www.manfradytrade.com Open in urlscan Pro
77.91.100.15  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Login Show response www.manfradytrade.com/Account/	13 KB 14 KB	566ms 410ms	Document text/html	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 979455b52252c45ffc3ee5666954194911fb2ab06a929ee5957d0d615308ff7d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers Cache-Control private Connection keep-alive Content-Length 13697 Content-Type text/html; charset=utf-8 Date Tue, 27 Feb 2024 17:35:40 GMT Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET
GET H2	200	css2 fonts.googleapis.com/	8 KB 1 KB	443ms 50ms	Stylesheet text/css	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700&display=swap Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software ESF / Resource Hash 230e78ba013aecc04f09fbf044746a7e40320650bd2b542fd215c4be1ea64f66 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Feb 2024 17:35:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Feb 2024 17:35:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Feb 2024 17:35:41 GMT
GET H/1.1	200 OK	Css www.manfradytrade.com/Content/	305 KB 305 KB	353ms 353ms	Stylesheet text/css	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash d5964b9fc86dcac313d932cb45ce4e2cfb65075f8c7101bb125a02859b3b5c29 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:40 GMT Last-Modified Tue, 27 Feb 2024 17:35:40 GMT Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent Content-Type text/css; charset=utf-8 Cache-Control public Connection keep-alive Content-Length 312224 Expires Wed, 26 Feb 2025 17:35:40 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	447ms 45ms	Script text/javascript	142.250.186.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f10.1e100.net Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 04:17:59 GMT content-encoding gzip x-content-type-options nosniff age 47862 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Feb 2025 04:17:59 GMT
GET H2	200	jquery-migrate-1.2.1.min.js Show response code.jquery.com/	7 KB 3 KB	434ms 48ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-migrate-1.2.1.min.js Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:41 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 14151545 x-cache HIT, HIT content-length 3063 x-served-by cache-lga21931-LGA, cache-fra-eddf8230076-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1709055341.217645,VS0,VE0 etag W/"28feccc0-1c1f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 3, 10057
GET H/1.1	200 OK	jquery Show response www.manfradytrade.com/bundles/	208 KB 208 KB	482ms 353ms	Script text/javascript	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://www.manfradytrade.com/bundles/jquery?v=ZEUwXTmUeuZIm61PHarY3NvOOYORYc_veI27yMD0VDA1 Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 44fbbcc1ea1a329d0f0061f2e5559283b393aef869a413121d6e7751768a70a8 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 27 Feb 2024 17:35:41 GMT Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent Content-Type text/javascript; charset=utf-8 Cache-Control public Connection keep-alive Content-Length 212938 Expires Wed, 26 Feb 2025 17:35:41 GMT
GET H/1.1	200 OK	cfa9ac68-a546-4aa0-a20c-34fb40e40818 www.manfradytrade.com/SKImageHandler/GetLanguageImage/	3 KB 3 KB	317ms 186ms	Image image/jpg	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/SKImageHandler/GetLanguageImage/cfa9ac68-a546-4aa0-a20c-34fb40e40818 Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 756a5cb8634a0dc37fc0f409107d53cefd2e487709d680ad8d9440abffc702b0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT X-AspNetMvc-Version 5.2 Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/jpg Cache-Control private Connection keep-alive Content-Length 2882
GET H/1.1	200 OK	2b76ec30-8855-4a0b-b990-e8737b56d0a7 www.manfradytrade.com/SKImageHandler/GetLanguageImage/	718 B 968 B	167ms 167ms	Image image/jpg	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/SKImageHandler/GetLanguageImage/2b76ec30-8855-4a0b-b990-e8737b56d0a7 Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash d8bd2f250c5a9df975ea8f194fcc31ec6ec2afa1e8b89c9316eba2151f5d7a0a Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT X-AspNetMvc-Version 5.2 Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/jpg Cache-Control private Connection keep-alive Content-Length 718
GET H/1.1	200 OK	fe610293-f727-4c51-a82f-eb90a1edf36a www.manfradytrade.com/SKImageHandler/GetLanguageImage/	778 B 1 KB	165ms 164ms	Image image/jpg	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/SKImageHandler/GetLanguageImage/fe610293-f727-4c51-a82f-eb90a1edf36a Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 7dbe5bbfaa367bd47200c88a71f8d0b88f45ef95f2626ad5b6d1b84ee7be2050 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT X-AspNetMvc-Version 5.2 Server nginx/1.24.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/jpg Cache-Control private Connection keep-alive Content-Length 778
GET H/1.1	200 OK	img-qr-google.png www.manfradytrade.com/Content/Images/	480 B 744 B	263ms 132ms	Image image/png	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/Content/Images/img-qr-google.png Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 371667e7da9fa8dade448f8e49d469e07aebdca932a271de4f87e2955159c111 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 480
GET H/1.1	200 OK	img-qr-apple.png www.manfradytrade.com/Content/Images/	381 B 645 B	141ms 141ms	Image image/png	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/Content/Images/img-qr-apple.png Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 4b49d196ac84414313db35543bc0eed11c6aaf6719d76c8d48b569b44f402795 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 381
GET H/1.1	200 OK	company_loader.gif www.manfradytrade.com/Content/images/	9 KB 9 KB	143ms 142ms	Image image/gif	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/Content/images/company_loader.gif Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 053a3d45d68b3dfae52bed276d30670aa81bac4335464e462b371b4c74e5614a Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 8853
GET H2	200	dmcncnJBPu Show response code.jivosite.com/widget/	17 KB 6 KB	451ms 43ms	Script application/javascript	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/widget/dmcncnJBPu Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 0192904350e6522d231f1f3cae12d34646fc5cb6fd09e259d2dd8f8223d67c0c Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:41 GMT content-encoding br via 1.1 sharxy x-cached-since 2024-02-27T15:52:58+00:00 x-geo-shard ya content-length 6058 x-node am4-up-gc94 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-17aa" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=7200 cache HIT accept-ranges bytes expires Wed, 21 Feb 2024 12:33:24 GMT
GET H/1.1	200 OK	customJsValidation.js Show response www.manfradytrade.com/Scripts/	2 KB 3 KB	142ms 141ms	Script application/javascript	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://www.manfradytrade.com/Scripts/customJsValidation.js Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash b5d5c721a18fd9cb8bac95840ddec10593b478b052837e3a8f772de7e7cfe8b4 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2482
GET H/1.1	200 OK	bg-login.jpg www.manfradytrade.com/Content/images/	689 KB 690 KB	383ms 383ms	Image image/jpeg	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/Content/images/bg-login.jpg Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 383885e81e560fc7d9721d76f9041e3055fe083fd7f9786a5d607cf058cf3c33 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 705947
GET H/1.1	200 OK	logo.svg www.manfradytrade.com/Content/images/	12 KB 12 KB	133ms 133ms	Image image/svg+xml	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://www.manfradytrade.com/Content/images/logo.svg Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash 4b8fa2978de333111b306c300d4ea9e0ce41898bc44213bb465c5b2f341aed04 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 12083
GET H2	200	LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 fonts.gstatic.com/s/plusjakartasans/v8/	27 KB 27 KB	441ms 43ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.manfradytrade.com accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Wed, 21 Feb 2024 05:07:21 GMT x-content-type-options nosniff age 563300 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27444 x-xss-protection 0 last-modified Thu, 22 Jun 2023 14:14:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Feb 2025 05:07:21 GMT
GET H/1.1	200 OK	icomoon.ttf www.manfradytrade.com/Content/fonts/	18 KB 18 KB	270ms 172ms	Font application/octet-stream	77.91.100.15 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://www.manfradytrade.com/Content/fonts/icomoon.ttf?thbur3 Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.91.100.15 Sofia, Bulgaria, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm2095710.stark-industries.solutions Software nginx/1.24.0 / ASP.NET Resource Hash f2a497339eb2598e64394532ce571c1c94ca129122ae7001afebc50d41777191 Request headers Referer https://www.manfradytrade.com/Content/Css?v=rznwpqtY2n90PPDVSrV04xaafbhXJMmstrEr7cm4kYw1 Origin https://www.manfradytrade.com accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 17:35:41 GMT Last-Modified Tue, 20 Feb 2024 10:08:06 GMT Server nginx/1.24.0 ETag "078bb2e463da1:0" X-Powered-By ASP.NET Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 17924
GET H2	200	dmcncnJBPu Show response code.jivosite.com/script/widget/config/	3 KB 1 KB	453ms 51ms	XHR application/x-javascript	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/script/widget/config/dmcncnJBPu Requested by Host: code.jivosite.com URL: https://code.jivosite.com/widget/dmcncnJBPu Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash b5effbc3128489d0ab114cbd22d8ffd480ca63269a40b5cb36065d46c53b22ca Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:42 GMT content-encoding gzip via 1.1 sharxy server nginx vary Accept-Encoding x-cached-since 2024-02-27T15:52:59+00:00 content-type application/x-javascript access-control-allow-origin * cache-control max-age=7200 cache HIT accept-ranges bytes x-geo-shard ya content-length 1115 x-node am4-up-gc94 expires Tue, 27 Feb 2024 17:52:59 GMT
GET H/1.1	200 OK	dmcncnJBPu Show response node-ya-8.jivosite.com/widget/status/2144057/	145 B 694 B	378ms 271ms	XHR application/json	57.128.74.65 OVH
General Check archive.org Show headers Download Go to Full URL https://node-ya-8.jivosite.com/widget/status/2144057/dmcncnJBPu?rnd=0.741924021943337 Requested by Host: code.jivosite.com URL: https://code.jivosite.com/widget/dmcncnJBPu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 57.128.74.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3227025.ip-57-128-74.eu Software nginx / Resource Hash 403e743c7d13f0a390c02d9049b31e09a306148192e6d958c105bc9c0d1015ca Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; X-Frame-Options DENY Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Feb 2024 17:35:42 GMT Content-Security-Policy frame-ancestors 'none'; Server nginx X-Botmode no X-Geoip PL;14;Warsaw (Ursyn\u00f3w) X-Frame-Options DENY Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.manfradytrade.com Access-Control-Expose-Headers X-Geoip, X-Botmode Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Max-Age 1728000 Content-Length 145
GET H2	200	bundle_pl.js Show response code.jivosite.com/js/	1 MB 239 KB	49ms 49ms	Script application/javascript	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/js/bundle_pl.js?rand=1708510179 Requested by Host: code.jivosite.com URL: https://code.jivosite.com/widget/dmcncnJBPu Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash cd20b1b134a2872b5d2dd843a4e3b303ce2e7b87fa50cd7dc0655726e6cc6dc3 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:42 GMT content-encoding br via 1.1 sharxy x-cached-since 2024-02-27T10:59:47+00:00 x-geo-shard ya content-length 244490 x-node am4-up-gc95 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-3bb0a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=86400 cache HIT accept-ranges bytes
GET H2	200	widget.css code.jivosite.com/css/3f162a1/	134 KB 39 KB	49ms 49ms	Stylesheet text/css	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/css/3f162a1/widget.css Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 11f07fa74125560748c067d5aa181094b28dbf2201a8a93e5e01eb29000289b9 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:43 GMT content-encoding br via 1.1 sharxy x-cached-since 2024-02-21T10:58:47+00:00 x-geo-shard ya content-length 40135 x-node am4-up-gc95 last-modified Mon, 19 Feb 2024 13:28:52 GMT server nginx etag "65d35794-9cc7" vary Accept-Encoding content-type text/css cache-control max-age=864000 cache HIT accept-ranges bytes expires Sat, 02 Mar 2024 10:58:47 GMT
GET H2	200	omnichannelMenu.widget.css code.jivosite.com/css/3f162a1/	4 KB 1 KB	51ms 50ms	Stylesheet text/css	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/css/3f162a1/omnichannelMenu.widget.css Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 5dcd1e08a12a7ab9ef9acb4079e1b5770915d461e1293a6f3965d3b46e096967 Request headers accept-language pl-PL,pl;q=0.9 Referer https://www.manfradytrade.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:43 GMT content-encoding gzip via 1.1 sharxy x-cached-since 2024-02-21T10:59:25+00:00 x-geo-shard ya content-length 1341 x-node am4-up-gc95 last-modified Mon, 19 Feb 2024 13:28:52 GMT server nginx etag "65d35794-53d" vary Accept-Encoding content-type text/css cache-control max-age=864000 cache HIT accept-ranges bytes expires Sat, 02 Mar 2024 10:59:25 GMT
GET H2	200	omnichannelMenu.js Show response code.jivosite.com/js/3f162a1/ Frame A9AC	34 KB 9 KB	51ms 51ms	Script application/javascript	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/js/3f162a1/omnichannelMenu.js Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 43e3d6330669a48e10daae04e54602fdc43abee605613924d668d3dcdd25f907 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 17:35:43 GMT content-encoding br via 1.1 sharxy x-cached-since 2024-02-27T10:27:44+00:00 x-geo-shard ya content-length 9622 x-node am4-up-gc94 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-2596" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=86400 cache HIT accept-ranges bytes
GET DATA	200 OK	truncated /	306 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4ef2ebed6f30f8921be519bd1be0b78606157dd136617f69406bb5078ddcf27 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	agent_message.mp3 code.jivosite.com/sounds/	4 KB 4 KB	51ms 51ms	Media audio/mpeg	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/sounds/agent_message.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43 Request headers Referer https://www.manfradytrade.com/ Accept-Encoding identity;q=1, *;q=0 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Range bytes=0- Response headers date Tue, 27 Feb 2024 17:35:43 GMT via 1.1 sharxy x-cached-since 2024-02-21T10:59:35+00:00 Content-Range bytes 0-3759/3760 x-geo-shard ya x-node am4-up-gc95 Content-Length 3760 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-eb0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 22 Mar 2024 10:59:35 GMT
GET H2	206	notification.mp3 code.jivosite.com/sounds/	6 KB 6 KB	52ms 52ms	Media audio/mpeg	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/sounds/notification.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab Request headers Referer https://www.manfradytrade.com/ Accept-Encoding identity;q=1, *;q=0 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Range bytes=0- Response headers date Tue, 27 Feb 2024 17:35:43 GMT via 1.1 sharxy x-cached-since 2024-02-21T10:26:43+00:00 Content-Range bytes 0-5807/5808 x-geo-shard ya x-node am4-up-gc94 Content-Length 5808 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-16b0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 22 Mar 2024 10:26:43 GMT
GET H2	206	outgoing_message.mp3 code.jivosite.com/sounds/	5 KB 5 KB	53ms 53ms	Media audio/mpeg	5.101.37.37 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/sounds/outgoing_message.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11 Request headers Referer https://www.manfradytrade.com/ Accept-Encoding identity;q=1, *;q=0 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Range bytes=0- Response headers date Tue, 27 Feb 2024 17:35:43 GMT via 1.1 sharxy x-cached-since 2024-02-21T10:28:27+00:00 Content-Range bytes 0-5013/5014 x-geo-shard ya x-node am4-up-gc94 Content-Length 5014 last-modified Mon, 19 Feb 2024 13:28:53 GMT server nginx etag "65d35795-1396" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 22 Mar 2024 10:28:27 GMT
POST H/1.1	204 No Content	w telemetry.jivosite.com/ Frame A9AC	0 103 B	206ms 90ms	Ping text/plain	57.128.74.66 OVH
General Check archive.org Show headers Download Go to Full URL https://telemetry.jivosite.com/w Requested by Host: www.manfradytrade.com URL: https://www.manfradytrade.com/Account/Login?ReturnUrl=%2Fpl%2Fdeposit-methods Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 57.128.74.66 , France, ASN16276 (OVH, FR), Reverse DNS ns3227016.ip-57-128-74.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Connection keep-alive Date Tue, 27 Feb 2024 17:35:44 GMT Server nginx

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| SubmitThisForm boolean| isSendNewsletter function| submitNewsletter function| contactPopup function| checkScroll function| tableDivider function| goToByScroll function| initDropDown function| updateDrops function| footerDrop function| initTabs function| initPopups function| submitLoginForm function| submitCurrentForm function| SubmitForm function| getDialingCode function| buildTradingAccountsMobile function| InputValueWasChanged function| positionLightbox function| openPopupManual function| closePopupManual function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.manfradytrade.com/	1970-01-20 18:44:17	Name: 3776c04a-4833-4701-872a-aa339a77868e Value: 96
			www.manfradytrade.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hzqcys3ktakfiw41c2mrxg0o
			www.manfradytrade.com/	1970-01-20 19:26:00	Name: CmsPixelRefreshCookieHead Value: /Account/Login
			www.manfradytrade.com/	1970-01-20 19:26:00	Name: CmsPixelRefreshCookieBody Value: /Account/Login

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jivosite.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
node-ya-8.jivosite.com
telemetry.jivosite.com
www.manfradytrade.com
142.250.185.234
142.250.186.138
142.250.186.99
151.101.194.137
5.101.37.37
57.128.74.65
57.128.74.66
77.91.100.15
0192904350e6522d231f1f3cae12d34646fc5cb6fd09e259d2dd8f8223d67c0c
053a3d45d68b3dfae52bed276d30670aa81bac4335464e462b371b4c74e5614a
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
11f07fa74125560748c067d5aa181094b28dbf2201a8a93e5e01eb29000289b9
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
230e78ba013aecc04f09fbf044746a7e40320650bd2b542fd215c4be1ea64f66
371667e7da9fa8dade448f8e49d469e07aebdca932a271de4f87e2955159c111
383885e81e560fc7d9721d76f9041e3055fe083fd7f9786a5d607cf058cf3c33
403e743c7d13f0a390c02d9049b31e09a306148192e6d958c105bc9c0d1015ca
43e3d6330669a48e10daae04e54602fdc43abee605613924d668d3dcdd25f907
44fbbcc1ea1a329d0f0061f2e5559283b393aef869a413121d6e7751768a70a8
4b49d196ac84414313db35543bc0eed11c6aaf6719d76c8d48b569b44f402795
4b8fa2978de333111b306c300d4ea9e0ce41898bc44213bb465c5b2f341aed04
5dcd1e08a12a7ab9ef9acb4079e1b5770915d461e1293a6f3965d3b46e096967
756a5cb8634a0dc37fc0f409107d53cefd2e487709d680ad8d9440abffc702b0
7dbe5bbfaa367bd47200c88a71f8d0b88f45ef95f2626ad5b6d1b84ee7be2050
979455b52252c45ffc3ee5666954194911fb2ab06a929ee5957d0d615308ff7d
b5d5c721a18fd9cb8bac95840ddec10593b478b052837e3a8f772de7e7cfe8b4
b5effbc3128489d0ab114cbd22d8ffd480ca63269a40b5cb36065d46c53b22ca
cd20b1b134a2872b5d2dd843a4e3b303ce2e7b87fa50cd7dc0655726e6cc6dc3
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d5964b9fc86dcac313d932cb45ce4e2cfb65075f8c7101bb125a02859b3b5c29
d8bd2f250c5a9df975ea8f194fcc31ec6ec2afa1e8b89c9316eba2151f5d7a0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ef2ebed6f30f8921be519bd1be0b78606157dd136617f69406bb5078ddcf27
f2a497339eb2598e64394532ce571c1c94ca129122ae7001afebc50d41777191
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43