qr.de
Open in
urlscan Pro
188.40.28.36
Public Scan
Effective URL: https://qr.de/?ref=HKCMS
Submission: On April 16 via api from US
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 24th 2020. Valid for: a year.
This is the only time qr.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN32244 (LIQUIDWEB, US)
PTR: host9.hosteddomain.com
www.linkcounter.com |
ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-53.cph50.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-61.cph50.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-98.cph50.r.cloudfront.net
vars.hotjar.com |
Domain | Requested by | |
---|---|---|
12 | qr.de |
qualigo.com
qr.de |
11 | www.gstatic.com |
www.google.com
translate.googleapis.com qr.de www.gstatic.com |
10 | www.google.com |
qr.de
www.gstatic.com www.google.com |
7 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
5 | translate.googleapis.com |
translate.google.com
translate.googleapis.com srcdoc |
4 | www.facebook.com |
qr.de
|
4 | www.cpitalone.com |
2 redirects
www.cpitalone.com
|
3 | qualigo.com |
1 redirects
www.cpitalone.com
qualigo.com |
2 | s.yimg.com |
qr.de
s.yimg.com |
2 | connect.facebook.net |
qr.de
connect.facebook.net |
2 | bat.bing.com |
qr.de
|
2 | ssl.google-analytics.com |
1 redirects
qr.de
|
1 | www.google.de |
qr.de
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
qr.de
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | cdn.taboola.com |
qr.de
|
1 | static.hotjar.com |
qr.de
|
1 | www.dwin1.com |
qr.de
|
1 | translate.google.com |
qr.de
|
1 | www.googletagmanager.com |
qr.de
|
1 | fonts.googleapis.com |
qr.de
|
1 | xml.sedodna.com | 1 redirects |
1 | img.sedoparking.com |
www.cpitalone.com
|
1 | www.linkcounter.com | 1 redirects |
1 | capitalpne.com | 1 redirects |
74 | 28 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
qualigo.com R3 |
2021-04-06 - 2021-07-05 |
3 months | crt.sh |
qr.de Encryption Everywhere DV TLS CA - G1 |
2020-11-24 - 2021-11-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.dwin1.com Amazon |
2020-12-04 - 2022-01-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-03-24 - 2021-05-12 |
2 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://qr.de/?ref=HKCMS
Frame ID: 221C5895F0A4CD49DAA3C7AEC27E84A8
Requests: 50 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=o630p9k9sqjv
Frame ID: 2336790F6C94C4A75488B95D2F3E181E
Requests: 8 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: B7CF855B5E8233CBC506CC6B6103695E
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 4E81D46A0E0EF02353C716661733950A
Requests: 1 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 248FBF7188D97E42F1113DCB23C20DEE
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=1ahtsl930d8h
Frame ID: ACB6DF400641BEE995E07D6EB8F2BB4A
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://capitalpne.com/
HTTP 302
http://www.linkcounter.com/go.php?linkid=306044 HTTP 302
http://www.cpitalone.com/ Page URL
-
http://www.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs...
HTTP 302
http://www.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs... HTTP 302
http://xml.sedodna.com/click?i=vrevpSXnlXs_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=cpitalone.com&pid=825&q=2ee34b812a9fa67... HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
-
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
- https://qr.de/?ref=HKCMS Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://capitalpne.com/
HTTP 302
http://www.linkcounter.com/go.php?linkid=306044 HTTP 302
http://www.cpitalone.com/ Page URL
-
http://www.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs_0&v=MzVjNzU0YThlMGMwZTMyZjk1OTc2Yjg4NmFjZGM5M2UJMQl3d3cuY3BpdGFsb25lLmNvbTYwN2EwNjQ3ZjM4MjgxLjk0OTQ5MjQ2CXd3dy5jcGl0YWxvbmUuY29tNjA3YTA2NDdmMzg1YzYuNTc4Mzg2NDgJMTYxODYwOTczNwlhZF82M18w&l=OAk3MDc1ZjgwY2JjMDU2OTE1OWQxYTJiOWRjOWI4YTVmMwkwCTEzCTAJMzE3YTdiN2Y3NDBjZTdlN2FhY2VlMzFjOTdlYmY1YmQJMzYzNzg0MzQ0CWNwaXRhbG9uZQkwCTYzCTAJMAkxNjE4NjA5NzM3CTAuMDM2OAlOCTAJMQk4MzAJMTIwNQkzNTExODYyODMJNS4xODAuNjIuMTQ4CTA%3D
HTTP 302
http://www.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs_0&v=MzVjNzU0YThlMGMwZTMyZjk1OTc2Yjg4NmFjZGM5M2UJMQl3d3cuY3BpdGFsb25lLmNvbTYwN2EwNjQ3ZjM4MjgxLjk0OTQ5MjQ2CXd3dy5jcGl0YWxvbmUuY29tNjA3YTA2NDdmMzg1YzYuNTc4Mzg2NDgJMTYxODYwOTczNwlhZF82M18w&l=OAk3MDc1ZjgwY2JjMDU2OTE1OWQxYTJiOWRjOWI4YTVmMwkwCTEzCTAJMzE3YTdiN2Y3NDBjZTdlN2FhY2VlMzFjOTdlYmY1YmQJMzYzNzg0MzQ0CWNwaXRhbG9uZQkwCTYzCTAJMAkxNjE4NjA5NzM3CTAuMDM2OAlOCTAJMQk4MzAJMTIwNQkzNTExODYyODMJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://xml.sedodna.com/click?i=vrevpSXnlXs_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=cpitalone.com&pid=825&q=2ee34b812a9fa674c1189b80b1c465bb&t=20210416114856&keyword=Cpitalone HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
-
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
- https://qr.de/?ref=HKCMS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://capitalpne.com/ HTTP 302
- http://www.linkcounter.com/go.php?linkid=306044 HTTP 302
- http://www.cpitalone.com/
- http://www.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs_0&v=MzVjNzU0YThlMGMwZTMyZjk1OTc2Yjg4NmFjZGM5M2UJMQl3d3cuY3BpdGFsb25lLmNvbTYwN2EwNjQ3ZjM4MjgxLjk0OTQ5MjQ2CXd3dy5jcGl0YWxvbmUuY29tNjA3YTA2NDdmMzg1YzYuNTc4Mzg2NDgJMTYxODYwOTczNwlhZF82M18w&l=OAk3MDc1ZjgwY2JjMDU2OTE1OWQxYTJiOWRjOWI4YTVmMwkwCTEzCTAJMzE3YTdiN2Y3NDBjZTdlN2FhY2VlMzFjOTdlYmY1YmQJMzYzNzg0MzQ0CWNwaXRhbG9uZQkwCTYzCTAJMAkxNjE4NjA5NzM3CTAuMDM2OAlOCTAJMQk4MzAJMTIwNQkzNTExODYyODMJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
- http://www.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvrevpSXnlXs_0&v=MzVjNzU0YThlMGMwZTMyZjk1OTc2Yjg4NmFjZGM5M2UJMQl3d3cuY3BpdGFsb25lLmNvbTYwN2EwNjQ3ZjM4MjgxLjk0OTQ5MjQ2CXd3dy5jcGl0YWxvbmUuY29tNjA3YTA2NDdmMzg1YzYuNTc4Mzg2NDgJMTYxODYwOTczNwlhZF82M18w&l=OAk3MDc1ZjgwY2JjMDU2OTE1OWQxYTJiOWRjOWI4YTVmMwkwCTEzCTAJMzE3YTdiN2Y3NDBjZTdlN2FhY2VlMzFjOTdlYmY1YmQJMzYzNzg0MzQ0CWNwaXRhbG9uZQkwCTYzCTAJMAkxNjE4NjA5NzM3CTAuMDM2OAlOCTAJMQk4MzAJMTIwNQkzNTExODYyODMJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
- http://xml.sedodna.com/click?i=vrevpSXnlXs_0 HTTP 302
- https://qualigo.com/doks/charge_query.php?ds=32904&subds=cpitalone.com&pid=825&q=2ee34b812a9fa674c1189b80b1c465bb&t=20210416114856&keyword=Cpitalone HTTP 302
- https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS
- http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS HTTP 307
- https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=473958520&utmhn=qr.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&utmhid=1642166320&utmr=https%3A%2F%2Fqualigo.com%2F&utmp=%2F%3Fref%3DHKCMS&utmht=1618609737814&utmac=UA-23661299-1&utmcc=__utma%3D1.2074592232.1618609738.1618609738.1618609738.1%3B%2B__utmz%3D1.1618609738.1.1.utmcsr%3Dqualigo.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=1180395708&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=2074592232.1618609738&jid=1180395708&_v=5.7.2&z=473958520
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.cpitalone.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_preloader.gif
img.sedoparking.com/images/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tsc.php
www.cpitalone.com/search/ |
0 175 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klick.php
qualigo.com/doks/ Redirect Chain
|
122 B 434 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klick.php
qualigo.com/doks/ Redirect Chain
|
70 B 387 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
qr.de/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 561 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
qr.de/lib/bootstrap/dist/css/ |
144 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
qr.de/lib/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icon.min.css
qr.de/lib/flag-icon-css/css/ |
33 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
qr.de/css/ |
53 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-qr.png
qr.de/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr_code.png
qr.de/img/ |
36 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
918 B 678 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
qr.de/lib/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
qr.de/lib/bootstrap/dist/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17517.js
www.dwin1.com/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.svg
qr.de/lib/flag-icon-css/flags/4x3/ |
220 B 252 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr_background.png
qr.de//img/ |
100 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
qr.de/lib/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
translate.googleapis.com/translate_static/js/element/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2217061.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1376253/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
311459669964517
connect.facebook.net/signals/config/ |
254 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/ |
250 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10143015.json
s.yimg.com/wi/config/ |
2 B 459 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
anchor
www.google.com/recaptcha/api2/ Frame 2336 |
19 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.5e37784fe3302c2578d8.js
script.hotjar.com/ |
218 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translateelement.css
translate.googleapis.com/translate_static/css/ Frame B7CF |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 847 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cleardot.gif
www.google.com/images/ |
43 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame 4E81 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.google.com/pagead/1p-user-list/871988727/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/871988727/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 2336 |
50 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 2336 |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
l
translate.googleapis.com/translate_a/ Frame 248F |
3 KB 961 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js
www.google.com/js/bg/ Frame 2336 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2336 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2336 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2336 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
webworker.js
www.google.com/recaptcha/api2/ Frame 2336 |
102 B 131 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bframe
www.google.com/recaptcha/api2/ Frame ACB6 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame ACB6 |
50 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame ACB6 |
334 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
reload
www.google.com/recaptcha/api2/ Frame ACB6 |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame ACB6 |
600 B 621 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame ACB6 |
530 B 551 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame ACB6 |
665 B 686 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACB6 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACB6 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACB6 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js
www.google.com/js/bg/ Frame ACB6 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
payload
www.google.com/recaptcha/api2/ Frame ACB6 |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| recaptchaOnloadCallback function| googleTranslateElementInit object| google function| $ function| jQuery object| _gaq object| uetq function| fbq function| _fbq object| dotq function| hj object| _hjSettings object| _tfa object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| AWIN object| google_tag_data object| YAHOO function| UET object| _gat object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| closure_lm_77370 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| closure_lm_80286914 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qr.de/ | Name: __utmc Value: 1 |
|
.qr.de/ | Name: _hjid Value: 83c6ce06-0719-46e7-bae0-cdd319f6ed64 |
|
qr.de/ | Name: __utma Value: 1.2074592232.1618609738.1618609738.1618609738.1 |
|
qr.de/ | Name: qr_ref Value: HKCMS |
|
.qr.de/ | Name: _uetvid Value: 8c037ce09efd11eb9d54a1a5f8aaba8a |
|
qr.de/ | Name: __utmt Value: 1 |
|
qr.de/ | Name: qr_test Value: 1618609737 |
|
qr.de/ | Name: qr_ref2 Value: HKCMS |
|
qr.de/ | Name: __utmb Value: 1.1.10.1618609738 |
|
.qr.de/ | Name: _hjFirstSeen Value: 1 |
|
.qr.de/ | Name: _fbp Value: fb.1.1618609737919.497004687 |
|
qr.de/ | Name: __utmz Value: 1.1618609738.1.1.utmcsr=qualigo.com|utmccn=(referral)|utmcmd=referral|utmcct=/ |
|
.qr.de/ | Name: _uetsid Value: 8c02ac709efd11eb85c32788159f0f5b |
|
qr.de/ | Name: PHPSESSID Value: 075a106cd8aeb4ca1d2a2c94ce88d44b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bat.bing.com
capitalpne.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.sedoparking.com
qr.de
qualigo.com
s.yimg.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
vars.hotjar.com
www.cpitalone.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkcounter.com
xml.sedodna.com
142.250.185.162
143.204.245.53
143.204.245.61
143.204.245.98
173.239.53.32
176.9.51.136
188.40.28.36
199.232.137.44
205.234.175.175
2600:9000:206f:3c00:f:8ce2:fb80:93a1
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c0d::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
64.190.62.111
67.227.206.99
98.124.199.68
0265d7957a7393127b5756936f648b3b4edf64b9c222423995fccdb241ccbee0
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
03c95581c28064117f1345d168d9745fbf86c2f693fa2ac977b93adf8786477e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c7f1b4c6f62cb99b411ff40cd189728d20c35856d16424003604db87e578c7e
1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4da022075d3626786269d309b8fd70324b4999fb8a90ed1f89bb405b11b401ce
4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6a121b1d4c689dd6a38d4818f9cc2b869d8c4d3f712198f1cb970b573dbfa0be
7768a8cf3293cef03f6edf0f89bbfc3a3dd07354e1f9bce59d6b1292380b5b73
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aac470dd4aa2af09ae1cf252d26a16a83045354c076aebc35d7fd204a5afc4a
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
98e030e8179874d6910c98164270b4ce5a25c4d412812c688ddef4e3a8f1f94a
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058
9d500aa04534e887f968a1a5c936c821af37f248a284bbfcfec1e9bcb89cb607
a7b7d513c016c791cce62914ccdb7c788b27f6becec076d34d2d22aaca0bc5c3
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cac3fb8005375f1880ae2a644b54f1a2148bf813cb1b8936aea91129def96117
d5a337d475aa1861eac1cf0e5381a4ae4fa5465e3bba0e2e1679172458acb32a
db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931
e23d3f3152eb99d444cfae2914e549182cca60788b832e97dd10242cdba3acf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eba9d6562d7aacda24e992634b3b83e7cd71b94398a7c0032bbe9c2ee46543
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39498fef1f10321cd2663e2be5628bc10d8d3b52b77fe04d3bebe4124809c42
fa08caf27cd636adac33a4e9c5812ae83e919aa756a9e67ef183a0e78da8b91b