ajaxfans.b2clogin.com
Open in
urlscan Pro
20.190.160.69
Public Scan
Submitted URL: https://tickets.ajax.nl/
Effective URL: https://ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/authorize?client_id=30cd035e-...
Submission: On September 17 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/authorize?client_id=30cd035e-...
Submission: On September 17 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 22 IPs
in 5 countries
across 19 domains to perform 56 HTTP transactions.
The main IP is 20.190.160.69, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is ajaxfans.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2021. Valid for: a year.
This is the only time ajaxfans.b2clogin.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2021. Valid for: a year.
This is the only time ajaxfans.b2clogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
4
18.158.229.223
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-229-223.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-229-223.eu-central-1.compute.amazonaws.com
| tickets.ajax.nl |
2
20.190.160.69
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| ajaxfans.b2clogin.com |
8
52.239.142.164
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| ajaxsso.blob.core.windows.net |
3
23.213.161.26
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-26.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-26.deploy.static.akamaitechnologies.com
| ajaxssocdn.azureedge.net |
6
143.204.98.76
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
| cdn-eu.dynamicyield.com | |
| static.hotjar.com |
1
142.250.185.232
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
| www.googletagmanager.com |
2
142.250.184.202
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
| fonts.googleapis.com |
2
143.204.98.15
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-15.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-15.fra50.r.cloudfront.net
| st-eu.dynamicyield.com |
4
142.250.184.227
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
| fonts.gstatic.com |
3
142.250.185.110
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
| www.google-analytics.com |
9
2.16.186.163
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com
| cdn.livechatinc.com | |
| api.livechatinc.com | |
| secure.livechatinc.com | |
| accounts.livechatinc.com |
3
185.60.216.19
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
| connect.facebook.net |
3
185.60.216.35
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
| www.facebook.com |
1
143.204.98.111
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
| www.dwin1.com |
1
143.204.98.104
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
| script.hotjar.com |
1
143.204.98.123
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
| vars.hotjar.com |
1
173.194.76.157
(United States)
ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
| stats.g.doubleclick.net |
1
54.78.108.238
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
| in.hotjar.com |
1
185.60.216.6
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
PTR: edge-atlas-shv-01-frx5.facebook.com
ASN32934 (FACEBOOK, US)
PTR: edge-atlas-shv-01-frx5.facebook.com
| cx.atdmt.com |
1
18.194.142.154
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-142-154.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-142-154.eu-central-1.compute.amazonaws.com
| px-eu.dynamicyield.com |
| Domain | Requested by | |
|---|---|---|
| 8 | ajaxsso.blob.core.windows.net |
ajaxfans.b2clogin.com
ajaxsso.blob.core.windows.net |
| 5 | cdn-eu.dynamicyield.com |
ajaxfans.b2clogin.com
st-eu.dynamicyield.com |
| 4 | cdn.livechatinc.com |
ajaxfans.b2clogin.com
secure.livechatinc.com |
| 4 | fonts.gstatic.com |
fonts.googleapis.com
|
| 4 | tickets.ajax.nl | 4 redirects |
| 3 | api.livechatinc.com |
cdn.livechatinc.com
|
| 3 | www.facebook.com | 1 redirects |
| 3 | connect.facebook.net |
ajaxfans.b2clogin.com
connect.facebook.net |
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | ajaxssocdn.azureedge.net | |
| 2 | st-eu.dynamicyield.com |
ajaxfans.b2clogin.com
|
| 2 | fonts.googleapis.com |
ajaxsso.blob.core.windows.net
secure.livechatinc.com |
| 2 | maxcdn.bootstrapcdn.com |
ajaxfans.b2clogin.com
maxcdn.bootstrapcdn.com |
| 2 | ajaxfans.b2clogin.com |
ajaxfans.b2clogin.com
|
| 1 | accounts.livechatinc.com |
cdn.livechatinc.com
|
| 1 | px-eu.dynamicyield.com |
cdn-eu.dynamicyield.com
|
| 1 | cx.atdmt.com | |
| 1 | in.hotjar.com |
script.hotjar.com
|
| 1 | www.google.de | |
| 1 | www.google.com | |
| 1 | secure.livechatinc.com |
cdn.livechatinc.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | vars.hotjar.com |
static.hotjar.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | www.dwin1.com |
www.googletagmanager.com
|
| 1 | static.hotjar.com |
ajaxfans.b2clogin.com
|
| 1 | www.googletagmanager.com |
ajaxfans.b2clogin.com
|
| 56 | 27 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| mijn.ajax.nl |
| www.ajax.nl |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| graph.windows.net DigiCert SHA2 Secure Server CA |
2021-08-17 - 2022-08-17 |
a year | crt.sh |
| *.blob.core.windows.net Microsoft RSA TLS CA 01 |
2021-09-04 - 2022-09-04 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
| *.azureedge.net DigiCert SHA2 Secure Server CA |
2020-11-21 - 2021-11-30 |
a year | crt.sh |
| *.dynamicyield.com Amazon |
2020-10-11 - 2021-11-12 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| livechat.com DigiCert SHA2 Secure Server CA |
2021-04-20 - 2022-04-25 |
a year | crt.sh |
| *.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-09 - 2021-12-08 |
3 months | crt.sh |
| *.dwin1.com Amazon |
2020-12-04 - 2022-01-02 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| *.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2021-08-22 - 2021-11-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/authorize?client_id=30cd035e-4190-4ce0-a11d-54847831875a&response_type=code&scope=openid+30cd035e-4190-4ce0-a11d-54847831875a+offline_access&state=e0818c54-a412-4856-9506-c98634802534%3Btickets.ajax.nl&redirect_uri=https%3A%2F%2Ftickets.ajax.nl%2Faccount%2Fsocial-login%2FOIDC&display=popup
Frame ID: 06A29E4C29B6522392BBA2D3FF48CDF1
Requests: 47 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: CB20E196740A893BD7B1E9FC115CBE71
Requests: 1 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/customer/action/open_chat?license_id=8926289&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 7306FC315BDDC7AD245C92BC31A38787
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Inloggen | Mijn AJAXPage URL History Show full URLs
-
https://tickets.ajax.nl/
HTTP 302
https://tickets.ajax.nl/secured/content HTTP 302
https://tickets.ajax.nl/account/login HTTP 302
https://tickets.ajax.nl/account/social-login/check?mode=login&provider=OIDC&showLoggedInMenuOutsideA... HTTP 302
https://ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/authorize... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
LiveChat
(Live Chat)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.livechatinc\.com/.*tracking\.js
AWIN
(Affiliate programs)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- dwin1\.com
Dynamic Yield
(A/B Testing)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://mijn.ajax.nl/
Search URL Search Domain Scan URL
URL: https://www.ajax.nl/meer/disclaimer/
Title: Disclaimer
Title: Disclaimer
Search URL Search Domain Scan URL
URL: https://www.ajax.nl/meer/privacy/
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.ajax.nl/fans/contact/
Title: Contact
Title: Contact
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tickets.ajax.nl/
HTTP 302
https://tickets.ajax.nl/secured/content HTTP 302
https://tickets.ajax.nl/account/login HTTP 302
https://tickets.ajax.nl/account/social-login/check?mode=login&provider=OIDC&showLoggedInMenuOutsideAccount=false&fromOutsideAccount=false&showManageSeasonTicketsBox=false&displayOptionsInAccountMenu=true&displayTicketsInAccountMenu=true&isAliasManagementEnabled=false&scopePath=list&displayViewProductsMenu=true&showOnlineExchangeLink=false HTTP 302
https://ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/authorize?client_id=30cd035e-4190-4ce0-a11d-54847831875a&response_type=code&scope=openid+30cd035e-4190-4ce0-a11d-54847831875a+offline_access&state=e0818c54-a412-4856-9506-c98634802534%3Btickets.ajax.nl&redirect_uri=https%3A%2F%2Ftickets.ajax.nl%2Faccount%2Fsocial-login%2FOIDC&display=popup Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 45- https://www.facebook.com/tr/?id=2212273755657574&ev=PageView&dl=https%3A%2F%2Fajaxfans.b2clogin.com%2Fajaxfans.onmicrosoft.com%2Fb2c_1a_signuporsigninwithkmsi%2Foauth2%2Fv2.0%2Fauthorize%3Fclient_id%3D30cd035e-4190-4ce0-a11d-54847831875a%26response_type%3Dcode%26scope%3Dopenid%2B30cd035e-4190-4ce0-a11d-54847831875a%2Boffline_access%26state%3De0818c54-a412-4856-9506-c98634802534%253Btickets.ajax.nl%26redirect_uri%3Dhttps%253A%252F%252Ftickets.ajax.nl%252Faccount%252Fsocial-login%252FOIDC%26display%3Dpopup&rl=&if=false&ts=1631850846144&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=29&fbp=fb.1.1631850846142.1696079244&it=1631850845907&coo=false&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=14041187752878894966&f=AYww0w_jFQv-hbBJQcU7BOtIDzdu9_1Y6-C93IamsVoMzlD9IVMCVQb_ZR1u8ifhiZqPF4gpHw7L9SIADdWciayv&id=2212273755657574&l=3&v=0
56 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
authorize
ajaxfans.b2clogin.com/ajaxfans.onmicrosoft.com/b2c_1a_signuporsigninwithkmsi/oauth2/v2.0/ Redirect Chain
|
44 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-bundle-1.10.2.min.js
ajaxfans.b2clogin.com/static/bundles/ |
100 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.html
ajaxsso.blob.core.windows.net/web/ssoweb/ |
6 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.min.css
ajaxsso.blob.core.windows.net/web/assets/css/ |
35 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.svg
ajaxsso.blob.core.windows.net/web/assets/images/ |
20 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ziggo-adidas-footer.png
ajaxssocdn.azureedge.net/web/ssoweb/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sub-sponsoren-1.png
ajaxssocdn.azureedge.net/web/ssoweb/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xxx-kruizen.png
ajaxssocdn.azureedge.net/web/ssoweb/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api_dynamic.js
cdn-eu.dynamicyield.com/api/9876953/ |
636 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api_static.js
cdn-eu.dynamicyield.com/api/9876953/ |
287 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
145 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
st
st-eu.dynamicyield.com/ |
60 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
facebook.svg
ajaxsso.blob.core.windows.net/web/assets/images/ |
371 B 993 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
google.svg
ajaxsso.blob.core.windows.net/web/assets/images/ |
989 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
linkedin.svg
ajaxsso.blob.core.windows.net/web/assets/images/ |
359 B 981 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sansation_regular-webfont.woff2
ajaxsso.blob.core.windows.net/web/assets/fonts/ |
13 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sansation_light-webfont.woff2
ajaxsso.blob.core.windows.net/web/assets/fonts/ |
13 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracking.js
cdn.livechatinc.com/ |
85 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-1194312.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api_dynamic.js
cdn-eu.dynamicyield.com/api/9876953/ |
636 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api_static.js
cdn-eu.dynamicyield.com/api/9876953/ |
287 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tr
www.facebook.com/ |
44 B 426 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
22105.js
www.dwin1.com/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dy-coll-nojq-min.js
cdn-eu.dynamicyield.com/scripts/1.28.3/ |
106 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ |
249 B 452 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
st
st-eu.dynamicyield.com/ |
60 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
2212273755657574
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ |
221 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame CB20 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 467 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_configuration
api.livechatinc.com/v3.3/customer/action/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1876783805768481
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
open_chat
secure.livechatinc.com/customer/action/ Frame 7306 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_localization
api.livechatinc.com/v3.3/customer/action/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1194312/ |
147 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
43 B 571 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
clog
px-eu.dynamicyield.com/ |
0 228 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
css
fonts.googleapis.com/ Frame 7306 |
5 KB 709 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0.302b0b12.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7306 |
175 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3.758973a2.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7306 |
204 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe.41153d18.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7306 |
464 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 7306 |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 7306 |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
token
accounts.livechatinc.com/customer/ Frame 7306 |
138 B 909 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer object| $cors object| $i2e object| $element boolean| pageReady object| Handlebars boolean| contentReady object| dataLayer boolean| bodyReady object| DYO object| DY object| _dy_memStore object| DYJSON object| DYExps object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __lc function| hj object| _hjSettings function| fbq function| _fbq object| meta1 object| meta2 object| meta3 object| meta4 object| meta5 object| meta6 object| meta7 object| meta8 object| DYWork function| $dy object| AWIN boolean| __lc_inited object| LC_API object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .accounts.livechatinc.com/customer | Name: __lc_cid Value: f8f7608d-6b53-467f-5f57-3c51d77d21e6 |
|
| .accounts.livechatinc.com/customer | Name: __lc_cst Value: 48262af94330929f8ce4ceef62c5d87f3faf16efd83ac0225792633bd7213521864e03a96f223d8a043017361153c224218ee431a8c883a41737333e3acc |
|
| .ajax.nl/ | Name: AcpAT-v3-q-AJAX Value: IA-p1pkpbox2a-3d9ffefbc9d843a58e23d19d392794389435a40869d1dd1fbc3ab24267c774eac389e2485df8eb595f2de9391eb2db2cc949e64c4fd6944621b87a2a61b609af |
|
| tickets.ajax.nl/ | Name: STX_SESSION Value: MGU2NjI1ZDQtNmU3Ni00YjAxLTllZDMtYzE0N2EyZTIxMzFi |
|
| tickets.ajax.nl/ | Name: lang Value: nl |
|
| tickets.ajax.nl/ | Name: SERVERID-BE-INTERNET1-9050 Value: ee8401c9eca778912ad82727d1a4c10c |
|
| .ajaxfans.b2clogin.com/ | Name: x-ms-cpim-csrf Value: SWVKTjlPM0x2bW5XTld4TmVhek5oQ1FRYlAybDhOYU4rcDBHYjlSMUluMndqRkFhSkNNQVNzZTkxakJCQkxDOVk5YlJoeVdiVldJOU90QTBvSXphVHc9PTsyMDIxLTA5LTE3VDAzOjU0OjA1LjI0MjI1MzdaO052SWU2b0cxRW8rd3JheW0yMGgveVE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ== |
|
| .ajaxfans.b2clogin.com/ | Name: x-ms-cpim-cache|wwwcjd6hc0y0mtrvh9vosw_0 Value: m1.jchRRfjtVS2Uisoc.Rzy2BpfVm0FM4Ox3NovPaQ==.0.fKZfgZLSEVT1yC2hAbsy2t09mlEGyAA4V9jsmsePSG8diMhZz9eQqRAiQg/5XR+103rdUAtCDXjLId2LUhTCZpqpJsdxRNEwjF26zTnx22cYSAwwzYBxB579IW05UPSAuOVAUFdBh8rLIwF9fejIMR1fvRlI9HeuwKrJFq36jqtZcti/Ks+HFWwHY1SFRJvWa9xaX1dUGQIfSK4hWoMd8DdrYk4l6dYSM0u48cJM+8BFxFF0ziuRWInXI6PPw2VKtS5ccO48Oj7RtNb9IaWdvVZ1luzF7sh5/rfSuMTt5ujfWpjbKYUXOGJKB3oealUHfwU9Xho6v6JSP9CR29U/UOMggTnaQ7xNfjPDM1FK6n1pjT+Zh8UL6SuUH5LpJqI1283iW1NZF2NoM1l43do70BcyYtBGR2pG6gcstjxVb1dddBRlYeYJ6CS2pmD0IifCOADnJb5JuvEMoEzL9vhCDa3+OoUaEXkqc9lSJ2l7W5MJOkcegsNCYj7wdRHkwqrtAmdgDF4tMALx2r1E64eNEonAH6ODXQYsu7nBLgekf65cPV3E4t50obQVtMI3DyDImJZwDg3Bg7oLIkscy3Ii95zpaVBpZ4LjIe8SGrU3FaGq8CYDBla0r+pGCYKLfDCh5SuZf8kYx1WDswLVL1HxOFjcbqv8dbZskn12N+c0tUSd |
|
| .ajaxfans.b2clogin.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjI0MWM2YzU5LTg3M2UtNGMwYi1iNDlhLWQ0NmYxZmQ1NjhiMyIsIlQiOiJhamF4ZmFucy5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFhX3NpZ251cG9yc2lnbmlud2l0aGttc2kiLCJDIjoiMzBjZDAzNWUtNDE5MC00Y2UwLWExMWQtNTQ4NDc4MzE4NzVhIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6IjI0MWM2YzU5LTg3M2UtNGMwYi1iNDlhLWQ0NmYxZmQ1NjhiMyJ9 |
|
| .b2clogin.com/ | Name: _dyjsession Value: acufem9astcc6xskeu7h2mzijhnmnm5j |
|
| .b2clogin.com/ | Name: dy_fs_page Value: ajaxfans.b2clogin.com%2Fajaxfans.onmicrosoft.com%2Fb2c_1a_signuporsigninwithkmsi%2Foauth2%2Fv2.0%2Fauthorize%3Fclient_id%3D30cd035e-4190-4ce0-a11d-54847831875a%26response_type%3Dcode%26scope%3Dopenid%2B30cd035e-4190-4ce0-a11d-54847831875a%2Boffline_access%26state%3De0818c54-a412-4856-9506-c98634802534%253btickets.ajax.nl%26redirect_uri%3Dhttps%253a%252f%252ftickets.ajax.nl%252faccount%252fsocial-login%252foidc%26display%3Dpopup |
|
| .b2clogin.com/ | Name: _dy_csc_ses Value: acufem9astcc6xskeu7h2mzijhnmnm5j |
|
| .b2clogin.com/ | Name: _dy_c_exps Value: |
|
| .b2clogin.com/ | Name: _gcl_au Value: 1.1.1191965203.1631850846 |
|
| .dynamicyield.com/ | Name: DYID Value: -252200636903059107 |
|
| .b2clogin.com/ | Name: _dycnst Value: dg |
|
| .b2clogin.com/ | Name: _ga Value: GA1.2.1803352178.1631850846 |
|
| .b2clogin.com/ | Name: _gid Value: GA1.2.611101910.1631850846 |
|
| .b2clogin.com/ | Name: _gat_UA-7192535-11 Value: 1 |
|
| .b2clogin.com/ | Name: _dyid Value: -252200636903059107 |
|
| .b2clogin.com/ | Name: _dyfs Value: 1631850845947 |
|
| .b2clogin.com/ | Name: _dycst Value: dk.w.c.ws. |
|
| .b2clogin.com/ | Name: _dy_geo Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main |
|
| .b2clogin.com/ | Name: _dy_df_geo Value: Germany..Frankfurt%20am%20Main |
|
| .b2clogin.com/ | Name: _dy_toffset Value: 0 |
|
| .b2clogin.com/ | Name: _dy_soct Value: 1020159.1036014.1631850845*1024037.1043608.1631850845.acufem9astcc6xskeu7h2mzijhnmnm5j*1051115.1125024.1631850845*1052835.1129999.1631850845.acufem9astcc6xskeu7h2mzijhnmnm5j |
|
| .b2clogin.com/ | Name: _hjid Value: e62d3677-d18e-4486-85d5-8bbc62ad7c4a |
|
| .b2clogin.com/ | Name: _hjFirstSeen Value: 1 |
|
| ajaxfans.b2clogin.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
| .b2clogin.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
| ajaxfans.b2clogin.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
| .b2clogin.com/ | Name: _fbp Value: fb.1.1631850846142.1696079244 |
|
| .facebook.com/ | Name: fr Value: 0C2MyyFCwfAn2r7Il..BhRBFd..GFE.1.0.BhRBFd. |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
ajaxfans.b2clogin.com
ajaxsso.blob.core.windows.net
ajaxssocdn.azureedge.net
api.livechatinc.com
cdn-eu.dynamicyield.com
cdn.livechatinc.com
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
maxcdn.bootstrapcdn.com
px-eu.dynamicyield.com
script.hotjar.com
secure.livechatinc.com
st-eu.dynamicyield.com
static.hotjar.com
stats.g.doubleclick.net
tickets.ajax.nl
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.18.10.207
142.250.184.202
142.250.184.227
142.250.185.110
142.250.185.232
142.250.186.36
143.204.98.104
143.204.98.111
143.204.98.123
143.204.98.15
143.204.98.76
172.217.23.99
173.194.76.157
18.158.229.223
18.194.142.154
185.60.216.19
185.60.216.35
185.60.216.6
2.16.186.163
20.190.160.69
23.213.161.26
52.239.142.164
54.78.108.238
02a4083af5cb1856607f087c2f480ba5bdec5956d5d6d6707c4d359cbb336142
043a4158f2c6fd6892ed67ced373e1f555b8d7612405609e15eab0c9e4a850a3
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0ff87851b2d385f72aa059575d66413386bcb1f6113e175f8bcc4bb5a5975e69
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
185642d210d001352689619f89ae1e181af09d7fe826befbf5c1977b72984222
1c8f490d6b8706028dba18e97f618b337b777a1335c5ec830de27b9f8769ece4
2a7236fe9fdb1692b27630530f143a2295d4ead47fcc0bcfe8d459831e03843a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
35f9b86805f2a2897e9fe0ccc15b3027bb3baa23a713340153a0bf3ec6b4f025
3c26937dfbc9782b9b2e76a889e0c663229f7dccec7ef252030c87fafb108425
45dff207f0f3e47e2ee84320c14f3de7439a529e3104b350e0062ce868c087bb
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5984f71f64769d2ab859582b3795b7de9b457a340bf9e3eb116ae5fdb07e6df8
5a27875ba6c2114916fcc669b0650c8ca0a89729f561f77735d23528c2a8e073
6067ae4827a1c04af690b928da2eec7715e42ad9091b268536234ac68a6d8b6b
63508872396bf73c75a08b9513228b07a032a0ad55db59aa37e1718d60909594
64a5b0da9850296d3cbf173bb49b3104b6428024bb1ae1449ba9df054350a8cb
6558031315a54e23bf79c666e4f320b2c97bd0efc59f77ee49902abc5ce20389
7380538fc26226c152dca442e8c6b233811af4796a3c40d3670c2e9ecf7aed41
786a42ee47df089d45ea6f2295d9b456d0ce2eb6b2fb5c92436d931f223777ab
78fa58614059f1feeda3fbaeac904054e1173cd0c6f738e5a86280087ed41227
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7de8d1369b3f2922a403b0d61f3ed9f48a7333bcdcd0e4b2e5625ff5c9b353d5
80126ef813bc7d0b530f788343b9c79a8beb5926f765e2d8d102d23ee62883a8
81be5700cf60ff2e48bad45d74f42149d9541f16fab053f630d6802f67be9932
824ef6ac21b5de07798ec6a5e42cda63ec13fc5b4ac01475488b0580eaa72873
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8ad0b86f5b0ffe3169ee6e2c90351d76d84f3450348b4a51b977f3c88d64ed14
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8cdf8843829889ef41195c3243183958e9edaeeb41438869908951f077e985f8
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
97ab40aa066e94a16e84331a73ab01a52b43db496b64e9f5217ae372b66377dd
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
b6c3c0dde6462d5d4d4c2fbfc13518e170e55063773b0bb26a58889f74fde90e
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
c68424d0ad9710ed4c049adfc60fd10c606238c5d995fb9ecfd4de65d6c5a251
d0a5c4680cf460dfc77bd16f547ee0a825e47bcecf8db72c8c50b7a67dfa74e0
d0bec8fe3820dc844fe88b6dd299ed138936b62bdc5d8c3541645d5d0ddff38d
d86fc988dc9c04f24751da752ca3695209e7c03d4db1da79fd04bd9b569e1c7d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0c339b030f12c868139bac87d7e9c711eab6b9c5828a34455ca90342c30992
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f909d11f59e5cc15b1280872a20716c5e35f4cda5cc34f3b37434af5778eb186
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62