www.da-direkt.de
Open in
urlscan Pro
45.60.64.176
Public Scan
Effective URL: https://www.da-direkt.de/versicherungen/autoversicherung/sea1?WT.mc_id=paid.af.awin.kfz.kfz.link.text&merkmalid=947&pubid...
Submission: On November 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on September 27th 2021. Valid for: 6 months.
This is the only time www.da-direkt.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.224.182.244 103.224.182.244 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 5 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 1 | 49.12.0.235 49.12.0.235 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 78.46.197.88 78.46.197.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 157.90.169.168 157.90.169.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 2606:4700:303... 2606:4700:3036::6815:1a18 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.111.239.217 104.111.239.217 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 25 | 45.60.64.176 45.60.64.176 | 19551 (INCAPSULA) (INCAPSULA) | |
9 | 85.215.2.156 85.215.2.156 | 6724 (STRATO ST...) (STRATO STRATO AG) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
41 | 7 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-244.above.com
www.downnload.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirb.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.235.0.12.49.clients.your-server.de
rtpnt.xyz |
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com |
ASN6724 (STRATO STRATO AG, DE)
PTR: chat31.realperson.de
chat31.realperson.de |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
da-direkt.de
1 redirects
www.da-direkt.de |
652 KB |
9 |
realperson.de
chat31.realperson.de |
66 KB |
5 |
1redirb.com
1 redirects
1redirb.com |
8 KB |
2 |
lookandfind.me
lookandfind.me |
971 B |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
|
1 |
awin1.com
1 redirects
www.awin1.com |
921 B |
1 |
utkv6nyu.de
1 redirects
utkv6nyu.de |
841 B |
1 |
clever-redirect.com
1 redirects
clever-redirect.com |
230 B |
1 |
rtpnt.xyz
1 redirects
rtpnt.xyz |
189 B |
1 |
downnload.com
1 redirects
www.downnload.com |
1 KB |
41 | 11 |
Domain | Requested by | |
---|---|---|
25 | www.da-direkt.de |
1 redirects
lookandfind.me
www.da-direkt.de |
9 | chat31.realperson.de |
www.da-direkt.de
chat31.realperson.de code.jquery.com |
5 | 1redirb.com |
1 redirects
1redirb.com
|
2 | lookandfind.me |
1redirb.com
|
1 | code.jquery.com |
chat31.realperson.de
|
1 | www.googletagmanager.com |
www.da-direkt.de
|
1 | www.awin1.com | 1 redirects |
1 | utkv6nyu.de | 1 redirects |
1 | clever-redirect.com | 1 redirects |
1 | rtpnt.xyz | 1 redirects |
1 | www.downnload.com | 1 redirects |
41 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lookandfind.me R3 |
2021-11-03 - 2022-02-01 |
3 months | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-09-27 - 2022-03-29 |
6 months | crt.sh |
*.realperson.de Thawte RSA CA 2018 |
2021-09-20 - 2022-10-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.da-direkt.de/versicherungen/autoversicherung/sea1?WT.mc_id=paid.af.awin.kfz.kfz.link.text&merkmalid=947&pubid=101248&awc=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zanpid=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zxuserid=101248&pubid=101248
Frame ID: 19927DB4754C4EC81507499C83EDA101
Requests: 46 HTTP requests in this frame
Screenshot
Page Title
GĆ¼nstige Kfz-Versicherung vom Testsieger: bis zu 51% sparenPage URL History Show full URLs
-
http://www.downnload.com/
HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yBQWT07hpoOVlipBU3Vj9g9e%2BZS6VH1rTsMivbT%2F5%2... Page URL
-
http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1237394603%26sid%3...
HTTP 302
https://rtpnt.xyz/v6/r?s=r7d&s3=1237394603&sid=20211111093334dfb3a94c9e9793076e HTTP 302
https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1237394603 HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=dadirekt.de&s1=r7d&s2=&s3=1... Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
-
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=a7328cdfde0fc523b8e7e7bb7...
HTTP 302
https://www.awin1.com/cread.php?awinmid=11810&awinaffid=101248&clickref=at107999_a106652_m12_p1347... HTTP 302
https://www.da-direkt.de/versicherungen/pkw1?WT.mc_id=paid.af.awin.kfz.kfz.link.text&merkmalid=947&pu... HTTP 301
https://www.da-direkt.de/versicherungen/autoversicherung/sea1?WT.mc_id=paid.af.awin.kfz.kfz.link.text... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.downnload.com/
HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yBQWT07hpoOVlipBU3Vj9g9e%2BZS6VH1rTsMivbT%2F5%2FiHUZtogLoi4enBXZPH5UKAtPd4rwVoSV%2BmPgUHzYOlHEhbVbyJRg489Vrn5YkvlYQ%2B7L7YvevS7E%2Fq9JzZysEUjUu9f5WIM4Uk6ZqFSQ%2BVquFXR5nQ%2FwbVFS4%2B%2BAOKiO8PxLrWBbSvuqyyNIOtpeFOpLy%2Bbbi2jTV2mEUKpsmGuLn1FhUiHX9jLO%2Fjj6j95PEgADcicNUtSu26bTVPCKLIDaOlvHvCvrAK0ZDzxJnrI0sV4%2BW9yWRxwUATsu12v4ciEuTWh%2BycJGOC2zLEdhoJTac%2BZy%2BL2ZMRwgjy%2B4JRhZsQ7KWeG9xcODh15Gjef7ly6J0%2BKSAEjfqJVewayfI3XZvamhR7UOrq47OPTPM%2FlmFc4UOzAP%2F57xJO0EiACOXoVD9%2BpdsRz%2BrjnbjzPYKYcm6eyRqfdQJ%2FZWm7D6SC3WK51%2Be4WmpcybcYpp2gLdfCaNBXdI8vzJvL5XJLcUcK7jITHokUWO%2F4QObzeTX%2FbQ1CHlnLWkBOftiVxhLrxIQabqSyghfKAYiGM9kRYLYV1Uyw%2BU%2F0967PAMNPOeyqFTddiAAHg4oFi%2FjdOls%2FwtvxsTGJvdzQY1MJOiM0fpst%2BjfZJu9FUXg3LQqzqtcoPtkMlFnd2K3Nox059f7ytrUn0rgqy%2FIoVNZDbt5PE6Dkbpz9K3rVQd6BgmUdQrRiREqyoNxRYTwoJw%3D%3D Page URL
-
http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1237394603%26sid%3D20211111093334dfb3a94c9e9793076e&s=j&enc=TFk3TVR2Q3hwVFRjQXJ3WmdRSWxjSDQ5ZmtsTU5UWlFXREZHS3pCa1owcFVWR1U0Vmt4R2JVRmlTMUY2WjNVNWVscHNkR2Q0Yldodk0xaFZVbUZ3T0haaVkxbEJZbUkxYUhvNVkzaHJkWFJQWTJoRGIyazNkMjFCTURaTVFXSmlUbGhoUldSVk1tOXhUa2hsYjBKVFpGZHJjRmR4Y0doNmRDczJVbEpCY0hCclpVSjBlVEJPY1RCcVdrVllNM2cxVTJnNVJrRTNabXBpUlZWVmJHdzJTMWR4T0hsNE9XbEpPV0ZsTURjeU0wbEtkM0kzZUU1TmJHUnRWbVpvVlhaaWRtTklWblJzVldreVVrcEtObWhzV1haNWFraExOMEZOUzNZeVoxRlRNbGM0T1d3eFlVMWhZbkJMYkRacU5ESllWM2d2Ym5ONWJUWnllVloxWlhJd1EwTllLMlpYTTJaUFlXVTJMelZHUzBVeU1EaGFSR1JOYWpCdE9VdDJNVFF5ZDB3cmRpdEVNekpYY0VGTlQxRjFWblJzU1RSNWVUVmtZV05ETVRZd1YybDJPVlJZU0Rob1NTODBSa051ZG1kM2JGcEZRbWhVVVZCd1MwRnpTV0p2UzB4cGNIUjNXRzg1Ym5FeFR6VjRUelZOYzFsUWVrdG5iRUZQTDJWUmMwOWpXR3BMVkhOcU4yZHNaRXhKUTA5clQxQjRXSHBYUkM4eU1EbFFZWGswTnpsbmIyVlJWMnRIZEcxbk1sQllUVXd4WkdWeGRteHpSbVZ6YUVrMVdteFFXRll4TkRFeE9HdEZWWGRKYnpkVU15czJWMnhsVm05b1RYWlZaSFo1WlM5aGFFTjNlVGx4TmpkamRqWnVkRlJIY2s0dlRuWXlia05HVUhGcWVEaFlRM0ZRUWtRd1J5dFRVamN6Ym1kb05XaHFRMFJTT1ZCSmFGTjZiM2xFWjNWVGJYVnJkVkJYWWxkM1ZtZzJTMWxCTW1vdlYxUjRUakZ3UTJNck5qRlJVVE5FWjNoaU1FZGFZVEkyZVVoSmVGZDNkbXhXYm5Rd1ZtMUxaVEJuUm5wT01rb3JhazFwTWxWTmNXWmhTakJoZFdGRldFVjVNRlZIZEV4dVJXZGtjRkIxVDNGM2FETkdTa3MwUW5ZM05HeDNWRmhhVWt4R1draHpkVXBPU21kaFZXUnVaMnhWTkN0Q1QxSklLM0IwVWxvM1pVOXNTR2xoTXpoSGVtVkVUakpIWWtoMVpIUmpjRmxHTnpCU1IwUk5VMFF5ZUZCTFRqbFZSMHN4VWxsc1NYbFJMek13Um1wdldrTk1UVWxOY0ZVMFltVlRSRlZzUmpWT1dXZHNaMm80VFZCR2VtcHRabXRzVTJWbFdsTjJRMGx3TkVaWk1VUlJXWE5hSzFad05FNWlaRVF4WldVMVpVUm9TVE1yWm1WRVVUUmlRMnBxTXpGdGVGSTBOSEZEYTNZek1XUmxNM0pPUTBsT2FFZDFhRFZVYkdFd2NWbz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine
HTTP 302
https://rtpnt.xyz/v6/r?s=r7d&s3=1237394603&sid=20211111093334dfb3a94c9e9793076e HTTP 302
https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1237394603 HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=dadirekt.de&s1=r7d&s2=&s3=1237394603&s5=4 Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Da7328cdfde0fc523b8e7e7bb74eb0b93%26url%3Dhttps%253A%252F%252Fwww.dadirekt.de%252F&h=1ee0d2ca4bfa061b12be0673a54a2317 Page URL
-
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=a7328cdfde0fc523b8e7e7bb74eb0b93&url=https%3A%2F%2Fwww.dadirekt.de%2F
HTTP 302
https://www.awin1.com/cread.php?awinmid=11810&awinaffid=101248&clickref=at107999_a106652_m12_p134708_cDE_sa7328cdfde0fc523b8e7e7bb74eb0b93 HTTP 302
https://www.da-direkt.de/versicherungen/pkw1?WT.mc_id=paid.af.awin.kfz.kfz.link.text&merkmalid=947&pubid=101248&awc=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zanpid=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zxuserid=101248&pubid=101248 HTTP 301
https://www.da-direkt.de/versicherungen/autoversicherung/sea1?WT.mc_id=paid.af.awin.kfz.kfz.link.text&merkmalid=947&pubid=101248&awc=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zanpid=11810_1636583617_d5a32f18e7b611e4c4485a2cad7d429c&zxuserid=101248&pubid=101248 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.downnload.com/ HTTP 302
- http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yBQWT07hpoOVlipBU3Vj9g9e%2BZS6VH1rTsMivbT%2F5%2FiHUZtogLoi4enBXZPH5UKAtPd4rwVoSV%2BmPgUHzYOlHEhbVbyJRg489Vrn5YkvlYQ%2B7L7YvevS7E%2Fq9JzZysEUjUu9f5WIM4Uk6ZqFSQ%2BVquFXR5nQ%2FwbVFS4%2B%2BAOKiO8PxLrWBbSvuqyyNIOtpeFOpLy%2Bbbi2jTV2mEUKpsmGuLn1FhUiHX9jLO%2Fjj6j95PEgADcicNUtSu26bTVPCKLIDaOlvHvCvrAK0ZDzxJnrI0sV4%2BW9yWRxwUATsu12v4ciEuTWh%2BycJGOC2zLEdhoJTac%2BZy%2BL2ZMRwgjy%2B4JRhZsQ7KWeG9xcODh15Gjef7ly6J0%2BKSAEjfqJVewayfI3XZvamhR7UOrq47OPTPM%2FlmFc4UOzAP%2F57xJO0EiACOXoVD9%2BpdsRz%2BrjnbjzPYKYcm6eyRqfdQJ%2FZWm7D6SC3WK51%2Be4WmpcybcYpp2gLdfCaNBXdI8vzJvL5XJLcUcK7jITHokUWO%2F4QObzeTX%2FbQ1CHlnLWkBOftiVxhLrxIQabqSyghfKAYiGM9kRYLYV1Uyw%2BU%2F0967PAMNPOeyqFTddiAAHg4oFi%2FjdOls%2FwtvxsTGJvdzQY1MJOiM0fpst%2BjfZJu9FUXg3LQqzqtcoPtkMlFnd2K3Nox059f7ytrUn0rgqy%2FIoVNZDbt5PE6Dkbpz9K3rVQd6BgmUdQrRiREqyoNxRYTwoJw%3D%3D
- http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1237394603%26sid%3D20211111093334dfb3a94c9e9793076e&s=j&enc=TFk3TVR2Q3hwVFRjQXJ3WmdRSWxjSDQ5ZmtsTU5UWlFXREZHS3pCa1owcFVWR1U0Vmt4R2JVRmlTMUY2WjNVNWVscHNkR2Q0Yldodk0xaFZVbUZ3T0haaVkxbEJZbUkxYUhvNVkzaHJkWFJQWTJoRGIyazNkMjFCTURaTVFXSmlUbGhoUldSVk1tOXhUa2hsYjBKVFpGZHJjRmR4Y0doNmRDczJVbEpCY0hCclpVSjBlVEJPY1RCcVdrVllNM2cxVTJnNVJrRTNabXBpUlZWVmJHdzJTMWR4T0hsNE9XbEpPV0ZsTURjeU0wbEtkM0kzZUU1TmJHUnRWbVpvVlhaaWRtTklWblJzVldreVVrcEtObWhzV1haNWFraExOMEZOUzNZeVoxRlRNbGM0T1d3eFlVMWhZbkJMYkRacU5ESllWM2d2Ym5ONWJUWnllVloxWlhJd1EwTllLMlpYTTJaUFlXVTJMelZHUzBVeU1EaGFSR1JOYWpCdE9VdDJNVFF5ZDB3cmRpdEVNekpYY0VGTlQxRjFWblJzU1RSNWVUVmtZV05ETVRZd1YybDJPVlJZU0Rob1NTODBSa051ZG1kM2JGcEZRbWhVVVZCd1MwRnpTV0p2UzB4cGNIUjNXRzg1Ym5FeFR6VjRUelZOYzFsUWVrdG5iRUZQTDJWUmMwOWpXR3BMVkhOcU4yZHNaRXhKUTA5clQxQjRXSHBYUkM4eU1EbFFZWGswTnpsbmIyVlJWMnRIZEcxbk1sQllUVXd4WkdWeGRteHpSbVZ6YUVrMVdteFFXRll4TkRFeE9HdEZWWGRKYnpkVU15czJWMnhsVm05b1RYWlZaSFo1WlM5aGFFTjNlVGx4TmpkamRqWnVkRlJIY2s0dlRuWXlia05HVUhGcWVEaFlRM0ZRUWtRd1J5dFRVamN6Ym1kb05XaHFRMFJTT1ZCSmFGTjZiM2xFWjNWVGJYVnJkVkJYWWxkM1ZtZzJTMWxCTW1vdlYxUjRUakZ3UTJNck5qRlJVVE5FWjNoaU1FZGFZVEkyZVVoSmVGZDNkbXhXYm5Rd1ZtMUxaVEJuUm5wT01rb3JhazFwTWxWTmNXWmhTakJoZFdGRldFVjVNRlZIZEV4dVJXZGtjRkIxVDNGM2FETkdTa3MwUW5ZM05HeDNWRmhhVWt4R1draHpkVXBPU21kaFZXUnVaMnhWTkN0Q1QxSklLM0IwVWxvM1pVOXNTR2xoTXpoSGVtVkVUakpIWWtoMVpIUmpjRmxHTnpCU1IwUk5VMFF5ZUZCTFRqbFZSMHN4VWxsc1NYbFJMek13Um1wdldrTk1UVWxOY0ZVMFltVlRSRlZzUmpWT1dXZHNaMm80VFZCR2VtcHRabXRzVTJWbFdsTjJRMGx3TkVaWk1VUlJXWE5hSzFad05FNWlaRVF4WldVMVpVUm9TVE1yWm1WRVVUUmlRMnBxTXpGdGVGSTBOSEZEYTNZek1XUmxNM0pPUTBsT2FFZDFhRFZVYkdFd2NWbz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
- https://rtpnt.xyz/v6/r?s=r7d&s3=1237394603&sid=20211111093334dfb3a94c9e9793076e HTTP 302
- https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1237394603 HTTP 302
- https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=dadirekt.de&s1=r7d&s2=&s3=1237394603&s5=4
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
r2.php
1redirb.com/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
1redirb.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
1redirb.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
1redirb.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
lookandfind.me/s/ Redirect Chain
|
429 B 596 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r
lookandfind.me/s/ |
345 B 375 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sea1
www.da-direkt.de/versicherungen/autoversicherung/ Redirect Chain
|
66 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-min.css
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/styles/ |
342 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centrano2-bold-f88fa8d-woff2.woff2
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centrano2-book-09611d5-woff2.woff2
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/fonts/ |
42 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centrano2-medium-78b1a18-woff2.woff2
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/fonts/ |
28 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.da-direkt.de/-/media/Project/DADirekt/Global/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook_outline.png
www.da-direkt.de/-/media/Project/DADirekt/Global/ |
1009 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter_outline.png
www.da-direkt.de/-/media/Project/DADirekt/Global/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_outline.png
www.da-direkt.de/-/media/Project/DADirekt/Global/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-min.js
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/scripts/ |
103 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors-min.js
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/scripts/ |
288 KB 123 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrekk-0869e90-min.js
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/scripts/ |
490 B 606 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadchatmodul.php
chat31.realperson.de/system/scripts/ |
67 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.da-direkt.de/ |
138 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
304 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons-81c74c3822ce511608cc0e1823f2c9e3.svg
www.da-direkt.de/frontend/assets/svg/ |
4 KB 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
744 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
227 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
952 B 952 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
960 B 960 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beste-kfz-versicherung-wechsel.png
www.da-direkt.de/-/media/Project/DADirekt/Website/kfz/ |
80 KB 80 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10-prozent-rabatt-60amazon-da-direkt_1.png
www.da-direkt.de/-/media/Project/DADirekt/Website/aktionen/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meinedadirekt-vorteile-fahrzeugwechsel.png
www.da-direkt.de/-/media/Project/DADirekt/Website/meine-da-direkt/ |
50 KB 50 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
da-direkt-reparatur-mobilitaetsservice.png
www.da-direkt.de/-/media/Project/DADirekt/Website/schaden/ |
36 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meine-da-direkt.png
www.da-direkt.de/-/media/Project/DADirekt/Website/meine-da-direkt/ |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siegel-Kfz-StW-Ftest_2020_12_01.png
www.da-direkt.de/-/media/Project/DADirekt/Website/siegel/ |
29 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siegel-FAZ_2021-01_V02.png
www.da-direkt.de/-/media/Project/DADirekt/Website/siegel/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siegel-Tuv-Service-2020-06_03.png
www.da-direkt.de/-/media/Project/DADirekt/Website/siegel/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrekk-0869e90-min.js
www.da-direkt.de/-/media/Themes/DADirekt/Global/DADirektTheme/scripts/ |
490 B 611 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
loadconfig.php
chat31.realperson.de/system/scripts/ |
740 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
111
chat31.realperson.de/system/rest/v1.0/availability/ |
145 B 430 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.da-direkt.de/ |
1 B 49 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
realperson-code.css
chat31.realperson.de/system/css/ |
24 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
realperson-code.css
chat31.realperson.de/system/layouts/da-direkt-2020/css/ |
95 B 412 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadlayerchatmodul-v2.js
chat31.realperson.de/system/scripts/ |
114 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer2.css
chat31.realperson.de/system/layouts/da-direkt-2020/css/ |
139 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
loadstatus.php
chat31.realperson.de/system/scripts/ |
2 B 500 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DEPT_off1499405612.PNG
chat31.realperson.de/system/web/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| webpackJsonp object| __gondelPluginEvents object| RPChatHelper object| __š”Registries function| pm object| SeamlessBase function| SeamlessConnection function| seamlessOpenFallback function| seamless function| flatpickr object| regeneratorRuntime object| rp object| rpChatConfig object| __š”DomEvents undefined| $ function| jQuery function| Cookies object| ss11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.downnload.com/ | Name: __tad Value: 1636583614.4762213 |
|
.1redirb.com/ | Name: __dsnsid Value: 20211111093334dfb3a94c9e9793076e |
|
utkv6nyu.de/ | Name: PHPSESSID Value: 7h4fsgtiuc25b1ur1htetrvfe2 |
|
.awin1.com/ | Name: aw11810 Value: 101248|0|0|1636583617|at107999_a106652_m12_p134708_cDE_sa7328cdfde0fc523b8e7e7bb74eb0b93|aw|0 |
|
.awin1.com/ | Name: bId Value: HLEX_618c48c161b4f1.89888192 |
|
.da-direkt.de/ | Name: visid_incap_270044 Value: yl2+kPrkQTOCARL2DxdCCsFIjGEAAAAAQUIPAAAAAAAjbBbNGYmEnFscHnpFkPEo |
|
.da-direkt.de/ | Name: incap_ses_1288_270044 Value: fS4VHQENEkPgGeaTfuXfEcFIjGEAAAAAPaWVV+iEwDPkq84Qjw27BA== |
|
www.da-direkt.de/ | Name: merkmalid Value: 947 |
|
www.da-direkt.de/ | Name: sxa_site Value: Website |
|
www.da-direkt.de/ | Name: ___utmvc Value: FIpV2yQ0OXQ7ev0swjex4y6Jud7YcFeLXpzejvKanqIhi+JEqGnOF0gZ3yvkUJcvC6yoILvkljvuAUf7zlt6MdQncXR+oNeceZCY8iLGmMxcnab2eJehV6qoX2gPGujBEA3ZOj/kEAl7MhR2Hfc4tU042q85NTvFAofph9KB/mAtR3yudm5B54FJRuil3vZlgE6HtQ6jzaRUHgViKjtWaYDgAKuOxDb6Z3Wxbtzd+2avMpmf6dYZTTibgfzHpPwmkUihDIw5NRK+BMcWU674RXRdn5Ml4bW25/sEi1e5ZSWjT5Lez+kKqzm7GfxiFUun+9wiqVOzoaUEm53qFccT1ftxDU7KYxz69UB15NvwpOJomamR/8nTHVFmfSNrlw25V7dBeY9B0BD0V6PE59b4Ftm6RtinvDy7iIyD9epyzNjrGOf8h679ksxmlzf+cnl0LcIViMXRnTK21uTQJ0NIIfeNLZAPU/G8B3Qr0JzjeVy7aaeymu+f8tpXNqlN/NIUCMRBENXRlYX2FMj90aAg7aH0IKuRPlLRM9/BYggSY1NkMnjO6AtWUxyRvOK3cz7z3MWE2NkN3nfrf+us3IUZS9QoPbAZss9H5aaNghjcy3l5x4KGFULZMKz8qbfDjWcAU+fbSsLvFg0riPt8mnD5Zq4si0v4Y749BicXDu3S78YGJve3Sm7kPd7bob7TJwH/kqWyvzEza8GXcXhgS6vlAsvQUgVtGvdQrzmm1wlfbuKxxM77DnaHasthq07+ygCtXayS8EvP+Uh39adLsLAKoL+T2Shj3do5sjA3u0dO4QjmFDqAeeTTB/e35eUjcEt2gaYztTqPswM0YiTLmGgkKYrkqW66mAQ4IcLiIjirpdUF2xmAe7itG3NonVxFjlP+H+ZTD4VHnu2bGduxf0HLWfh8GzsfNvZ9kV0A7SUo4NW81493favC7DZPox825DGeozdm8o2LloGdJ2b1QHgelhN3eylTbq3MDm/Ke5GOrJrrlaRnSZtXxvndnS4xWSrNFk2J51IMhYKj9j0VEdHTWxi+bj0t1DvNXVIs5FuYU3x6Z24/h5ittNVA8SR599lVK7v9Fd5/QP4M5Z63ok5e5fT5tYRdsu++wJG22FRVzWV+ya23SmDlVeUYyHPL3e4FXe/COePli0uMXbCGaCEUg+gGco9FcAKzimJ37GlX1ih09ezkJQn0Pp8Gx9frUYGrOBQ0+Uc+SYjl6cWqArsNM9R4nkOFXbt9Fduunfi4/YduPyppIYCkaUroY+9DY5nGH7FtQzsxr9mYkHlXUW0RnEp/duQw3bP0h5ssMI8k0h2jlnLkxlCY0GcnS6u2fNoMn/DzXEAuJvKIcxsc4vxWAxQp86CMpi1z52aqAqMcbua6ZpBwoYt0JNyACRYF+WEFYwMQYoouPB0L907rJ4mMxXqYgSprBE75MU1abYxDEZl351JhEgVRNJP2XHT98lgO3HM3Jlfw/kZrtZ1qa+PVZpilcUGrUO3EtU5xu1pg0Szv4Of9lpZmAP5HUklIVP6JyCupN9iO1OPEG+4bAe5DFNAU5i1isizPYUInLDihWRyw2dApOZUILuxfN8FhNhsy45S6qkaYI/xOMyCr7sTJkujFx5HJISCDYvY4M8lfI7MT1C7Mz3KYSa4fTI6cdHsGOlVtX4s3xZKTBpricTreH02oASxNyyRoqi2pdDSxAEVxs8ccaiHz3U60ZmrYf9zBleV0ECrYRmXTdCffeVLrZKeulUt2SF3WAnY1Q1PZScBplh63UCCQJ/Yy6j1HY0fQOvQstBfVmu+h1ut+L22k6B51LFB/FQ+jijjjS4gHufGfVIFU9o/Av0iDFBjApx5l9EMzl926newh194Pn16fKrP2EbVWCw9ZyWsEZMlUkwUR9vri6KK6PkCUMuxiDmRgQa2KoMubQoLguPx3H20UL79UGuN+6tMOExNMPuiUos36Z8IWql6n05ZjgWEDSMLs4qgG2Xjyn4MI9PeBZ66qVU71GCP9c+fUQZDQXD0OZiPTX2lieZq/ObXUj1iw9Qr5nG8n96kIfGZyvFSoTF3ryVBVLza4LUKeOUDKNs/9IV8Mq8p8Sa/SCY7YJBogueHHZ4gMC8AsX2pO0Q8JeLAyctDwcWaODJ5b5asQXP337yBZhCtimjOVRxyui5i6Csy8CmLD+ywtdHT+VUPuUIe1yw3YnN1acmEARL0TayupgfVRziejLcjqPdTo2K/yA2k/RiRlD1+feY0vnvVyGmMDPGjqr3Sxo97i9hE2TrY7YArm3lHJZL5cO/hQN48XhyMc2i4NKNfsa2mgZ/DjkPaWVpWKpWH84OSp+MIWf8y1MvMSUVCsSTHYgszvUbmGGr9RggDOjXx3fwfWG74iVOoy7YEJwSU2TkqwWWAOjiK4r2tqcXBypD2L1dUjtmvVs/h9opuluoKWVCciyTo1WsdDJMoJKQE2FDRb1S1Ab2l6vA4aSwWl5XUs8/qvjzuyMyXyOAdED4HmRHHOP2pJbPFfdoGZCUuzdlL+GmYcbVNx3QhyNfg0QLnjgFX6AceqHmiuo8gabBL8TF4UcZrTdBWZ/aX9vVmQ7PL1u2SqeGLZ69GJylLQranjqKws7UcD6cX4ii6unV1q2a/EG80gOzT5n5t2D+xbJlSHD9+cTNABPZpSIDT0H+tImviZxykuquXVEY6vUMncBFjJLGRpZ2VzdD0xODQ3MDYscz05NDgyOTZhYjgyODM3YjYzNmM4YTg2YjA5NDg3NzY4YWEyOWY5NDljODQ5MTdiNzg5YjljOGM4YmExYWI2OTY4NmM4YWE1YTk4NTg5NzE3NA== |
|
.da-direkt.de/ | Name: REALPERSON_SESSION Value: ic6kp9hkjd186qg62r5pln3q7gqmoq0o1rdfc9vi |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirb.com
chat31.realperson.de
clever-redirect.com
code.jquery.com
lookandfind.me
rtpnt.xyz
utkv6nyu.de
www.awin1.com
www.da-direkt.de
www.downnload.com
www.googletagmanager.com
103.224.182.206
103.224.182.244
104.111.239.217
157.90.169.168
2001:4de0:ac18::1:a:1a
2606:4700:3036::6815:1a18
2a00:1450:4001:82a::2008
45.60.64.176
49.12.0.235
78.46.197.88
85.215.2.156
05bad8a8e1bcfbd788aefb1d78d5846720adc8adaeb7e2d5da8d77074f75cd49
08f24bbd5921fe0967725dc694f55e0b3b62d3bba4a08910bd6e33ee608b14be
0d6d5b02c8284b55af8bf8ea76ec975114618f5ae4305d0dff274751464d5b5e
0dd042e095d89003059f1a09e4c5bfc6bb896c311a4f2e048387a4e2ad8a76a5
11434223261497eee2b1a2d48b7f9fa6c431b4de32b7c36008119c0cced4f411
14665d99e2416fc1a9b96bdd5d52214eccffd6b54fbed07c100abfcae9df44cb
21e7004399c49e172830c11f3dfb948a18f38b2384e63fa504bf8f03ded293cc
2a2538ab18054f17c116fc3132235af756d0d51dd21c717a199c702574dfaa2d
3a4659f9537cda4e61d565229fb2f18331a4d93e0b97cbbbfbfc8cdb930bdf41
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5213d215d1500e6dad4cf8f03a19df5d0dfdd55625808f3f0121fc44832ef944
57c691ba187bb07de449016481cbc2247819de577f15fa16a03d1c932d239946
5d56ef41a22fa0d0cd71be62b2b87a15a824c96c890610701081d0cacf11d819
5fb71a5748368d589340c1ba2e9104a569b59f1906cd2c03165be1953380e63d
697517dd14716434477c37512382e69ae73ae246f3c80f85ef18e808b511040d
6a4b5c801f146ebc9ca12b31fb5d214f4520e9e2212753bb369dd7ded740fa54
73145b6ac5849e9af6beeba3f31ef1bd9c54b4fdf484d8eabdd573d529d90b38
7d4208526bbaa938e1d94c89e002e9d87be931fde6442739ae2c57f5bd4b697b
8461f7967a1bbecc232ced16ddfdbbf8685d0b42302042dfb2d8adf9a20dfd7d
878a0a7f127fdba2946fa9f244af962a334144c91467ec3bfbc54e8df80ba902
8a3def222452508374502ddcabc12a7f72fe3aaa3dd757e477b7fe88daeb8d0c
8c2080a7a4db73e807153c08130372d30d0dfba94310f0fc74c26e4b57adfd22
8dfdec9f8650451ceb8546ccc781979ad130d1e484d2832c502240712c37d995
981b61d0e49e513380caa96c786e7e1b0bdc0dad5976edd28370c453a3315fbe
9e9e421682616e77c84400d3e0e71477f195b711ec434f4a2c64cc1fe0b71b37
a18ee774188fb5667424990429b5bd0520ab98270d97033e74afde2bf7b1b323
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
af90573ece5915637aceb30f2a1e55220f1dc54a47495e4df4845549cda63cab
b62005c5f5848bf7290cd83e9d99e196046d0e221e1366d22762b7197effd501
bac5470c848a72518faf5168a890dc76a7428b9e829c3787b296843d03cba1ea
c3eb9a7373194d029ffda49823ca92a46e73758a17c6ddb834fc1b78852caaf5
c66aabda0125d2f791350f8f37531dcfcd4a27f434e03bc1cd6556e1cfd2b8b0
d45f041d2265ed49888ef77e80c3de8a2edfbc38cc27a369b6693a891ff65a61
d6dc16a03f2b46ca201f7b9e6dfedd22e28a49e885889f0cbcd02b1e89a9de4b
e2a5013e5f279ca514650fc0970f8f7a5d055c9d6da8cdf185a3d53a18b9126f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4c8795032b65afb35b5112c117646a0bc3e6569c4044e1db77c033f859ce62
f9a7a90784c1daa73ca0d044e8a3187b5f4e8e1ac747ef4bb012a4c1dae64c73
fac7265f9f4bdbe2a4e197adae860ae6442497cd94459c03bc89c892e791b6f3
faf61edbc219208b68122c7c9ca8c3c6ebd70e80e3df10d5b3bd6bba3e685a16
fcb109f12372d64d3880019e856f8281b802352d27a9b4aa366b360d2e3036d8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e