urlscan.io logo urlscan.io
SecurityTrails logo

flacherbauchuebernacht.com Open in urlscan Pro
176.52.244.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.credikarma.com/
Effective URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Submission: On January 30 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 13 domains to perform 20 HTTP transactions. The main IP is 176.52.244.25, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is flacherbauchuebernacht.com.
This is the only time flacherbauchuebernacht.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 199.59.242.150 395082 (BODIS-NJ)
1 172.217.21.228 15169 (GOOGLE)
1 172.217.16.170 15169 (GOOGLE)
2 172.217.18.163 15169 (GOOGLE)
1 1 174.137.155.139 27257 (WEBAIR-IN...)
1 1 52.57.166.120 16509 (AMAZON-02)
1 1 185.49.221.34 59905 (NTH)
1 1 52.28.124.37 16509 (AMAZON-02)
1 1 52.29.138.81 16509 (AMAZON-02)
1 1 52.59.88.107 16509 (AMAZON-02)
6 176.52.244.25 15817 (MITTWALD-...)
1 172.217.23.138 15169 (GOOGLE)
2 151.101.112.207 54113 (FASTLY)
1 216.58.212.142 15169 (GOOGLE)
1 172.217.22.78 15169 (GOOGLE)
20 9
6    199.59.242.150 (New York, United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
www.credikarma.com
1    172.217.21.228 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f228.1e100.net
www.google.com
1    172.217.16.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f170.1e100.net
fonts.googleapis.com
2    172.217.18.163 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f3.1e100.net
fonts.gstatic.com
1    174.137.155.139 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
clk.verblife-2.co
1    52.57.166.120 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-166-120.eu-central-1.compute.amazonaws.com
goldpath.de
1    185.49.221.34 (Switzerland)

ASN59905 (NTH, HR)
clicks.goldlab.de
1    52.28.124.37 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-124-37.eu-central-1.compute.amazonaws.com
go.affilibank.de
1    52.29.138.81 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-138-81.eu-central-1.compute.amazonaws.com
www.affilibank.de
1    52.59.88.107 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-88-107.eu-central-1.compute.amazonaws.com
service.affilicon.net
6    176.52.244.25 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)
flacherbauchuebernacht.com
1    172.217.23.138 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f10.1e100.net
ajax.googleapis.com
2    151.101.112.207 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
vjs.zencdn.net
1    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ams15s21-in-f142.1e100.net
www.youtube.com
1    172.217.22.78 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f78.1e100.net
s.ytimg.com
Domain Requested by
6 flacherbauchuebernacht.com flacherbauchuebernacht.com
6 www.credikarma.com 1 redirects www.credikarma.com
2 vjs.zencdn.net flacherbauchuebernacht.com
2 fonts.gstatic.com
1 s.ytimg.com www.youtube.com
1 www.youtube.com flacherbauchuebernacht.com
1 ajax.googleapis.com flacherbauchuebernacht.com
1 service.affilicon.net 1 redirects
1 www.affilibank.de 1 redirects
1 go.affilibank.de 1 redirects
1 clicks.goldlab.de 1 redirects
1 goldpath.de 1 redirects
1 clk.verblife-2.co 1 redirects
1 fonts.googleapis.com www.credikarma.com
1 www.google.com www.credikarma.com
20 15

This site contains links to these domains. Also see Links.

Domain
secure.affilibank.de
my.affilicon.net
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://flacherbauchuebernacht.com/schneller-abnehmen
Frame ID: (772A06E6B2C546CEA0FB2964D39548A6)
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.credikarma.com/ Page URL
  2. http://www.credikarma.com/rz?u=http%3A%2F%2Fclk.verblife-2.co%2Fclick%3Fi%3D5qnVgxhR95E_0&notadsafe HTTP 302
    http://clk.verblife-2.co/click?i=5qnVgxhR95E_0 HTTP 302
    http://goldpath.de/path/lp.php?trvid=12210&trvx=21db153e&conv=hkrd5DBum*0&query=credikarma&keyw... HTTP 302
    http://clicks.goldlab.de/?aff_id=1767&offer_id=11298&ext_id=1dy05y5ao9ik&aff_sub=12210&source=ACR HTTP 302
    https://go.affilibank.de/flatbellyovernight/kiwi/1/nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8 HTTP 302
    https://www.affilibank.de/scripts/click.php?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f... HTTP 301
    https://service.affilicon.net/compatibility/hop?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f... HTTP 302
    http://flacherbauchuebernacht.com/schneller-abnehmen Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<!--[^>]+WP Rocket/i
Overall confidence: 100%
Detected patterns
  • html /<!--[^>]+WP Rocket/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^VideoJS$/i
Overall confidence: 100%
Detected patterns
  • html /<!--[^>]+WP Rocket/i
Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

20
Requests

0 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

9
IPs

3
Countries

735 kB
Transfer

1720 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.credikarma.com/ Page URL
  2. http://www.credikarma.com/rz?u=http%3A%2F%2Fclk.verblife-2.co%2Fclick%3Fi%3D5qnVgxhR95E_0&notadsafe HTTP 302
    http://clk.verblife-2.co/click?i=5qnVgxhR95E_0 HTTP 302
    http://goldpath.de/path/lp.php?trvid=12210&trvx=21db153e&conv=hkrd5DBum*0&query=credikarma&keyword=*&subid=2041518&pubfeed=98652&banner=3406372&city=&adtarget=flat HTTP 302
    http://clicks.goldlab.de/?aff_id=1767&offer_id=11298&ext_id=1dy05y5ao9ik&aff_sub=12210&source=ACR HTTP 302
    https://go.affilibank.de/flatbellyovernight/kiwi/1/nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8 HTTP 302
    https://www.affilibank.de/scripts/click.php?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f8242&hop=kiwi HTTP 301
    https://service.affilicon.net/compatibility/hop?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f8242&hop=kiwi&campaign_id=9b4c56b0&desturl=http%3A%2F%2Fflacherbauchuebernacht.com%2Fschneller-abnehmen HTTP 302
    http://flacherbauchuebernacht.com/schneller-abnehmen Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.credikarma.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.credikarma.com/
Protocol
HTTP/1.1
Server
199.59.242.150 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d19687bdfd26212a8fc9290d112801750c263a343088f2922bdfd079b021435

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.credikarma.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_W6CH4cw8DCBUZskq3td/ZN33/7PZFV5mf6Ze05NEogcYk0ELYLxaShJRXXnRkgdYmZlTsddOD/68RFObp2iTvA==
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
caf.js
www.google.com/adsense/domains/ 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/
Protocol
HTTP/1.1
Server
172.217.21.228 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f228.1e100.net
Software
sffe /
Resource Hash
94f843c7a4981988430e8999699da119acfa30c3a67c8cb1da5f9456ba94f978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"77013616232870244"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Tue, 30 Jan 2018 11:51:10 GMT
px.gif
www.credikarma.com/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.credikarma.com/px.gif?ch=1&rn=4.406270155543795
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/
Protocol
HTTP/1.1
Server
199.59.242.150 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.credikarma.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.credikarma.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:10 GMT
Last-Modified
Tue, 09 Jan 2018 21:08:32 GMT
Server
nginx
ETag
"5a552f50-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
www.credikarma.com/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.credikarma.com/px.gif?ch=2&rn=4.406270155543795
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/
Protocol
HTTP/1.1
Server
199.59.242.150 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.credikarma.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.credikarma.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:10 GMT
Last-Modified
Tue, 09 Jan 2018 21:08:32 GMT
Server
nginx
ETag
"5a552f50-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
www.credikarma.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.credikarma.com/glp?r=&u=http%3A%2F%2Fwww.credikarma.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/
Protocol
HTTP/1.1
Server
199.59.242.150 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd5710de7d4cd10f79f5e350b5adc0c8df76ce562e9277cc0905746afac0ef6f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.credikarma.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.credikarma.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jan 2018 11:51:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/glp?r=&u=http%3A%2F%2Fwww.credikarma.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
SPDY
Server
172.217.16.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f170.1e100.net
Software
ESF /
Resource Hash
2cc52d484b283d2dc1737cf2ae031a42c2054fcf5ffba4d1754aa027da51a168
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 30 Jan 2018 11:51:10 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2018 11:51:10 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Tue, 30 Jan 2018 11:51:10 GMT
gzb
www.credikarma.com/ 		121 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.credikarma.com/gzb
Requested by
Host: www.credikarma.com
URL: http://www.credikarma.com/glp?r=&u=http%3A%2F%2Fwww.credikarma.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.150 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://www.credikarma.com
Accept-Encoding
gzip, deflate
Host
www.credikarma.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://www.credikarma.com/
Connection
keep-alive
Content-Length
246
Referer
http://www.credikarma.com/
Origin
http://www.credikarma.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 30 Jan 2018 11:51:11 GMT
Server
nginx
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Length
121
Expires
Mon, 26 Jul 1997 05:00:00 GMT
DXI1ORHCpsQm3Vp6mXoaTRampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTRampu5_7CjHW5spxoeN3Vs.woff2
Protocol
SPDY
Server
172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f3.1e100.net
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://www.credikarma.com

Response headers

date
Thu, 07 Dec 2017 00:41:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:40 GMT
server
sffe
age
4705754
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8732
x-xss-protection
1; mode=block
expires
Fri, 07 Dec 2018 00:41:56 GMT
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Protocol
SPDY
Server
172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f3.1e100.net
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://www.credikarma.com

Response headers

date
Fri, 26 Jan 2018 00:23:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
386885
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Sat, 26 Jan 2019 00:23:05 GMT
Primary Request schneller-abnehmen
flacherbauchuebernacht.com/
Redirect Chain
  • http://www.credikarma.com/rz?u=http%3A%2F%2Fclk.verblife-2.co%2Fclick%3Fi%3D5qnVgxhR95E_0&notadsafe
  • http://clk.verblife-2.co/click?i=5qnVgxhR95E_0
  • http://goldpath.de/path/lp.php?trvid=12210&trvx=21db153e&conv=hkrd5DBum*0&query=credikarma&keyword=*&subid=2041518&pubfeed=98652&banner=3406372&city=&adtarget=flat
  • http://clicks.goldlab.de/?aff_id=1767&offer_id=11298&ext_id=1dy05y5ao9ik&aff_sub=12210&source=ACR
  • https://go.affilibank.de/flatbellyovernight/kiwi/1/nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8
  • https://www.affilibank.de/scripts/click.php?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f8242&hop=kiwi
  • https://service.affilicon.net/compatibility/hop?data1=nlpJwJKGThKJqEEM7ChHGs6D28HE28jKRTAMEBWM6O8&bid=4b0f8242&hop=kiwi&campaign_id=9b4c56b0&desturl=http%3A%2F%2Fflacherbauchuebernacht.com%2Fschnel...
  • http://flacherbauchuebernacht.com/schneller-abnehmen
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
9ca2d790554d453d54d9dd72b511ef78abb3f9d75491041f7b75b327cb0bb1ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.credikarma.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.credikarma.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Cache-Control
max-age=0
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=5, max=100
Content-Length
3158
Expires
Tue, 30 Jan 2018 11:51:13 GMT

Redirect headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/7.1.6
Content-Type
text/html; charset=UTF-8
Location
http://flacherbauchuebernacht.com/schneller-abnehmen
Set-Cookie
_afref=MzEsdEcCdPMyaDCkujB7DcjRqW6zBxI33E37Fa1r; expires=Fri, 28-Jan-2028 11:51:13 GMT; Max-Age=315360000; path=/; domain=affilicon.net; secure
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
452
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
SPDY
Server
172.217.23.138 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f10.1e100.net
Software
sffe /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 17 Jan 2018 21:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1088676
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
34044
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jan 2019 21:26:37 GMT
videojs-ie8.min.js
vjs.zencdn.net/ie8/1.1.2/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
151.101.112.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 20:27:09 GMT
ETag
"2ff9bb22f0b1789ac170247b0825488f"
X-Served-By
cache-hhn1549-HHN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
8924
X-Cache-Hits
154070
video.js
vjs.zencdn.net/5.17.0/ 		860 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vjs.zencdn.net/5.17.0/video.js
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
151.101.112.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
98a03ef500a3dc42e268e48bccf580eb6f66e70bf7492e2427296024c1f69b9b

Request headers

Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 20:33:22 GMT
ETag
"49134f49521b96117e04a956c4dc85cf"
X-Served-By
cache-hhn1533-HHN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
170873
X-Cache-Hits
22866
183257f281071561991f87ae61467f98.js
flacherbauchuebernacht.com/wp-content/cache/min/1/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://flacherbauchuebernacht.com/wp-content/cache/min/1/183257f281071561991f87ae61467f98.js
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
ceac9fcfcf97c5b4663dd81114834f3c14d36398bd2521cad1d67b08efa22664

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
Connection
keep-alive
Cache-Control
no-cache
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Sep 2017 14:00:14 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3583
Expires
Wed, 30 Jan 2019 11:51:13 GMT
Slogan.png
flacherbauchuebernacht.com/wp-content/uploads/2017/03/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://flacherbauchuebernacht.com/wp-content/uploads/2017/03/Slogan.png
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
f8836f365b7bc46e423ac730e4f726036ec8f2c1ff8a940a1bf555d05d09dc9d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
Connection
keep-alive
Cache-Control
no-cache
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Last-Modified
Wed, 19 Apr 2017 17:37:44 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
85925
Expires
Thu, 01 Mar 2018 11:51:13 GMT
In-den-Warenkorb-550x157.png
flacherbauchuebernacht.com/wp-content/uploads/2017/02/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://flacherbauchuebernacht.com/wp-content/uploads/2017/02/In-den-Warenkorb-550x157.png
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
519f4a6aa7891708efc3ac960c98f82943cc53fe4c23e8b29d6cf11d7836f5c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
Connection
keep-alive
Cache-Control
no-cache
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Last-Modified
Wed, 19 Apr 2017 17:32:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
80266
Expires
Thu, 01 Mar 2018 11:51:13 GMT
FB%C3%9CN_3er.png
flacherbauchuebernacht.com/wp-content/uploads/2017/03/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://flacherbauchuebernacht.com/wp-content/uploads/2017/03/FB%C3%9CN_3er.png
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
a6a9983b08d5a742b1cef6c2d9cc081bdc24055251d6c9411ddb38a475df174f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
Connection
keep-alive
Cache-Control
no-cache
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Last-Modified
Wed, 19 Apr 2017 17:36:55 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
212099
Expires
Thu, 01 Mar 2018 11:51:13 GMT
iframe_api
www.youtube.com/ 		740 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/wp-content/cache/min/1/183257f281071561991f87ae61467f98.js
Protocol
SPDY
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
YouTube Frontend Proxy /
Resource Hash
89db424a3c5ba381640f61d235276bf75daeef8cf78e509a54b5e1d1cfc0d906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 30 Jan 2018 11:51:13 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
740
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
splash-bg.jpg
flacherbauchuebernacht.com/wp-content/uploads/2017/03/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://flacherbauchuebernacht.com/wp-content/uploads/2017/03/splash-bg.jpg
Requested by
Host: flacherbauchuebernacht.com
URL: http://flacherbauchuebernacht.com/schneller-abnehmen
Protocol
HTTP/1.1
Server
176.52.244.25 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
49a4f518d8cd5f5c554a3a709e56be091d9e2261aa39463bd546518002600ee1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
flacherbauchuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
Connection
keep-alive
Cache-Control
no-cache
Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 30 Jan 2018 11:51:13 GMT
Last-Modified
Wed, 19 Apr 2017 17:40:10 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Cache-Control
max-age=2592000, public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
33210
Expires
Thu, 01 Mar 2018 11:51:13 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflcZyLnu/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflcZyLnu/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
SPDY
Server
172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f78.1e100.net
Software
sffe /
Resource Hash
027d462b9ecdf681d5901c8b11de3cf879a56cc432c6d394572afed38f9d85cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://flacherbauchuebernacht.com/schneller-abnehmen
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 30 Jan 2018 00:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39667
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8034
x-xss-protection
1; mode=block
last-modified
Sun, 28 Jan 2018 15:47:57 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 07 Feb 2018 00:50:06 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery undefined| returnExports function| videojs undefined| Youtube function| getCookie function| setCookie object| jQuery11200682333499767507 string| exitpopupmessage string| exitpopuppage function| addLoadEvent function| addClickEvent string| theDiv boolean| PreventExitPopUp function| DisplayExitPopUp object| a object| theBody function| disablelinksfunc function| disableformsfunc object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: M9zO9DJreZI
.youtube.com/ Name: YSC
Value: TOlS8zZCyss
flacherbauchuebernacht.com/ Name: startpage_loaded
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
clicks.goldlab.de
clk.verblife-2.co
flacherbauchuebernacht.com
fonts.googleapis.com
fonts.gstatic.com
go.affilibank.de
goldpath.de
s.ytimg.com
service.affilicon.net
vjs.zencdn.net
www.affilibank.de
www.credikarma.com
www.google.com
www.youtube.com
151.101.112.207
172.217.16.170
172.217.18.163
172.217.21.228
172.217.22.78
172.217.23.138
174.137.155.139
176.52.244.25
185.49.221.34
199.59.242.150
216.58.212.142
52.28.124.37
52.29.138.81
52.57.166.120
52.59.88.107
027d462b9ecdf681d5901c8b11de3cf879a56cc432c6d394572afed38f9d85cc
2cc52d484b283d2dc1737cf2ae031a42c2054fcf5ffba4d1754aa027da51a168
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
49a4f518d8cd5f5c554a3a709e56be091d9e2261aa39463bd546518002600ee1
519f4a6aa7891708efc3ac960c98f82943cc53fe4c23e8b29d6cf11d7836f5c0
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6d19687bdfd26212a8fc9290d112801750c263a343088f2922bdfd079b021435
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89db424a3c5ba381640f61d235276bf75daeef8cf78e509a54b5e1d1cfc0d906
94f843c7a4981988430e8999699da119acfa30c3a67c8cb1da5f9456ba94f978
98a03ef500a3dc42e268e48bccf580eb6f66e70bf7492e2427296024c1f69b9b
9ca2d790554d453d54d9dd72b511ef78abb3f9d75491041f7b75b327cb0bb1ab
a6a9983b08d5a742b1cef6c2d9cc081bdc24055251d6c9411ddb38a475df174f
bd5710de7d4cd10f79f5e350b5adc0c8df76ce562e9277cc0905746afac0ef6f
ceac9fcfcf97c5b4663dd81114834f3c14d36398bd2521cad1d67b08efa22664
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8836f365b7bc46e423ac730e4f726036ec8f2c1ff8a940a1bf555d05d09dc9d