qr.de
Open in
urlscan Pro
188.40.28.36
Public Scan
Effective URL: https://qr.de/?ref=HKCMS
Submission: On April 16 via api from US
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 24th 2020. Valid for: a year.
This is the only time qr.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-33.cph50.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-2.cph50.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-91.cph50.r.cloudfront.net
vars.hotjar.com |
Domain | Requested by | |
---|---|---|
12 | www.gstatic.com |
www.google.com
translate.googleapis.com qr.de www.gstatic.com |
12 | qr.de |
qualigo.com
qr.de |
10 | www.google.com |
qr.de
www.gstatic.com www.google.com |
7 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
5 | translate.googleapis.com |
translate.google.com
translate.googleapis.com srcdoc |
4 | www.facebook.com |
qr.de
|
4 | lyncdiscoverinternal.capiotalone.com |
2 redirects
lyncdiscoverinternal.capiotalone.com
|
3 | qualigo.com |
1 redirects
lyncdiscoverinternal.capiotalone.com
qualigo.com |
2 | s.yimg.com |
qr.de
s.yimg.com |
2 | connect.facebook.net |
qr.de
connect.facebook.net |
2 | bat.bing.com |
qr.de
|
2 | ssl.google-analytics.com |
1 redirects
qr.de
|
1 | www.google.de |
qr.de
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
qr.de
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | cdn.taboola.com |
qr.de
|
1 | static.hotjar.com |
qr.de
|
1 | www.dwin1.com |
qr.de
|
1 | translate.google.com |
qr.de
|
1 | www.googletagmanager.com |
qr.de
|
1 | fonts.googleapis.com |
qr.de
|
1 | xml.sedodna.com | 1 redirects |
1 | img.sedoparking.com |
lyncdiscoverinternal.capiotalone.com
|
75 | 26 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
qualigo.com R3 |
2021-04-06 - 2021-07-05 |
3 months | crt.sh |
qr.de Encryption Everywhere DV TLS CA - G1 |
2020-11-24 - 2021-11-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.dwin1.com Amazon |
2020-12-04 - 2022-01-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-03-24 - 2021-05-12 |
2 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://qr.de/?ref=HKCMS
Frame ID: CA748C57CBB5282D3C156A79FCA5288F
Requests: 50 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v
Frame ID: 8B62ABB0E095B9B49EF0C9533DFCB992
Requests: 8 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: D30011C705C951BBE4CFA199C162F7EC
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: AEC376A9E6B2AD0404D263334A362F65
Requests: 1 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 8ADD61FAE64EB00E021EA3B03FC7DA08
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
Frame ID: 7508D5C056E727C6B55E39BA1FBE46EF
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://lyncdiscoverinternal.capiotalone.com/ Page URL
-
http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y...
HTTP 302
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y... HTTP 302
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f884... HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
-
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
- https://qr.de/?ref=HKCMS Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://lyncdiscoverinternal.capiotalone.com/ Page URL
-
http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D
HTTP 302
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f88482be865a87fac883747&t=20210416113815&keyword=Capiotalone HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
-
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
- https://qr.de/?ref=HKCMS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
- http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
- http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
- https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f88482be865a87fac883747&t=20210416113815&keyword=Capiotalone HTTP 302
- https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS
- http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS HTTP 307
- https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1131343443&utmhn=qr.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&utmhid=519631200&utmr=https%3A%2F%2Fqualigo.com%2F&utmp=%2F%3Fref%3DHKCMS&utmht=1618609096856&utmac=UA-23661299-1&utmcc=__utma%3D1.102772031.1618609097.1618609097.1618609097.1%3B%2B__utmz%3D1.1618609097.1.1.utmcsr%3Dqualigo.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=1947027679&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=102772031.1618609097&jid=1947027679&_v=5.7.2&z=1131343443
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
lyncdiscoverinternal.capiotalone.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_preloader.gif
img.sedoparking.com/images/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tsc.php
lyncdiscoverinternal.capiotalone.com/search/ |
0 175 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klick.php
qualigo.com/doks/ Redirect Chain
|
122 B 434 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klick.php
qualigo.com/doks/ Redirect Chain
|
70 B 387 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
qr.de/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 562 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
qr.de/lib/bootstrap/dist/css/ |
144 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
qr.de/lib/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icon.min.css
qr.de/lib/flag-icon-css/css/ |
33 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
qr.de/css/ |
53 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-qr.png
qr.de/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr_code.png
qr.de/img/ |
36 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
918 B 683 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
qr.de/lib/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
qr.de/lib/bootstrap/dist/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17517.js
www.dwin1.com/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.svg
qr.de/lib/flag-icon-css/flags/4x3/ |
220 B 252 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr_background.png
qr.de//img/ |
100 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
qr.de/lib/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
translate.googleapis.com/translate_static/js/element/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2217061.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1376253/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/ |
250 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
311459669964517
connect.facebook.net/signals/config/ |
254 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10143015.json
s.yimg.com/wi/config/ |
2 B 494 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 116 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
anchor
www.google.com/recaptcha/api2/ Frame 8B62 |
19 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.5e37784fe3302c2578d8.js
script.hotjar.com/ |
218 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translateelement.css
translate.googleapis.com/translate_static/css/ Frame D300 |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 847 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cleardot.gif
www.google.com/images/ |
43 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 8B62 |
50 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 8B62 |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame AEC3 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.google.com/pagead/1p-user-list/871988727/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/871988727/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
l
translate.googleapis.com/translate_a/ Frame 8ADD |
3 KB 962 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js
www.google.com/js/bg/ Frame 8B62 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8B62 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B62 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B62 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
webworker.js
www.google.com/recaptcha/api2/ Frame 8B62 |
102 B 131 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bframe
www.google.com/recaptcha/api2/ Frame 7508 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 7508 |
50 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 7508 |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
reload
www.google.com/recaptcha/api2/ Frame 7508 |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 7508 |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 |
600 B 621 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 |
530 B 551 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 |
665 B 686 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js
www.google.com/js/bg/ Frame 7508 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
payload
www.google.com/recaptcha/api2/ Frame 7508 |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| recaptchaOnloadCallback function| googleTranslateElementInit object| google function| $ function| jQuery object| _gaq object| uetq function| fbq function| _fbq object| dotq function| hj object| _hjSettings object| _tfa object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| AWIN object| YAHOO function| UET function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| _gat object| gaGlobal object| closure_lm_565567 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| closure_lm_49328614 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qr.de/ | Name: __utmc Value: 1 |
|
.qr.de/ | Name: _hjid Value: f70cd873-b02d-4472-ba41-8ab21bedc6cd |
|
qr.de/ | Name: __utma Value: 1.102772031.1618609097.1618609097.1618609097.1 |
|
qr.de/ | Name: qr_ref Value: HKCMS |
|
.qr.de/ | Name: _uetvid Value: 0df812309efc11eb8ae51173a1160b18 |
|
qr.de/ | Name: __utmt Value: 1 |
|
qr.de/ | Name: qr_test Value: 1618609096 |
|
qr.de/ | Name: qr_ref2 Value: HKCMS |
|
qr.de/ | Name: __utmb Value: 1.1.10.1618609097 |
|
.qr.de/ | Name: _hjFirstSeen Value: 1 |
|
.qr.de/ | Name: _fbp Value: fb.1.1618609096944.151763410 |
|
qr.de/ | Name: __utmz Value: 1.1618609097.1.1.utmcsr=qualigo.com|utmccn=(referral)|utmcmd=referral|utmcct=/ |
|
.qr.de/ | Name: _uetsid Value: 0df7ba909efc11eb8912ed3cfe0dc092 |
|
qr.de/ | Name: PHPSESSID Value: 0b5eeb7b5ab2419bd1c3a40d455160b3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bat.bing.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.sedoparking.com
lyncdiscoverinternal.capiotalone.com
qr.de
qualigo.com
s.yimg.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xml.sedodna.com
142.250.185.162
143.204.245.2
143.204.245.33
143.204.245.91
173.239.53.32
176.9.51.136
188.40.28.36
199.232.137.44
205.234.175.175
2600:9000:215d:3200:f:8ce2:fb80:93a1
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
64.190.62.111
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
03c95581c28064117f1345d168d9745fbf86c2f693fa2ac977b93adf8786477e
07fefe589b5076e3c00309c5c302ba4e97bdfc4b37b3e4716d3e1d7727aae2dc
0b55c5549dc7fd31b0bde2d498b05fc70a0a2f5040f0d1ae2657feffdc443c77
0ca6052288ca30908bd98198c5df74eb67b6947d7a6c0dae3982fbaf5ba3025f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
156e246db71a1d9cc7a68bd18d0a72d511cd62c7a830091d25f24bf53e8bc8be
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c7f1b4c6f62cb99b411ff40cd189728d20c35856d16424003604db87e578c7e
1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
20b7941586acb154de366e6345503d1fceb6dc97177901cd3f8058a29281bc3f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4da022075d3626786269d309b8fd70324b4999fb8a90ed1f89bb405b11b401ce
4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34
59c4dff2ed96781e5db57261960f4d9056d70466a7f6c62308ff439c2e4db8a5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6a2e468f61746d4321fddd8d876cb7e36343bf6ffc23efc1f62bcf5ec7bf7306
6ae49d499470381923f4d45169c55b97dc815fc6b54c226d929bc52d17493d78
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058
9d500aa04534e887f968a1a5c936c821af37f248a284bbfcfec1e9bcb89cb607
a7b7d513c016c791cce62914ccdb7c788b27f6becec076d34d2d22aaca0bc5c3
b4cc1e418ef6ac780c900e24a42dbb3bf9c66e9e43eec8d3ec25caed4840c254
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cac3fb8005375f1880ae2a644b54f1a2148bf813cb1b8936aea91129def96117
d5a337d475aa1861eac1cf0e5381a4ae4fa5465e3bba0e2e1679172458acb32a
db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eba9d6562d7aacda24e992634b3b83e7cd71b94398a7c0032bbe9c2ee46543
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39498fef1f10321cd2663e2be5628bc10d8d3b52b77fe04d3bebe4124809c42