json.php
de.fgrp.net/api/ 		172 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.fgrp.net/api/json.php?locale=de_DE&json=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22affiliateSite.getData%22%2C%22params%22%3A%7B%22request%22%3A%7B%22siteKey%22%3A%22standard%22%7D%7D%2C%22id%22%3A1%7D&callback=__gwt_jsonp__.P2.onSuccess
Requested by
Host:
URL: fdeam-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.73.83.195 , Germany, ASN34171 (SNAFU-LIG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
31ee9814130d2e017a284cc363691fe00f03c65e3c9f029391a5cf39ce80d0ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 07:06:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
authorization, content-type
Content-Length
160
Keep-Alive
timeout=15, max=97
Expires
Thu, 19 Nov 1981 08:52:00 GMT
25.cache.js
fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/ Frame 8E7C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdeam-de.fgrp.net/s/cms/js/fdeam/deferredjs/8F5C789A5E5B063EF75CD153F8A55E8E/25.cache.js
Requested by
Host:
URL: fdeam-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5c34ec860ba3fafa127fd4b223d868618bfafd3cec91a7ab8ada02ed5a35d1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:32 GMT
content-encoding
gzip
server
Google Frontend
etag
"4blcZA"
content-type
application/javascript
x-cloud-trace-context
a3d40109ed3c35100a93723197b51afa
cache-control
public, max-age=2592000
expires
Sun, 14 Aug 2022 07:06:32 GMT
gtm.js
www.googletagmanager.com/ 		126 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMSQXS4&l=gwtDataLayerConceptpmsqxs4
Requested by
Host:
URL: fdeam-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffe48e5d6fb3dfb7bcf1f6b33231f37c2a68767e89b8f9c0a0f86e3ea3d56692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46107
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Jul 2022 07:06:32 GMT
gtm.js
www.googletagmanager.com/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8NQ3XM&l=gwtDataLayerinvocation
Requested by
Host:
URL: fdeam-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c1bc2fc4ed4f3e378c36ba75961ff92e5aa11f72f465d8291099bb16146fadb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 07:06:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37421
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Jul 2022 07:06:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMSQXS4&l=gwtDataLayerConceptpmsqxs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doop.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
35
date
Fri, 15 Jul 2022 07:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Jul 2022 09:05:57 GMT
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1417605971&t=pageview&ni=0&_s=1&dl=https%3A%2F%2Fwww.doop.de%2Fprivacy-terms.php%3Fsc_src%3Demail_11044280%26sc_lid%3D604600548%26sc_uid%3DeAZrjvJo5u%26sc_llid%3D45894&dr=https%3A%2F%2Flink.versicherungsvergleich.org%2F&dp=%2Fprivacy-terms.php%3Fsc_src%3Demail_11044280%26sc_lid%3D604600548%26sc_uid%3DeAZrjvJo5u%26sc_llid%3D45894%23impressum&ul=en-us&de=UTF-8&dt=DOOP%20-%20Sei%20ein%20Held.%20F%C3%BCr%20Deine%20Kinder.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1234618666&gjid=1466866580&cid=2065119685.1657868793&tid=UA-299249-55&_gid=117267326.1657868793&_r=1&gtm=2wg7d0PMSQXS4&cd1=18610&cd2=standard&cd4=cmsImprintGwt&cd6=unknown&z=682253913
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doop.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 07:06:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doop.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Typekit object| fde object| s function| fdeam object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| __gwt_stylesLoaded object| goog function| GwtPotentialElementShim object| __gwt_jsonp__ object| fde_registered_gtm object| gwtDataLayerConceptpmsqxs4 object| gwtDataLayerinvocation object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| addLeadDatasEvent object| fdeLeadData object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.doop.de/ Name: fde-am-visitor
Value: %7B%22id%22%3A%22d789599f01f4290713ae2b343cc515d0%22%7D
.doop.de/ Name: _ga
Value: GA1.2.2065119685.1657868793
.doop.de/ Name: _gid
Value: GA1.2.117267326.1657868793
.doop.de/ Name: _gat_fgpglobalde
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de.fgrp.net
doop.de
fdeam-de.fgrp.net
link.versicherungsvergleich.org
maxcdn.bootstrapcdn.com
p.typekit.net
use.typekit.net
www.doop.de
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::15
213.73.83.195
217.175.192.11
2606:4700::6812:acf
2a00:1158:5:38d::
2a00:1450:4001:827::200e
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:14a0
2a02:26f0:ef::5c7b:c209
2e141e07c6940bd90e9800c1c143b93ab34c7d202a126d2df7ca4555e0bdf97b
31ee9814130d2e017a284cc363691fe00f03c65e3c9f029391a5cf39ce80d0ce
3c2403b42aa8f9eb553ec4ebe3785e0246dd4a8d6ebd58b29e08f3212e64fa5e
4face07b4d11b9ce6653cf097a461b090a916a4a13653a8b2671c10fc16fed77
5c1bc2fc4ed4f3e378c36ba75961ff92e5aa11f72f465d8291099bb16146fadb
5c34ec860ba3fafa127fd4b223d868618bfafd3cec91a7ab8ada02ed5a35d1b9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d488f29313f4d28894cc8e0366c06aaf7c9f4b2d74afdb27bc56cc6aa3631e4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aef95b4d45d565dff008772aae9a348e17ba1021fc9b4b0f0d94c02f6a90e703
b32f95ded48af1faa054098e15c4f9a7638b478c950004ddf2238a6c8fb69d9f
b35db4a934d7b6059eb7261c36b879a1c3982b8379a49eaaecf3173e1ae34fa1
e9c7eea565318c3085ebe1f8a94ee1975ecf0dd033a1855a7e544d8e2aca30dc
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f413bbbd90e3c5ac0b3bcaa92a86c2d16f9ac55966eca29a792a8f025c68a7d5
f7c9622c5ba5525a0ed10cf3364ab0f71efc7a5216bcee112c5abcb50763b6d6
ff3f8b3d4a980642882d160395159b5c28f7780dad94548162d390c06336ec36
ff5901811ed62050a446be3295f6250c459ed72f818b0127990b5df58b55f6ae
ffe48e5d6fb3dfb7bcf1f6b33231f37c2a68767e89b8f9c0a0f86e3ea3d56692