urlscan.io logo urlscan.io
SecurityTrails logo

www.xn--voittavavedonlynti-r3b.com Open in urlscan Pro Puny
www.voittavavedonlyönti.com IDN
178.238.47.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xn--voittavavedonlynti-r3b.com/
Effective URL: https://www.xn--voittavavedonlynti-r3b.com/
Submission: On September 12 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 178.238.47.70, located in Czech Republic and belongs to MASTER-AS Czech Republic / www.master.cz, CZ. The main domain is www.xn--voittavavedonlynti-r3b.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 6th 2018. Valid for: 3 months.
This is the only time www.xn--voittavavedonlynti-r3b.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 178.238.47.70 24971 (MASTER-AS...)
5 54.192.94.243 16509 (AMAZON-02)
7 23.38.53.224 20940 (AKAMAI-ASN1)
1 54.192.94.130 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 7
7    178.238.47.70 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ)
PTR: web-1034.webnode.com
xn--voittavavedonlynti-r3b.com
www.xn--voittavavedonlynti-r3b.com
5    54.192.94.243 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-243.fra2.r.cloudfront.net
d1di2lzuh97fh2.cloudfront.net
7    23.38.53.224 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
1    54.192.94.130 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-130.fra2.r.cloudfront.net
d1di2lzuh97fh2.cloudfront.net
2    2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
6 use.typekit.net www.xn--voittavavedonlynti-r3b.com
6 d1di2lzuh97fh2.cloudfront.net www.xn--voittavavedonlynti-r3b.com
5 xn--voittavavedonlynti-r3b.com 1 redirects www.xn--voittavavedonlynti-r3b.com
2 www.google-analytics.com 1 redirects www.xn--voittavavedonlynti-r3b.com
2 www.xn--voittavavedonlynti-r3b.com 1 redirects
1 www.google.de www.xn--voittavavedonlynti-r3b.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 p.typekit.net www.xn--voittavavedonlynti-r3b.com
20 9

This site contains links to these domains. Also see Links.

Domain
www.webnode.fi
Subject Issuer Validity Valid
xn--voittavavedonlynti-r3b.com
Let's Encrypt Authority X3		 2018-09-06 -
2018-12-05		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2017-11-22 -
2018-11-21		 a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2018-07-20 -
2020-01-03		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xn--voittavavedonlynti-r3b.com/
Frame ID: 872C7000052B575B368678EEA44B0D4C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://xn--voittavavedonlynti-r3b.com/ HTTP 301
    http://www.xn--voittavavedonlynti-r3b.com/ HTTP 301
    https://www.xn--voittavavedonlynti-r3b.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

6444 kB
Transfer

7142 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xn--voittavavedonlynti-r3b.com/ HTTP 301
    http://www.xn--voittavavedonlynti-r3b.com/ HTTP 301
    https://www.xn--voittavavedonlynti-r3b.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&aip=1&a=1014547762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xn--voittavavedonlynti-r3b.com%2F&ul=en-us&de=UTF-8&dt=Voittavavedonlyonti&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=231875941&gjid=1303669511&cid=592772591.1536719679&tid=UA-797705-6&_gid=2005668860.1536719679&_r=1&cd1=W2&z=600751128 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_gid=2005668860.1536719679&gjid=1303669511&_v=j68&z=600751128 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128&slf_rd=1&random=2322060654

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xn--voittavavedonlynti-r3b.com/
Redirect Chain
  • https://xn--voittavavedonlynti-r3b.com/
  • http://www.xn--voittavavedonlynti-r3b.com/
  • https://www.xn--voittavavedonlynti-r3b.com/
29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.238.47.70 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS
web-1034.webnode.com
Software
nginx /
Resource Hash
597eefc053d209c0ccdc3117cd5932df9b2f8c7fa4f5ebe425f069e27b430e43
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
www.xn--voittavavedonlynti-r3b.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
fess=9650ea75c57804bc38dc2e881d0103fa595ea458; PHPSESSID=6579ef73a49fc76b9fcb0875ee1ce8b3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
872C7000052B575B368678EEA44B0D4C

Response headers

Server
nginx
Date
Wed, 12 Sep 2018 02:34:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-FRAME-OPTIONS
DENY
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 12 Sep 2018 02:34:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Location
https://www.xn--voittavavedonlynti-r3b.com/
Access-Control-Allow-Origin
*
4c631j.css
d1di2lzuh97fh2.cloudfront.net/files/4c/4c6/ 		432 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1di2lzuh97fh2.cloudfront.net/files/4c/4c6/4c631j.css?ph=ab393399b9
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-243.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9e2e32e232ea12dc6e1c3ee1d00199fdaab7e00eeb798c3b1109791b8d55019

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 Aug 2018 08:48:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Aug 2018 13:47:55 GMT
Server
AmazonS3
Age
63778
ETag
"3e34fe4f6914d3c8d569407f2858a9ff"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53208
X-Amz-Cf-Id
TrLOjlB-xKMzvMLQ2VV9a97sfKG3oAKDwkhE4eTumGznpTi9lAdOrA==
xzn6jgk.css
use.typekit.net/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/xzn6jgk.css
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ffc9c2b252f0e05605cd2419f5016afa353401226da3c7f91addcddfe895bbaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200, 200 OK
date
Wed, 12 Sep 2018 02:34:39 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
1644
comeon.jpg
xn--voittavavedonlynti-r3b.com/_files/200000000-54cdf55c91/200/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--voittavavedonlynti-r3b.com/_files/200000000-54cdf55c91/200/comeon.jpg
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.238.47.70 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS
web-1034.webnode.com
Software
nginx /
Resource Hash
6bc2b3440e715f5fdf5ef097e014a0d25b0527558628e1d96ef006dfcf01cc06

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xn--voittavavedonlynti-r3b.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.xn--voittavavedonlynti-r3b.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 02:34:39 GMT
Last-Modified
Mon, 03 Sep 2018 10:11:44 GMT
Server
nginx
ETag
"5b8d08e0-b87"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
2951
ribbon-3269162_960_720.png
xn--voittavavedonlynti-r3b.com/_files/200000003-4528e46254/200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--voittavavedonlynti-r3b.com/_files/200000003-4528e46254/200/ribbon-3269162_960_720.png
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.238.47.70 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS
web-1034.webnode.com
Software
nginx /
Resource Hash
81a2e6546270cb90004b3f11a798bae68bd88c25d4a4ca6882c3498af3093517

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xn--voittavavedonlynti-r3b.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.xn--voittavavedonlynti-r3b.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 02:34:39 GMT
Last-Modified
Wed, 05 Sep 2018 20:56:06 GMT
Server
nginx
ETag
"5b9042e6-3c56"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
15446
3evmyq.jpg
d1di2lzuh97fh2.cloudfront.net/files/3e/3ev/200/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1di2lzuh97fh2.cloudfront.net/files/3e/3ev/200/3evmyq.jpg?ph=ab393399b9
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-243.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
576bb1c58364d6c434f99d9aa722237dafb953c33ee408c57c7ac5f93b348fc4

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Mar 2018 09:26:03 GMT
Via
1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Last-Modified
Wed, 16 Dec 2015 17:22:48 GMT
Server
AmazonS3
Age
53698
ETag
"75aeeda9cf1f5106a51ea5620532b38a"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43353
X-Amz-Cf-Id
yK_L76-P1NIbrms0Yn4Rm_PnU4PsEhqXsDGn6BP1jsrcUcrq3sY3AA==
1e7g06.js
d1di2lzuh97fh2.cloudfront.net/files/1e/1e7/ 		244 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1di2lzuh97fh2.cloudfront.net/files/1e/1e7/1e7g06.js?ph=ab393399b9
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-243.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4277ddccddd7960b8f39e6172be6daaff46974748d83a929146e7d64b920a706

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 Aug 2018 08:48:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Aug 2018 13:46:23 GMT
Server
AmazonS3
Age
63778
ETag
"1278b1e92dd34e42f18534bfc836b7ea"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75816
X-Amz-Cf-Id
TmWP7ZYP6EHd9AnOMMy9h16_k_JIq0anAKjnjOuXYupohfQe-jVnAA==
compiled.fi.2-278.js
d1di2lzuh97fh2.cloudfront.net/client.fe/js.compiled/ 		145 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1di2lzuh97fh2.cloudfront.net/client.fe/js.compiled/compiled.fi.2-278.js?ph=ab393399b9
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.130 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-130.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f64587374bf9d4a280fccb985122d355afeff9e92f908ec95f2f96407e14f1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.xn--voittavavedonlynti-r3b.com/
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

Date
Wed, 12 Sep 2018 02:34:40 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
47561
Last-Modified
Tue, 11 Sep 2018 10:30:27 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uname:gitlab-runner/gname:gitlab-runner
ETag
"589829f47db1eeca8db8784a9886b372-1"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Via
1.1 e15344e351ae77fef306bf70353d7fc3.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Amz-Cf-Id
EU-GOxDuE75qfJMnZSRtugTE3eyNNXO1C9JYN1TZfcnrYAmpOAzvXw==
p.css
p.typekit.net/ 		5 B
155 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=xzn6jgk&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.9674.9675.9676.9677.10300.10301.10302.10303.22489.22490.22493.22494.22495.22496&a=3787040&app=typekit&e=css
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
last-modified
Mon, 09 Oct 2017 20:28:46 GMT
server
nginx
etag
"59dbdbfe-5"
status
200
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
5
expires
Wed, 29 Nov 2017 12:11:56 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3333
date
Wed, 12 Sep 2018 01:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Wed, 12 Sep 2018 03:39:06 GMT
2e1sgs.mp4
d1di2lzuh97fh2.cloudfront.net/files/2e/2e1/ 		5 MB
5 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1di2lzuh97fh2.cloudfront.net/files/2e/2e1/2e1sgs.mp4?ph=ab393399b9
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-243.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
988f8ead49400db6d34b88664ed964409c8ae0ca234fc82a9b747663dccd1e91

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Thu, 29 Mar 2018 08:17:04 GMT
Via
1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Mar 2018 07:04:47 GMT
Server
AmazonS3
Age
16291
ETag
"3df5fbdbf7672b3424508a5df5d0554c-2"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-5656694/5656695
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5656695
X-Amz-Cf-Id
8Oyj_gd8r2_cMNigJyDqDvwCKJShVpvb4HLzYMdeTGUeM5v1DRLpSg==
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
l
use.typekit.net/af/55bd39/00000000000000003b9b093f/27/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/55bd39/00000000000000003b9b093f/27/l?subset_id=1&fvd=n9&v=3
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d36a39b9943e9b3bde8d9f0006f3c3e5bcd6e1c5e0b78e9a177117d994963af3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.typekit.net/xzn6jgk.css
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
server
nginx
etag
"745098601264713473de61cd5efcd058b6a1ab0b"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
81260
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?subset_id=1&fvd=n3&v=3
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b9e79b3d3883d7e18800952f0c10ad1146a7c772d3d052da4f6f6ee97458b502

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.typekit.net/xzn6jgk.css
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
server
nginx
etag
"9f555d24c8bb8f0098143121e01d70c999dfa903"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
78908
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?subset_id=1&fvd=n6&v=3
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4bdc8afa101e9f0838d9f61cfefb8d83cb78dbe10c05034751ba9785f7bf460f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.typekit.net/xzn6jgk.css
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
server
nginx
etag
"e832164ba0ffea15032d5e9765678b6e6abd98f4"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
79628
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=1&fvd=n4&v=3
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b096e899023de429dc03a25c597fd831346820192324b0757892c14f496ad9b1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.typekit.net/xzn6jgk.css
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
server
nginx
etag
"c175d8a953da06ba15717c0e146e2080c39cda64"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
79452
l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?subset_id=1&fvd=n8&v=3
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f9c1fd8c17ed64622df58a8a0c8776d552355eda17081ba0d6787815bc46e9d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.typekit.net/xzn6jgk.css
Origin
https://www.xn--voittavavedonlynti-r3b.com

Response headers

date
Wed, 12 Sep 2018 02:34:39 GMT
server
nginx
etag
"918ec233c649cfbec5977deee4c6dfe119668ad1"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
82268
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&aip=1&a=1014547762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xn--voittavavedonlynti-r3b.com%2F&ul=en-us&de=UTF-8&dt=Voittavavedonlyonti&sd=24-bit&sr...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_gid=2005668860.1536719679&gjid=1303669511&_v=j68&z=600751128
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128&slf_rd=1&random=2322060654
42 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128&slf_rd=1&random=2322060654
Requested by
Host: www.xn--voittavavedonlynti-r3b.com
URL: https://www.xn--voittavavedonlynti-r3b.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Sep 2018 02:34:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Sep 2018 02:34:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-797705-6&cid=592772591.1536719679&jid=231875941&_v=j68&z=600751128&slf_rd=1&random=2322060654
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
3evmyq.jpg
d1di2lzuh97fh2.cloudfront.net/files/3e/3ev/450/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1di2lzuh97fh2.cloudfront.net/files/3e/3ev/450/3evmyq.jpg?ph=ab393399b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-243.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb8d5cff2d21b1f874302c055795600499850bdd57db7c9b9d5c2ff2b3e3a216

Request headers

Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Mar 2018 09:33:03 GMT
Via
1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Last-Modified
Wed, 16 Dec 2015 17:22:48 GMT
Server
AmazonS3
Age
46832
ETag
"07740173ac9d78bc7532de119f384929"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173349
X-Amz-Cf-Id
OGqC9DjOxK65Bc_JY0jvvK_FaFU02I2oCLXpBjJ-KGO4fgDFNOp_DA==
ribbon-3269162_960_720.png
xn--voittavavedonlynti-r3b.com/_files/200000003-4528e46254/700/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--voittavavedonlynti-r3b.com/_files/200000003-4528e46254/700/ribbon-3269162_960_720.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.238.47.70 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS
web-1034.webnode.com
Software
nginx /
Resource Hash
cab78feb536c751ca5af63b97c1d5e8d14a47b83031586ab9b109ab69018fd98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xn--voittavavedonlynti-r3b.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.xn--voittavavedonlynti-r3b.com/
Cookie
_ga=GA1.2.592772591.1536719679; _gid=GA1.2.2005668860.1536719679; _gat_wnd_header=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 02:34:39 GMT
Last-Modified
Wed, 05 Sep 2018 20:56:06 GMT
Server
nginx
ETag
"5b9042e6-16582"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
91522
comeon.jpg
xn--voittavavedonlynti-r3b.com/_files/200000000-54cdf55c91/450/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--voittavavedonlynti-r3b.com/_files/200000000-54cdf55c91/450/comeon.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.238.47.70 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS
web-1034.webnode.com
Software
nginx /
Resource Hash
6487a64247780db8952dfb0a441985dd7857ce3a2da94770799fb214aefc104a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xn--voittavavedonlynti-r3b.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.xn--voittavavedonlynti-r3b.com/
Cookie
_ga=GA1.2.592772591.1536719679; _gid=GA1.2.2005668860.1536719679; _gat_wnd_header=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.xn--voittavavedonlynti-r3b.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 02:34:39 GMT
Last-Modified
Mon, 03 Sep 2018 10:11:44 GMT
Server
nginx
ETag
"5b8d08e0-18fa"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
6394

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| checkAndChangeSvgColor string| GoogleAnalyticsObject function| ga object| el function| $ function| jQuery object| Modernizr function| Hammer function| getBackgroundImageUrl function| PhotoSwipe function| PhotoSwipeUI_Default object| wnd object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.xn--voittavavedonlynti-r3b.com/ Name: _gat_wnd_header
Value: 1
.xn--voittavavedonlynti-r3b.com/ Name: _gid
Value: GA1.2.2005668860.1536719679
.xn--voittavavedonlynti-r3b.com/ Name: _ga
Value: GA1.2.592772591.1536719679

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1di2lzuh97fh2.cloudfront.net
p.typekit.net
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.xn--voittavavedonlynti-r3b.com
xn--voittavavedonlynti-r3b.com
178.238.47.70
23.38.53.224
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:819::200e
2a00:1450:400c:c0c::9b
54.192.94.130
54.192.94.243
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4277ddccddd7960b8f39e6172be6daaff46974748d83a929146e7d64b920a706
4bdc8afa101e9f0838d9f61cfefb8d83cb78dbe10c05034751ba9785f7bf460f
50f64587374bf9d4a280fccb985122d355afeff9e92f908ec95f2f96407e14f1
576bb1c58364d6c434f99d9aa722237dafb953c33ee408c57c7ac5f93b348fc4
597eefc053d209c0ccdc3117cd5932df9b2f8c7fa4f5ebe425f069e27b430e43
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6487a64247780db8952dfb0a441985dd7857ce3a2da94770799fb214aefc104a
6bc2b3440e715f5fdf5ef097e014a0d25b0527558628e1d96ef006dfcf01cc06
81a2e6546270cb90004b3f11a798bae68bd88c25d4a4ca6882c3498af3093517
988f8ead49400db6d34b88664ed964409c8ae0ca234fc82a9b747663dccd1e91
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b096e899023de429dc03a25c597fd831346820192324b0757892c14f496ad9b1
b9e79b3d3883d7e18800952f0c10ad1146a7c772d3d052da4f6f6ee97458b502
bb8d5cff2d21b1f874302c055795600499850bdd57db7c9b9d5c2ff2b3e3a216
cab78feb536c751ca5af63b97c1d5e8d14a47b83031586ab9b109ab69018fd98
d36a39b9943e9b3bde8d9f0006f3c3e5bcd6e1c5e0b78e9a177117d994963af3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c1fd8c17ed64622df58a8a0c8776d552355eda17081ba0d6787815bc46e9d1
f9e2e32e232ea12dc6e1c3ee1d00199fdaab7e00eeb798c3b1109791b8d55019
ffc9c2b252f0e05605cd2419f5016afa353401226da3c7f91addcddfe895bbaa