refundfx.eu Open in urlscan Pro
152.89.234.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.refundfx.eu/
Effective URL:
https://refundfx.eu/
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2021, 6:53:29 am UTC)

Summary HTTP 26 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 152.89.234.110, located in Slovenia and belongs to OPTIMUS-AS, SI. The main domain is refundfx.eu.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 25th 2021. Valid for: a year.

This is the only time refundfx.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 19	152.89.234.110 152.89.234.110		48894 (OPTIMUS-AS) (OPTIMUS-AS)
3	2a00:1450:400... 2a00:1450:4001:82a::200a		15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003		15169 (GOOGLE) (GOOGLE)
26	3

19 152.89.234.110 (Slovenia) 1 redirects

ASN48894 (OPTIMUS-AS, SI)
PTR: sh18.neoserv.si

www.refundfx.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
refundfx.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	refundfx.eu 1 redirects www.refundfx.eu refundfx.eu	4 MB
5	gstatic.com fonts.gstatic.com	59 KB
3	googleapis.com fonts.googleapis.com	2 KB
26	3

	Domain	Requested by
18	refundfx.eu	refundfx.eu
5	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	refundfx.eu
1	www.refundfx.eu	1 redirects
26	4

This site contains links to these domains. Also see Links.

Domain
www.refundfx.eu
nicepage.com

Subject Issuer	Validity	Valid
refundfx.eu Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://refundfx.eu/
Frame ID: 877C358D0A9EB6E1F9568A77E96ECFEA
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.refundfx.eu/ HTTP 301
https://refundfx.eu/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

3838 kB
Transfer

3876 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.refundfx.eu/
Title:

Search URL Search Domain Scan URL

URL: https://nicepage.com/wordpress-themes
Title: WordPress Theme

Search URL Search Domain Scan URL

URL: https://nicepage.com//wordpress-website-builder
Title: WordPress Website Builder

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.refundfx.eu/ HTTP 301
https://refundfx.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
refundfx.eu/
Redirect Chain

https://www.refundfx.eu/
https://refundfx.eu/

121 KB
122 KB

131ms
130ms

Document
text/html

152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache / PHP/7.3.26
Resource Hash: 8eeac7fdb3b25f68a57deb62af37983ad5bd896b279b4d4604bec2a5326f7819

Request headers

:method: GET
:authority: refundfx.eu
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
server: Apache
x-powered-by: PHP/7.3.26
link: <https://refundfx.eu/wp-json/>; rel="https://api.w.org/", <https://refundfx.eu/wp-json/wp/v2/pages/94>; rel="alternate"; type="application/json", <https://refundfx.eu/>; rel=shortlink
content-type: text/html; charset=UTF-8

Redirect headers

date: Thu, 25 Feb 2021 06:53:09 GMT
server: Apache
x-powered-by: PHP/7.3.26
x-redirect-by: WordPress
location: https://refundfx.eu/
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 style.min.css
refundfx.eu/wp-includes/css/dist/block-library/ 50 KB
51 KB 122ms
120ms Stylesheet
text/css 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Tue, 23 Feb 2021 08:34:28 GMT
server: Apache
accept-ranges: bytes
content-length: 51338
content-type: text/css

GET
H2 200 all.min.css
refundfx.eu/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/ 57 KB
58 KB 122ms
120ms Stylesheet
text/css 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/all.min.css?ver=2.10.3
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Mon, 08 Feb 2021 11:15:10 GMT
server: Apache
accept-ranges: bytes
content-length: 58578
content-type: text/css

GET
H2 200 v4-shims.min.css
refundfx.eu/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/ 26 KB
26 KB 122ms
119ms Stylesheet
text/css 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/v4-shims.min.css?ver=2.10.3
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Mon, 08 Feb 2021 11:15:10 GMT
server: Apache
accept-ranges: bytes
content-length: 26702
content-type: text/css

GET
H2 200 style.css
refundfx.eu/wp-content/themes/Site555555-1/ 912 KB
918 KB 121ms
119ms Stylesheet
text/css 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/themes/Site555555-1/style.css?ver=1.0
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: beb0ce82d8b366897a12a69679f223927cc7cea3874c04bd8bc29547d738774e

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Tue, 23 Feb 2021 13:05:46 GMT
server: Apache
accept-ranges: bytes
content-length: 934085
content-type: text/css

GET
H2 200 media.css
refundfx.eu/wp-content/themes/Site555555-1/css/ 60 KB
60 KB 121ms
119ms Stylesheet
text/css 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/themes/Site555555-1/css/media.css?ver=1.0
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 7d0963730034de6dc6c38bf70e25dbaaac1678c5e397377808052f2691567e00

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Tue, 23 Feb 2021 13:05:44 GMT
server: Apache
accept-ranges: bytes
content-length: 61606
content-type: text/css

GET
H2 200 jquery.js Show response
refundfx.eu/wp-content/plugins/nicepage/assets/js/ 87 KB
88 KB 131ms
129ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/plugins/nicepage/assets/js/jquery.js?ver=3.5.3
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 070e9d83984a60ec3d325b384acabf686bd4d490176401cf11a75638559652c0

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Thu, 11 Feb 2021 10:27:39 GMT
server: Apache
accept-ranges: bytes
content-length: 89551
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
refundfx.eu/wp-includes/js/jquery/ 87 KB
87 KB 131ms
129ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Wed, 07 Oct 2020 21:03:26 GMT
server: Apache
accept-ranges: bytes
content-length: 89496
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
refundfx.eu/wp-includes/js/jquery/ 11 KB
11 KB 131ms
129ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Thu, 19 Nov 2020 15:01:14 GMT
server: Apache
accept-ranges: bytes
content-length: 11224
content-type: application/javascript

GET
H2 200 script.js Show response
refundfx.eu/wp-content/themes/Site555555-1/js/ 152 KB
153 KB 131ms
129ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-content/themes/Site555555-1/js/script.js?ver=1.0
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 71d0989923c264c6f743f62c2e78c78555364fd64d362ca6a809542a2962bbd9

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:09 GMT
last-modified: Tue, 23 Feb 2021 13:05:45 GMT
server: Apache
accept-ranges: bytes
content-length: 156062
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 50 KB
2 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: refundfx.eu
URL: https://refundfx.eu/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f63ce39b22286b550a28f9a0b9c0cf20667498d5a1172f8c9515b3a738e932f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 06:53:10 GMT
server: ESF
date: Thu, 25 Feb 2021 06:53:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 06:53:10 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 16ms
14ms Stylesheet
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=heading-font
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 wp-emoji-release.min.js Show response
refundfx.eu/wp-includes/js/ 14 KB
14 KB 61ms
60ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Tue, 26 Jan 2021 20:48:34 GMT
server: Apache
accept-ranges: bytes
content-length: 14229
content-type: application/javascript

GET
H2 200 logo-2.png
refundfx.eu/wp-content/uploads/2021/02/ 4 KB
4 KB 59ms
59ms Image
image/png 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/logo-2.png
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 826d7dc998acbec790ae9c6b5d88201ee5e28b3f337de30bc527b790a7a065f8

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Tue, 23 Feb 2021 13:12:56 GMT
server: Apache
accept-ranges: bytes
content-length: 4152
content-type: image/png

GET
H2 200 Favicon-1.png
refundfx.eu/wp-content/uploads/2021/02/ 690 B
743 B 59ms
59ms Image
image/png 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/Favicon-1.png
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 296286c3d8ab2bed3e5469eddc95a2b705e5085e816b0677c714f2dbcc3fb477

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Wed, 17 Feb 2021 09:40:40 GMT
server: Apache
accept-ranges: bytes
content-length: 690
content-type: image/png

GET
H2 200 wp-embed.min.js Show response
refundfx.eu/wp-includes/js/ 1 KB
1 KB 101ms
101ms Script
application/javascript 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://refundfx.eu/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Tue, 26 Jan 2021 20:48:34 GMT
server: Apache
accept-ranges: bytes
content-length: 1426
content-type: application/javascript

GET
H3-Q050 400 css
fonts.googleapis.com/ 0
0 35ms
21ms Stylesheet
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=heading-font
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 Backgroundphoto-1.png
refundfx.eu/wp-content/uploads/2021/02/ 1 MB
1 MB 59ms
59ms Image
image/png 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/Backgroundphoto-1.png
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 7905bc2c0bc030462ac0fb32b8bebe092a4b176a89626a7d6da8f01bd15ddb98

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Wed, 24 Feb 2021 14:00:53 GMT
server: Apache
accept-ranges: bytes
content-length: 1447965
content-type: image/png

GET
H2 200 94-0.jpeg
refundfx.eu/wp-content/uploads/2021/02/ 214 KB
214 KB 113ms
113ms Image
image/jpeg 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/94-0.jpeg
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: fe07120c5867d89e97337f67514b13c2d133d911f4df14b3538002f9e35c0008

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Thu, 11 Feb 2021 12:55:41 GMT
server: Apache
accept-ranges: bytes
content-length: 218878
content-type: image/jpeg

GET
H2 200 41683-3.jpg
refundfx.eu/wp-content/uploads/2021/02/ 119 KB
119 KB 143ms
142ms Image
image/jpeg 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/41683-3.jpg
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 9da7ca3c6ead1fed2fb05ebbf1d1a29820b9f0c3eb02aa8d04416e7e1c4fca48

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Thu, 11 Feb 2021 10:40:21 GMT
server: Apache
accept-ranges: bytes
content-length: 121987
content-type: image/jpeg

GET
H2 200 silhouette-confident-businesspeople-min-scaled.jpg
refundfx.eu/wp-content/uploads/2021/02/ 436 KB
436 KB 162ms
161ms Image
image/jpeg 152.89.234.110
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundfx.eu/wp-content/uploads/2021/02/silhouette-confident-businesspeople-min-scaled.jpg
Requested by: Host: refundfx.eu
URL: https://refundfx.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.234.110 , Slovenia, ASN48894 (OPTIMUS-AS, SI),
Reverse DNS: sh18.neoserv.si
Software: Apache /
Resource Hash: 0250e2f0e4c8f6e001b7bfc94bef73e3e3530446786226c0da8cffd07b4179b5

Request headers

Referer: https://refundfx.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:53:10 GMT
last-modified: Tue, 16 Feb 2021 16:19:59 GMT
server: Apache
accept-ranges: bytes
content-length: 445972
content-type: image/jpeg

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://refundfx.eu
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 558706
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:25 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://refundfx.eu
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 07:15:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 517074
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 19 Feb 2022 07:15:17 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://refundfx.eu
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:46:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 122776
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 23 Feb 2022 20:46:55 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
11 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://refundfx.eu
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:52:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:26 GMT
server: sffe
age: 522047
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11576
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:52:24 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
12 KB 22ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://refundfx.eu
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 06:30:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 433359
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11712
x-xss-protection: 0
expires: Sun, 20 Feb 2022 06:30:32 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings boolean| hasJQuery undefined| $ function| jQuery function| u$ object| cssBgParser function| ResponsiveMenu function| Dialog function| MailChimpForm object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader object| Utils object| Const object| Wait object| Previews function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| AnimationInfo function| CountUp function| CountUpAdapter function| CounterAnimation function| AnimateCssAnimation object| AnimationFactory object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint object| uAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| Accordion function| _npAccordionInit object| ResponsiveCms object| twemoji object| wp undefined| vpMeta object| _responsive

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://refundfx.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
refundfx.eu
www.refundfx.eu
152.89.234.110
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
0250e2f0e4c8f6e001b7bfc94bef73e3e3530446786226c0da8cffd07b4179b5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
070e9d83984a60ec3d325b384acabf686bd4d490176401cf11a75638559652c0
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
296286c3d8ab2bed3e5469eddc95a2b705e5085e816b0677c714f2dbcc3fb477
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
71d0989923c264c6f743f62c2e78c78555364fd64d362ca6a809542a2962bbd9
7905bc2c0bc030462ac0fb32b8bebe092a4b176a89626a7d6da8f01bd15ddb98
7d0963730034de6dc6c38bf70e25dbaaac1678c5e397377808052f2691567e00
826d7dc998acbec790ae9c6b5d88201ee5e28b3f337de30bc527b790a7a065f8
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8eeac7fdb3b25f68a57deb62af37983ad5bd896b279b4d4604bec2a5326f7819
8f63ce39b22286b550a28f9a0b9c0cf20667498d5a1172f8c9515b3a738e932f
9da7ca3c6ead1fed2fb05ebbf1d1a29820b9f0c3eb02aa8d04416e7e1c4fca48
beb0ce82d8b366897a12a69679f223927cc7cea3874c04bd8bc29547d738774e
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a
fe07120c5867d89e97337f67514b13c2d133d911f4df14b3538002f9e35c0008
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40