www.df.eu
Open in
urlscan Pro
2a02:fe80:1010::3:7
Public Scan
Effective URL: https://www.df.eu/de/
Submission: On April 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 3rd 2021. Valid for: a year.
This is the only time www.df.eu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 103.224.182.240 103.224.182.240 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 5 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 1 | 78.46.197.88 78.46.197.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 157.90.169.168 157.90.169.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 104.111.239.217 104.111.239.217 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 35 | 2a02:fe80:101... 2a02:fe80:1010::3:7 | 30148 (SUCURI-SEC) (SUCURI-SEC) | |
6 | 160.153.13.2 160.153.13.2 | 20773 (GODADDY) (GODADDY) | |
2 | 23.35.236.209 23.35.236.209 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 18.66.97.122 18.66.97.122 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:200... 2a04:4e42:200::282 | 54113 (FASTLY) (FASTLY) | |
51 | 8 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-240.above.com
capitolonemobile.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com |
ASN20773 (GODADDY, DE)
PTR: ip-160-153-13-2.ip.secureserver.net
n3pprd001.cloudstorage.secureserver.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-209.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-122.fra56.r.cloudfront.net
images-static.trustpilot.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
df.eu
1 redirects
www.df.eu — Cisco Umbrella Rank: 962311 |
741 KB |
6 |
secureserver.net
n3pprd001.cloudstorage.secureserver.net |
218 KB |
5 |
1redirc.com
1 redirects
1redirc.com — Cisco Umbrella Rank: 365672 |
8 KB |
2 |
trustpilot.com
images-static.trustpilot.com — Cisco Umbrella Rank: 35494 |
15 KB |
2 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 980 |
10 KB |
2 |
lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 977835 |
877 B |
2 |
capitolonemobile.com
2 redirects
capitolonemobile.com |
1 KB |
1 |
polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2363 |
449 B |
1 |
awin1.com
1 redirects
www.awin1.com — Cisco Umbrella Rank: 15136 |
796 B |
1 |
clever-redirect.com
1 redirects
clever-redirect.com |
424 B |
51 | 10 |
Domain | Requested by | |
---|---|---|
35 | www.df.eu |
1 redirects
lookandfind.me
www.df.eu |
6 | n3pprd001.cloudstorage.secureserver.net |
www.df.eu
n3pprd001.cloudstorage.secureserver.net |
5 | 1redirc.com |
1 redirects
1redirc.com
|
2 | images-static.trustpilot.com |
www.df.eu
|
2 | tags.tiqcdn.com |
www.df.eu
tags.tiqcdn.com |
2 | lookandfind.me |
1redirc.com
|
2 | capitolonemobile.com | 2 redirects |
1 | cdn.polyfill.io |
n3pprd001.cloudstorage.secureserver.net
|
1 | www.awin1.com | 1 redirects |
1 | clever-redirect.com | 1 redirects |
51 | 10 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
lookandfind.me R3 |
2022-03-03 - 2022-06-01 |
3 months | crt.sh |
*.df.eu Go Daddy Secure Certificate Authority - G2 |
2021-12-03 - 2023-01-04 |
a year | crt.sh |
*.cloudstorage.secureserver.net Starfield Secure Certificate Authority - G2 |
2020-05-06 - 2022-05-06 |
2 years | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2022-02-27 - 2023-02-28 |
a year | crt.sh |
*.trustpilot.com Amazon |
2022-03-04 - 2023-04-02 |
a year | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-03-08 - 2023-04-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.df.eu/de/
Frame ID: ADA14C2E5673A48252B7F5A793519975
Requests: 70 HTTP requests in this frame
Screenshot
Page Title
Domains, Hosting und Homepage von DomainFactoryDomainsWebhostingE-MailHomepageWordPressSicherheitPage URL History Show full URLs
-
http://capitolonemobile.com/
HTTP 302
https://capitolonemobile.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB%2Boshu6y0BotLL8mI1C5VbXsfj%2F1U1d5Rm55RwwRye... Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D47519...
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=2022041610180004b417f3dd2af9e30d HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=df.eu&s1=721614&s2=&s3=4751... Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D9340%26id%3D926315%2... Page URL
-
https://www.awin1.com/awclick.php?mid=9340&id=926315&pref1=38bf5dfbb6ecb880e4a2651f4293f137&pref2=DE
HTTP 302
https://www.df.eu/?et_cid=15&et_lid=135094&utm_source=zanox&utm_medium=affiliate&utm_campaign=... HTTP 307
https://www.df.eu/de/ Page URL
Detected technologies
TYPO3 CMS (CMS) ExpandDetected patterns
- <link[^>]+ href="/?typo3(?:conf|temp)/
- <img[^>]+ src="/?typo3(?:conf|temp)/
WordPress (CMS) Expand
Detected patterns
- /wp-(?:content|includes)/
React (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+data-react
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
SWFObject (Miscellaneous) Expand
Detected patterns
- swfobject.*\.js
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Statusmeldung
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Jetzt anmelden.
Search URL Search Domain Scan URL
Title: Kundenmenü
Search URL Search Domain Scan URL
Title: JiffyBox Control-Panel
Search URL Search Domain Scan URL
Title: Webmail
Search URL Search Domain Scan URL
Title: Homepage-Baukasten
Search URL Search Domain Scan URL
Title: Ausgezeichnet mit 4.8 von 5 Sternen bei 3233 Bewertungen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Forum
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://capitolonemobile.com/
HTTP 302
https://capitolonemobile.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB%2Boshu6y0BotLL8mI1C5VbXsfj%2F1U1d5Rm55RwwRyeFbgkQiCMDTOhZ9s6k%2Bi6V200PB3CKxYGTWpa%2FX4CeKf%2BBtx03gLqTawV%2BublLb0Yn%2FoTEQw3LffOKAmHO%2F99LdS7TQ4TkhB8mrXzm3V5AAJvoTi2Lb%2FhLPWC0x7QQF68o4vj9UdEcxpyLTYRpPsuRUEWDKHeAbI5KV%2FVv2Om%2BnduWwKmH8aOmcBrIE4okSf5RiGxXJ3rR5oR0Dpy7J4f21arF060%2FLRmaXXM8dkrEkd%2B99cfA5ZVgVFNbsvqP6sggmQvRy%2B16o1dCErfdiqrZnEqAhnLBVheGXVWFLh9IVfXgAiW%2FkFg5jOr1x0s1cgjKcH%2Bv41gV%2BmvNX63HkkwNLhXyWuplW8NfrUS982gP7CiQpM%2Bzu78DfFwJh%2BG%2FarWBH%2BuG3w6mQ2NcCJo1NsZP5P5Zhw%2FXcB9BlF7BBT4RBMlq9lFRHBHer6JjoXpikAaR82dmB5%2B%2B0jH3plQt5EHGdVs1cPgHIbcXev4Tkvb6%2BXchFkfLMRee5KZiPo3K94T9lnDPlNR2NSBm1GlP%2BgjITfDwQkQud%2B8nkm6jm18kFLibt8KLxNa0VawNhe7yfL9BrejW00KhCpxravCKbzR5nmnsctTXYcmWdcAQvx7R84Q1JTLTvJZG12QShKFvkUMtXIvMm5bzar0DR57VVA2ORT3dRnRbA2vPRrn0e%2FFlz7MOURFxLMiU%2FhLWAZXTnHLIRHIkmyicgcaQEEUiFmDdlqCbCWZ6%2BPrGR8Nzp%2BXNM3Q%3D Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D475199633%26sid%3D2022041610180004b417f3dd2af9e30d&s=j&enc=a1hBRTluMFhCUTdjM3VkMVNwYjM5SDQ5Zm5OVlRGcDViblZaTmk5aFRrOW5Va2x6TjJSclkwZENlSGRMVldSdFJGaFdaV2N4VGl0a1JscEdRV0Z2YTNwM1MwNWxTVmQ1TjBkRGRuSnhZVmxUYm5OUGEycG5SbXgyYVRoUlQwRlRTVmR3UjFweVFsVkxUbTgxWW1zMlVWWTBaelV6VTJGWFJqTmtWMU4wWmpseVkxbFVhMnRxVjFkeVdWSmFkVGhsU2xKek1XVktSMVV5VmtaWWIxZENOREZIVVd0bmNqaFNXVE12UVdSa2FrWk5UV0ZYY0VaQ1lWcHVZazEyUlZGNFdtUkVWM3BOU3k5S1RUTnRlamxKUXpSYVIyc3pOemhzU0RKR2FYZFJVMmR0VDBoemFHUjBWV3BwVGtKaWVIWlNNbEZpWWtsRllYVk9ZV2xVUXl0b2VXWkdORzB5V1hOc1RWWnZiV0phY1VwblpsZFdVMmMxTTNGSmQzZEVlRkpqZVVaTmNYVmlOV3RKVm0xQmNsSTJVMjlWTDFKMVlXZHBOR1ZJU2xCSFIwUXZWSE4xTlN0VlVYZDFiR0pDVEVsU2RsTkljVXNyWldNMlkwMUZjbE5GV2pOMFZsVmtOVGcxYkZKUlRYRkVSRUkxZW5WRWFITnFabU51VEUxMVV6SlZSRk0yVERnNVRIazVObXBrU0hwVVVIVm9VR2N4VkZOMmJUQXdSMUYyU0ZWV1VYZFBkM2hCTWt3M1VqWkVSemh5VmpRclpsQTRTR3RHZGxWRE16ZFNPR1UyZEhSYU5qbElNVTkxTTBKeE4yZHNLMlZ4YzB3M1EyaEJlbEJ4YzFjMU1rOWxSM2xZTkdWVGNrUkdiSEJXWnpWa1kzQkdVM2RLZEUxcFVscFdVMVZGY2pWdVdVNW9PVXRVUkRkV1UxbEVVR3QwZUZoMWNIZERUWGhRVFZOM1NHRk5jMU56U1RoWlVUZHRPVGMwVVc5NVJrTnFSV281TTBaSVowaGhXbFJPWjA1dmIzSkdWVXRxTkc5WWRDOUZRMnRTUWpWUWNuSkhhbWd6UkhWVFpXUlNRbTV3U0VKMmRWa3hOMFUzTlRZdmQwNTJPSGh5WkhoQ1J6UkZSMGRqZUN0bk5rOUhVbUZqVEdjcmFpOUpVRVJ1Wm10cFQyUmtSRzVoV1RSVVNVbEVUVFE1U0ZkTWJESkhWMEZ1U2xKdFJrNURTVWt6T1dGVWRuY3JaM1ZhT0VFNVpsQkxTVTF2YVhJclVITkZlRkk0VnpSWWQzWnRORU56WTBaSWRYSnJlRVZJYkRKNFpIbDBjVmhPTjFnMWFXMHdiRE5PVDJFeFN6QTFVVUkzWlZwUGNrVkZRV1Z5S3pGd0sxWlRkMmhrVVhCMldYWjJWMHhyTVZsRmVUTmxPV2xuVWxGR1RubFNhbTFqYkc1bVdtNXZjR3hpZEROSVQxWmlTQ3R0YlU1UlNsSkpiVWRIUjJKdEsyMXJkVGRsUW1WS0sxSkxjRk5VUTAxWUwzSTNaVEZzSzFSWmMwcEhXRTlTZFU5bVFYRjBXR0YyU0hsNE1ETmFXRlpIY0doRlBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=2022041610180004b417f3dd2af9e30d HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=df.eu&s1=721614&s2=&s3=475199633&s5=cf Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D9340%26id%3D926315%26pref1%3D38bf5dfbb6ecb880e4a2651f4293f137%26pref2%3DDE&h=44b546e27910070d995671c07865007f Page URL
-
https://www.awin1.com/awclick.php?mid=9340&id=926315&pref1=38bf5dfbb6ecb880e4a2651f4293f137&pref2=DE
HTTP 302
https://www.df.eu/?et_cid=15&et_lid=135094&utm_source=zanox&utm_medium=affiliate&utm_campaign=domainfactory&awc=9340_1650068282_dbb8e14faacffff06f3b42c878562ce7 HTTP 307
https://www.df.eu/de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://capitolonemobile.com/ HTTP 302
- https://capitolonemobile.com/ HTTP 302
- http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB%2Boshu6y0BotLL8mI1C5VbXsfj%2F1U1d5Rm55RwwRyeFbgkQiCMDTOhZ9s6k%2Bi6V200PB3CKxYGTWpa%2FX4CeKf%2BBtx03gLqTawV%2BublLb0Yn%2FoTEQw3LffOKAmHO%2F99LdS7TQ4TkhB8mrXzm3V5AAJvoTi2Lb%2FhLPWC0x7QQF68o4vj9UdEcxpyLTYRpPsuRUEWDKHeAbI5KV%2FVv2Om%2BnduWwKmH8aOmcBrIE4okSf5RiGxXJ3rR5oR0Dpy7J4f21arF060%2FLRmaXXM8dkrEkd%2B99cfA5ZVgVFNbsvqP6sggmQvRy%2B16o1dCErfdiqrZnEqAhnLBVheGXVWFLh9IVfXgAiW%2FkFg5jOr1x0s1cgjKcH%2Bv41gV%2BmvNX63HkkwNLhXyWuplW8NfrUS982gP7CiQpM%2Bzu78DfFwJh%2BG%2FarWBH%2BuG3w6mQ2NcCJo1NsZP5P5Zhw%2FXcB9BlF7BBT4RBMlq9lFRHBHer6JjoXpikAaR82dmB5%2B%2B0jH3plQt5EHGdVs1cPgHIbcXev4Tkvb6%2BXchFkfLMRee5KZiPo3K94T9lnDPlNR2NSBm1GlP%2BgjITfDwQkQud%2B8nkm6jm18kFLibt8KLxNa0VawNhe7yfL9BrejW00KhCpxravCKbzR5nmnsctTXYcmWdcAQvx7R84Q1JTLTvJZG12QShKFvkUMtXIvMm5bzar0DR57VVA2ORT3dRnRbA2vPRrn0e%2FFlz7MOURFxLMiU%2FhLWAZXTnHLIRHIkmyicgcaQEEUiFmDdlqCbCWZ6%2BPrGR8Nzp%2BXNM3Q%3D
- http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D475199633%26sid%3D2022041610180004b417f3dd2af9e30d&s=j&enc=a1hBRTluMFhCUTdjM3VkMVNwYjM5SDQ5Zm5OVlRGcDViblZaTmk5aFRrOW5Va2x6TjJSclkwZENlSGRMVldSdFJGaFdaV2N4VGl0a1JscEdRV0Z2YTNwM1MwNWxTVmQ1TjBkRGRuSnhZVmxUYm5OUGEycG5SbXgyYVRoUlQwRlRTVmR3UjFweVFsVkxUbTgxWW1zMlVWWTBaelV6VTJGWFJqTmtWMU4wWmpseVkxbFVhMnRxVjFkeVdWSmFkVGhsU2xKek1XVktSMVV5VmtaWWIxZENOREZIVVd0bmNqaFNXVE12UVdSa2FrWk5UV0ZYY0VaQ1lWcHVZazEyUlZGNFdtUkVWM3BOU3k5S1RUTnRlamxKUXpSYVIyc3pOemhzU0RKR2FYZFJVMmR0VDBoemFHUjBWV3BwVGtKaWVIWlNNbEZpWWtsRllYVk9ZV2xVUXl0b2VXWkdORzB5V1hOc1RWWnZiV0phY1VwblpsZFdVMmMxTTNGSmQzZEVlRkpqZVVaTmNYVmlOV3RKVm0xQmNsSTJVMjlWTDFKMVlXZHBOR1ZJU2xCSFIwUXZWSE4xTlN0VlVYZDFiR0pDVEVsU2RsTkljVXNyWldNMlkwMUZjbE5GV2pOMFZsVmtOVGcxYkZKUlRYRkVSRUkxZW5WRWFITnFabU51VEUxMVV6SlZSRk0yVERnNVRIazVObXBrU0hwVVVIVm9VR2N4VkZOMmJUQXdSMUYyU0ZWV1VYZFBkM2hCTWt3M1VqWkVSemh5VmpRclpsQTRTR3RHZGxWRE16ZFNPR1UyZEhSYU5qbElNVTkxTTBKeE4yZHNLMlZ4YzB3M1EyaEJlbEJ4YzFjMU1rOWxSM2xZTkdWVGNrUkdiSEJXWnpWa1kzQkdVM2RLZEUxcFVscFdVMVZGY2pWdVdVNW9PVXRVUkRkV1UxbEVVR3QwZUZoMWNIZERUWGhRVFZOM1NHRk5jMU56U1RoWlVUZHRPVGMwVVc5NVJrTnFSV281TTBaSVowaGhXbFJPWjA1dmIzSkdWVXRxTkc5WWRDOUZRMnRTUWpWUWNuSkhhbWd6UkhWVFpXUlNRbTV3U0VKMmRWa3hOMFUzTlRZdmQwNTJPSGh5WkhoQ1J6UkZSMGRqZUN0bk5rOUhVbUZqVEdjcmFpOUpVRVJ1Wm10cFQyUmtSRzVoV1RSVVNVbEVUVFE1U0ZkTWJESkhWMEZ1U2xKdFJrNURTVWt6T1dGVWRuY3JaM1ZhT0VFNVpsQkxTVTF2YVhJclVITkZlRkk0VnpSWWQzWnRORU56WTBaSWRYSnJlRVZJYkRKNFpIbDBjVmhPTjFnMWFXMHdiRE5PVDJFeFN6QTFVVUkzWlZwUGNrVkZRV1Z5S3pGd0sxWlRkMmhrVVhCMldYWjJWMHhyTVZsRmVUTmxPV2xuVWxGR1RubFNhbTFqYkc1bVdtNXZjR3hpZEROSVQxWmlTQ3R0YlU1UlNsSkpiVWRIUjJKdEsyMXJkVGRsUW1WS0sxSkxjRk5VUTAxWUwzSTNaVEZzSzFSWmMwcEhXRTlTZFU5bVFYRjBXR0YyU0hsNE1ETmFXRlpIY0doRlBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
- https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=2022041610180004b417f3dd2af9e30d HTTP 302
- https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=df.eu&s1=721614&s2=&s3=475199633&s5=cf
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
r2.php
1redirc.com/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
1redirc.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
1redirc.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
1redirc.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
lookandfind.me/s/ Redirect Chain
|
375 B 542 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r
lookandfind.me/s/ |
305 B 335 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.df.eu/de/ Redirect Chain
|
63 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head-fb30ca5786a60488bcbf9c1238db09fc.merged.css
www.df.eu/typo3temp/scriptmerger/uncompressed/ |
476 KB 86 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head-3ba13f5f59f517631f1c0f499ff186ff.merged.js
www.df.eu/typo3temp/scriptmerger/uncompressed/ |
595 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body-3b56cf255b02a1c18deb1965e9ebc134.merged.js
www.df.eu/typo3temp/scriptmerger/uncompressed/ |
536 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
barlow-v11-latin-regular.woff2
www.df.eu/typo3conf/ext/project_theme/Resources/Public/Fonts/Barlow/ |
21 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
barlow-v11-latin-600.woff2
www.df.eu/typo3conf/ext/project_theme/Resources/Public/Fonts/Barlow/ |
21 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
barlow-v11-latin-700.woff2
www.df.eu/typo3conf/ext/project_theme/Resources/Public/Fonts/Barlow/ |
21 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polygon-hero.svg
www.df.eu/typo3conf/ext/project_theme/Resources/Public/Images/ |
161 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
3 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/gpl/domfactory/prod/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
181 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
326 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
468 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
478 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
377 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gradient-bg.svg
www.df.eu/fileadmin/assets/home/ |
1 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
283 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-df-1634739415.svg
www.df.eu/fileadmin/user_upload/websiteConfiguration/ |
7 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csm_home_64b1edfdfa.jpg
www.df.eu/fileadmin/_processed_/d/e/ |
31 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
images-static.trustpilot.com/api/logos/light-bg/ |
12 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star.svg
images-static.trustpilot.com/api/stars/5/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
458 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
411 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
788 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
509 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
871 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
633 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centrefold_home.jpg
www.df.eu/fileadmin/assets/home/ |
123 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csm_SP_AWARD-Logo_2020_SILBER_5cf6d62689.jpg
www.df.eu/fileadmin/_processed_/b/6/ |
10 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
190527-df-hosting-award-silber-domains.jpg
www.df.eu/fileadmin/media/images/awards/ |
14 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hosting-award-2016.png
www.df.eu/fileadmin/media/images/awards/ |
6 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1903_HostingAward_gold.png
www.df.eu/fileadmin/media/images/awards/ |
7 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chip.jpg
www.df.eu/fileadmin/media/images/awards/ |
10 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-gb8f4aa555_1920_titel.jpg
www.df.eu/blog/wp-content/uploads/2022/04/ |
125 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cyber-monday-gad396915b_1920_Titel-150x150.jpg
www.df.eu/blog/wp-content/uploads/2022/03/ |
4 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
business-gd5b1690dd_1920_Titel-150x150.jpg
www.df.eu/blog/wp-content/uploads/2022/04/ |
10 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brian-abuga-78rjWaaFYwA-unsplash_Titel-2-150x150.jpg
www.df.eu/blog/wp-content/uploads/2022/04/ |
5 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DF_Performance-Workbook_OG_350-150x150.jpg
www.df.eu/blog/wp-content/uploads/2021/03/ |
4 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.polyfill.io/v2/ |
222 B 449 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
2 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
3 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
2 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
3 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
2 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgajax.html
www.df.eu/de/ |
2 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
477 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
383 KB 105 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
10 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
283 KB 75 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
115 KB 29 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.privacy-manager-v3.3.js
n3pprd001.cloudstorage.secureserver.net/recomm-apps-upm/ |
10 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
180 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Domain.svg
www.df.eu/fileadmin/assets/megamenu/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Email.svg
www.df.eu/fileadmin/assets/megamenu/ |
760 B 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Server.svg
www.df.eu/fileadmin/assets/megamenu/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Reseller.svg
www.df.eu/fileadmin/assets/megamenu/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Webhosting.svg
www.df.eu/fileadmin/assets/megamenu/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
468 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
376 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
333 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Sicherheit.svg
www.df.eu/fileadmin/assets/megamenu/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| utag_data object| webpackJsonpprivacyManager object| privacyManager object| theme function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| regeneratorRuntime function| jsCookie boolean| utag_condload function| utag_jsonflatten object| utag_jsonflattenobj object| utag boolean| __tealium_twc_switch7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
capitolonemobile.com/ | Name: __tad Value: 1650068279.3885849 |
|
.1redirc.com/ | Name: __dsnsid Value: 2022041610180004b417f3dd2af9e30d |
|
clever-redirect.com/ | Name: 3250b2351308b0a4d154cc3720c5fc7b Value: 987cb5e79cc37ade31f330031bc6eb7692511a4d713bad54f36485089df9f84ea%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223250b2351308b0a4d154cc3720c5fc7b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D |
|
.awin1.com/ | Name: aw9340 Value: 926315|0|0|1650068282|38bf5dfbb6ecb880e4a2651f4293f137|aw|0 |
|
.awin1.com/ | Name: bId Value: HLEX_625a0b3ae63e77.32588372 |
|
.df.eu/ | Name: OPTOUTMULTI Value: 0:0%7Cc2:1%7Cc4:1%7Cc3:1 |
|
.df.eu/ | Name: utag_main Value: v_id:01802fbbdfd10002e788df5b67b703073001506b00b08$_sn:1$_se:1$_ss:1$_st:1650070083346$ses_id:1650068283346%3Bexp-session$_pn:1%3Bexp-session |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirc.com
capitolonemobile.com
cdn.polyfill.io
clever-redirect.com
images-static.trustpilot.com
lookandfind.me
n3pprd001.cloudstorage.secureserver.net
tags.tiqcdn.com
www.awin1.com
www.df.eu
103.224.182.206
103.224.182.240
104.111.239.217
157.90.169.168
160.153.13.2
18.66.97.122
23.35.236.209
2a02:fe80:1010::3:7
2a04:4e42:200::282
78.46.197.88
06b47d438bc12bc1c8de68212eba106e0a4ae3bb32e301c28a8c6fbd75f14d93
08b6778abbf463872225834db30c3f86c1e9407d21c2486b54663dd370eb8b1a
1188ae9e1a738bc6d115442cab13266355c0b9857c4406e195c1137ddd1dda07
157b75282d1d68540dd2a787368b07cc059cf5074fda7fccda3809b33b4bab2d
184868d6087e33d739018c387996b74f57a6b9eeb2c02294bae3872a248a3445
1884ded196706bb2bb68d52bab4290bf48d1cb4e56a7a2eddf4bc868f8d982c7
1b118de131e6f494fdb760da5b958240a114a2ee860ea2cad692fbcc1b909b10
1b29b19783efb15eeca637e3c300a79ff3b8bd113244149a73540965b2783d7d
22fd7df764bb1c992bc522956445a8ba765a145c16707d6fd37bf5459cf8ef8e
24e268c52fcdeb225d89e44d7e0c1aa2cb81292ad1b0471721f78741a6d6d563
269972178b9f0dc675cb8f005eb4ff416b13782b9c00bcc5e20c4320b838caeb
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2d950d7604d4d5d0dcfc95140acfd3f674ae820c9e817eb4de8a6dc6586c1a78
34decebfff5bd7154bdef8953ad23cd6ee12d47ca35fbc0a1958ca303d07b29b
38f80a0db76d4e551fab017dad7de9493039b6be9e8f4a818e0389ba2e5ea3f9
3d0414b750f8f2a73922fca7cd9faae925f68daa0cb614f2d694c0e572909694
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4327bc5ef820e093fb9b9390d693f5e95ceb33bc083d68deb07d2dd41e803761
46860b26eb1b809f2b110475fb2150af0b5b49b4239621a2574b7d94663c8d7b
4de5d48ee1e859296a470f6bc1f64b3bc85674e61b4a893d96f8932bb71c4ff0
4fc025e0926794659fab8b45a9e4ceb66d8bfc92fedf4da701a7500325da690f
5451f6b041de8ef3d31004c9de6f087a4b3491a9c7c665d3fa4a42beb18cf1f9
6421df5fbd5787f584e7ba91b384eb50f794df41b2dfe958fca0be4d6ef330e8
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6bccf9d377cfb4e069e0219d1aeb9440ef6ff3a2df56e80b49e1aa30426b7b8f
6c8c0baad87206924eeb140185779fd2cc56249e87728ec697c278e5c5e524ff
708387aba5db41607731d8b398607dea94e1d9b68014ad407431c4ed3b27c806
71c0be6385ee2bb91d8839f14f614b3ae634ff917c3258152b40a4a9595fd7eb
735463826cf1c5ea406f922519bde03fd2aa180dfb9546b8ddb93d1c97811e3a
766a52ee153c579e10ec110f2f054e05262779e8b72e7aac2903512cf7bbae55
77d241378bd1bf4fbf4f925274203787916681b81b3218589bc7a127d646c54e
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7ed79418985ab1c09a0d44dd9976ff80c7bc84fb507d7e67ee20753a3bc73c36
80302cf8d8f88151bc45f0fd376b0f12757f340b65e76f18d8299ee7e459a256
803d19b44b1c793503c5f5107c33ed99c4a444fa391e668d19976052814c55c6
8413c6bcfad5eaf7eee3259d110a79df1ec926a53bf326f6a037a1710b4de7ca
88b50463a9a9141ff1774926940a9e861f4d770c9daeeb3612ae0e4c12ee7da2
88bbb6b6f68b159642393087fc100a576850d25ff8cfa1a2dc809d23684ed811
88e92859b6a2b01d19c48266f12917ba4c116c88f9f16939b3e3925d8c424391
8dec917fbf62b1b4be04fcf768126e1fe49ce61dc968a1214cf7b12ed933e9a1
91c9721e1944008809ce59cae99e17615a3501f7db3995a0f8ee31114a73ac85
95ce8140a5973265141e62ba8958bf35fa1d1e4bebc6eeeae2f33ede385c83e7
9711a3ffbad1c832a9a3fafe39c5570722d299c62d39261e0df758a8e7fe26a6
9a2396b128af40bc07ec4aae8dddcd49616b78528a436f4f9ee9d31bdbf3da8b
9ae0e4968053a0e2a32ea10901a1c15f4a2f58f59a2bf9449119498631d60d7d
9b86b16fc8b776de512b901046dac41f5d77c132b9f22a7870df6715fe1837a8
a0ae51c0501ca5674e17f9b04301b7f56364aea46872528860c844bcf1738b3b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
ab8c85961fcdaa8dc40f272100455a387ed8e080427e1e5d61121b23668880c3
aebde0f5985c0d403adee46c0f06a87b36121491f2ad9b0eab1a640e794a020d
b13fbb4807dbec59212e49cb7d7c1222432d67d485814eb9707a1d019f4bed1a
b2264a4ad71fd93354f1ce7220e422181b15036376bc3f8d39b831106245e5b3
b3d8f9aeef632680729d15be5bd3ba3d689320f6e4bc9764f6bd2d5d64203570
b6a4e4c97232ea183c35fd6a473fcfd1ccf6e712a480092f10be71f2191a806f
b9c87e37155ca92da62889b77c0b42999e5bf754118975c636db00877a168813
ba46734f07c2aaea22fe6909e9d47cda1f708ed74d782f57476368186fcf7ba5
c4ad2e1d71ad5ff3cdba054e814af3ff10f58285ab51efbd783a983d18e1a0f4
c74d8216f1c4bc65441c236acd5dd864233714cd00511a8dc1cd10848cfe2a8a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d5704147186903d9a440de84adf540c999709d9a8acbc4cc97819acf51bda7bf
d94f5f1edec96ebb1d6ea4798e248bb644eff944cdb39f64788785fabbab2c13
d984116e501f0199b9dfe8ebbc954167ec176b27a826bdca45662b27c65d3440
e36ca193117b9e32f91d9ed69872a343a1cf99574bdd6fc59e1d2bfd4a4ae5ec
e4b745ff8917f523fa1fb8c0509661d5546eb5d8bb39af3e264de5cc130e48a2
e6c9c34a0bc35e96ad7812a6aa2ffffdb0597a88b696e842931cbc8c2180c799
e8a03c52238f6772c4c20ee76a77984e149d9a981d0e510878790d5650062c08
edb3616468e5aba53d3c3060e1bd8a10a3b8e66bcaded9806f6fa3c4a0c730fb