kiosk.news
Open in
urlscan Pro
91.90.155.53
Public Scan
Effective URL: https://kiosk.news/?vp=280&uvp=005
Submission: On June 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.
This is the only time kiosk.news was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 103.224.182.210 103.224.182.210 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 5 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 | 78.46.197.88 78.46.197.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 157.90.169.168 157.90.169.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 2 | 2a02:cb40:200... 2a02:cb40:200::242 | 20546 (SOPRADO-ANY) (SOPRADO-ANY) | |
1 47 | 91.90.155.53 91.90.155.53 | 41412 (MIVITEC-AS) (MIVITEC-AS) | |
1 | 216.58.212.130 216.58.212.130 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
58 | 9 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com
steamcommuniry.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me |
ASN41412 (MIVITEC-AS, DE)
PTR: server4753.mivitec.net
kiosk.news | |
exm-medien.de |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
kiosk.news
1 redirects
kiosk.news |
1 MB |
15 |
exm-medien.de
exm-medien.de |
1 MB |
5 |
1redirc.com
1 redirects
1redirc.com — Cisco Umbrella Rank: 123533 |
8 KB |
2 |
adcell.com
1 redirects
t.adcell.com — Cisco Umbrella Rank: 44120 |
22 KB |
2 |
lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 405135 |
864 B |
2 |
steamcommuniry.com
2 redirects
steamcommuniry.com |
2 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 5448 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126 |
17 KB |
1 |
clever-redirect.com
clever-redirect.com |
672 B |
58 | 11 |
Domain | Requested by | |
---|---|---|
32 | kiosk.news |
1 redirects
lookandfind.me
kiosk.news |
15 | exm-medien.de |
kiosk.news
exm-medien.de |
5 | 1redirc.com |
1 redirects
1redirc.com
|
2 | t.adcell.com |
1 redirects
kiosk.news
|
2 | lookandfind.me |
clever-redirect.com
|
2 | steamcommuniry.com | 2 redirects |
1 | www.google.de |
kiosk.news
|
1 | www.google.com |
kiosk.news
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
kiosk.news
|
1 | clever-redirect.com |
1redirc.com
|
58 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
aboclub.de |
ec.europa.eu |
www.kiosk.news |
www.support.google.com |
www.google.com |
www.google.de |
www.adcell.de |
www.belboon.com |
www.de.rapidmail.wiki |
www.rapidmail.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tracker.clever-redirect.com R3 |
2022-06-06 - 2022-09-04 |
3 months | crt.sh |
lookandfind.me R3 |
2022-05-03 - 2022-08-01 |
3 months | crt.sh |
kiosk.news R3 |
2022-05-25 - 2022-08-23 |
3 months | crt.sh |
exm-medien.de R3 |
2022-06-21 - 2022-09-19 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
adcell.com Certum Domain Validation CA SHA2 |
2021-09-20 - 2022-09-20 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kiosk.news/?vp=280&uvp=005
Frame ID: 3DD91DC491F84C1609D4F5DE4F2619F9
Requests: 58 HTTP requests in this frame
Screenshot
Page Title
⭐ kiosk.news | Zeitschrift 1 Jahr frei Haus + Prämie ⭐Page URL History Show full URLs
-
http://steamcommuniry.com/
HTTP 302
https://steamcommuniry.com/ HTTP 302
http://1redirc.com/r2.php?e=mZn1x4IE7Pp3el3j9%2F1M7n49fkNjOHJpdWNUY2hEcGZiY2M4YkFxa0RkSWxRVU5HZ... Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D14747...
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1474711399&sid=20220624231751289d54f9f6710a58ba Page URL
- https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kiosk.news&s1=721614&s2=&s... Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FpromoId%3D147862%26slotId%3D9... Page URL
-
https://t.adcell.com/p/click?promoId=147862&slotId=96812&subId=aba96d740bef26fe3310370e8de326ca
HTTP 302
http://kiosk.news/?vp=280&uvp=005 HTTP 301
https://kiosk.news/?vp=280&uvp=005 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
SWFObject (Miscellaneous) Expand
Detected patterns
- swfobject.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: http://ec.europa.eu/consumers/odr/
Search URL Search Domain Scan URL
Title: www.kiosk.news
Search URL Search Domain Scan URL
Title: www.support.google.com/analytics/answer/6004245?hl=de
Search URL Search Domain Scan URL
Title: www.support.google.com/ads/answer/2662922?hl=de
Search URL Search Domain Scan URL
Title: www.google.com/settings/ads/plugin
Search URL Search Domain Scan URL
Title: www.google.com/privacy/ads/
Search URL Search Domain Scan URL
Title: www.google.de/policies/privacy/
Search URL Search Domain Scan URL
Title: www.adcell.de/news/meldungen/dsgvo/datenschutz-grundverordnung-bei-adcell
Search URL Search Domain Scan URL
Title: www.belboon.com/de/ueber-uns/datenschutz/
Search URL Search Domain Scan URL
Title: www.de.rapidmail.wiki/kategorien/statistiken/
Search URL Search Domain Scan URL
Title: www.de.rapidmail.wiki/files/adv/muster-auftragsdatenverarbeitung.pdf
Search URL Search Domain Scan URL
Title: www.rapidmail.de/datensicherheit
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://steamcommuniry.com/
HTTP 302
https://steamcommuniry.com/ HTTP 302
http://1redirc.com/r2.php?e=mZn1x4IE7Pp3el3j9%2F1M7n49fkNjOHJpdWNUY2hEcGZiY2M4YkFxa0RkSWxRVU5HZGxsOWhCTWxCMkdjWWI1RGdZdmNYaCtnSDFiNkluaGlZaGQrK1NLeHZMdUs1L1d6QVZJdmNSZjF2b1lCNGtUWHovbjlUckcwdXdxQ293NERNT0tmdXdHSlQ0ZCtRemdpT24zaVM4NU4vM2Y5OWVYUnRLOEVUMzMxYnpHdjdkcTNGLzdmN015QW9WR2J2LzNCQW42a0xlbXdPRmgySmpRL1NrTWJ3NE43NkNtbHo4azhZaTlEZURNSFlqblpESG10ZlZ2SmFtK1k5blh0M3JIY1N0YmJJbTdwcDdRWFNWOHNMZEwvNnlNRm5tM0o0YnJnQzJVNUdqa2tKWHA4dUpjUEwyNEE4UUtVQ3Y3R2lqYjVyQlFyZWhlTXE0am1lc0JHcnVHR2dFbDVOZy9FZysrN3pRS2xuUklGM3ZQaVBmMjAwQ1IvelljMnIySjlCRlhLc1hsblRpU2NMT0FqQ3c1SUtWbFA0QWsrU1N3WUVyQ0RHS1A5eGlMOHlaVVNUNExIUDZBRUxlcC9UNDJSZk85dW1wZ0swZElYd1BJTEp3QU95T0dCK0ZVWU05dnNkWEx1TUlSc25aK1ZJenhEUS9iS1AwNElqc1dkcWw2bUV4ek93UXphdzhBd0dLcHl6SWgybDU1VnZlSHFHQ1BPRXVIUkUvc2ExeEtJMmlQY3ZWUnFIN0d6dk1OcDcxWWExbWhvVTVZNlg4ZHpzVnhhc3MxNHVvcFN1SVRtcWhWR213NHRzcUZNQmtXZU41dG9UZW8wY2Vhd0VlcWNkdkg3QkhINDdPbXNvTGxFOFB3QzE1RnJGeWpLaVRCVmNyS0pFbVZJQkVpbWRuVTFRUktmenVxZVNoTnFpVGQ2ZzBpUzdIZVlKWVRaOWlTK1JWZHorNWJjQnBGQXZ1RVBoSmp1bDJ1bDNwbnJXSlkyZzJMZ2VxVDdyS2pQaHVBc0IyWm80NWZjL2ZVY1NhN2Njdm9CSGxJWVRHeQ%3D%3D Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1474711399%26sid%3D20220624231751289d54f9f6710a58ba&s=j&enc=ONAVIyE%2FbYzg0UUhhFSV1349fmZiNVEyZHdXbEkwRkMzYmZMWXNWL0NTbEVPR2E3ZzZSZnV0TlRGRXZWSFFBTVpkRDkxVVMzQ29TUkNOR2N6WkpyY1M4eEhKcU96RVNtRVZBZUx4MlNPMHlsa2tVTFlNVnR6Q2pyOUxYdWpvcTNJdDF6bm96QkMzbTRSTEIwQzVyRlBJUGRtdjFPVEVjQm1IVTNQKzVDb0dBV1FNUE16Qm93VGwvS0JjOXRjV2JEU21SV1VCUXhHclk2WWhJVWtZdmRPdEV6MjBaZmtYTTZ5a1NzdTFuZkdwN2NqdDVNSFBINUhHc01SdkVnQ0dneUZDT0U3NExUay9sQk9WMXhKQTNtNDQyWjRIdE9CcXFNYlZSZUdaOHdjaktFK01TWXBWOTZiUWZzcGkwcHNTaS93QjVWSmJFZHlQUFNTRTBLc210QzM5TTdwbzVnWEtDWWo4a0JJb0FEQ1RhaEF4ZEJra3NtVXNoWUNQc09jVEhIM2JZa3ZnaE5kQmQ4Q2NFK3RkMTZWYjh5Z051am5US085WFE2SEFKZm1IYmdva3lWVlpjbEttenhWZkI4RTh6L1oxM1lhZi9sS3ZlRFV2b1BtWWpna1RDUHZGamUwRDNpVnRXSVFIQWdGRGNTS1BMYUY0eDZOcjZYeXhxdzB0cW1qWlRzQmhPVTdPOVBpdTVnUDkyUnQ4TjNabHVOSnNxR29aVENPYU1YL1JRZkJaYmlBV0lISnNteExUWTNFNUdGZnNhMEVLV3BKcWVvMlk2N2pXbktkcjNpc0lLRzIrY1BMVDU0ZUhpVW1XbGQ2MC9Pd0NSNzU0clBzTGc4OUFyMmZWNzZlaTlHM0l2NXN2a28ydGtiN09ZYjYxUm52V3lseU9MSExwTjZmQXFVS0NMOW90SVhyeG9VMjdNYkN1TXRsK0c0NStoRDJxY2dWZGF1Ry9kK2dGRlNPcHduQk8xTXdUeEczTnNibTVnNGdZclNjR3dZMjhJWUdJWEZLRUpzY0NoMlFIS0VEeUlRMnVvVEpMZjlCZ0haa2t4Q1p3RFJUWDlBVFZMekk0Sm9HNGJYNEJTb1pKeTNFeTBwUzVKM0lrVUNJTDkyVkNIQld3OGpkUzZtdXNndE8zYytRUGluU3pKSzlSc1pOTkk4Snhja0xxbjg2bXBXQk0zSEhjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1474711399&sid=20220624231751289d54f9f6710a58ba Page URL
- https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kiosk.news&s1=721614&s2=&s3=1474711399&s5=wc Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FpromoId%3D147862%26slotId%3D96812%26subId%3Daba96d740bef26fe3310370e8de326ca&h=dee6f4024bcf9ec43553ecb9c2c235ab Page URL
-
https://t.adcell.com/p/click?promoId=147862&slotId=96812&subId=aba96d740bef26fe3310370e8de326ca
HTTP 302
http://kiosk.news/?vp=280&uvp=005 HTTP 301
https://kiosk.news/?vp=280&uvp=005 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://steamcommuniry.com/ HTTP 302
- https://steamcommuniry.com/ HTTP 302
- http://1redirc.com/r2.php?e=mZn1x4IE7Pp3el3j9%2F1M7n49fkNjOHJpdWNUY2hEcGZiY2M4YkFxa0RkSWxRVU5HZGxsOWhCTWxCMkdjWWI1RGdZdmNYaCtnSDFiNkluaGlZaGQrK1NLeHZMdUs1L1d6QVZJdmNSZjF2b1lCNGtUWHovbjlUckcwdXdxQ293NERNT0tmdXdHSlQ0ZCtRemdpT24zaVM4NU4vM2Y5OWVYUnRLOEVUMzMxYnpHdjdkcTNGLzdmN015QW9WR2J2LzNCQW42a0xlbXdPRmgySmpRL1NrTWJ3NE43NkNtbHo4azhZaTlEZURNSFlqblpESG10ZlZ2SmFtK1k5blh0M3JIY1N0YmJJbTdwcDdRWFNWOHNMZEwvNnlNRm5tM0o0YnJnQzJVNUdqa2tKWHA4dUpjUEwyNEE4UUtVQ3Y3R2lqYjVyQlFyZWhlTXE0am1lc0JHcnVHR2dFbDVOZy9FZysrN3pRS2xuUklGM3ZQaVBmMjAwQ1IvelljMnIySjlCRlhLc1hsblRpU2NMT0FqQ3c1SUtWbFA0QWsrU1N3WUVyQ0RHS1A5eGlMOHlaVVNUNExIUDZBRUxlcC9UNDJSZk85dW1wZ0swZElYd1BJTEp3QU95T0dCK0ZVWU05dnNkWEx1TUlSc25aK1ZJenhEUS9iS1AwNElqc1dkcWw2bUV4ek93UXphdzhBd0dLcHl6SWgybDU1VnZlSHFHQ1BPRXVIUkUvc2ExeEtJMmlQY3ZWUnFIN0d6dk1OcDcxWWExbWhvVTVZNlg4ZHpzVnhhc3MxNHVvcFN1SVRtcWhWR213NHRzcUZNQmtXZU41dG9UZW8wY2Vhd0VlcWNkdkg3QkhINDdPbXNvTGxFOFB3QzE1RnJGeWpLaVRCVmNyS0pFbVZJQkVpbWRuVTFRUktmenVxZVNoTnFpVGQ2ZzBpUzdIZVlKWVRaOWlTK1JWZHorNWJjQnBGQXZ1RVBoSmp1bDJ1bDNwbnJXSlkyZzJMZ2VxVDdyS2pQaHVBc0IyWm80NWZjL2ZVY1NhN2Njdm9CSGxJWVRHeQ%3D%3D
- http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1474711399%26sid%3D20220624231751289d54f9f6710a58ba&s=j&enc=ONAVIyE%2FbYzg0UUhhFSV1349fmZiNVEyZHdXbEkwRkMzYmZMWXNWL0NTbEVPR2E3ZzZSZnV0TlRGRXZWSFFBTVpkRDkxVVMzQ29TUkNOR2N6WkpyY1M4eEhKcU96RVNtRVZBZUx4MlNPMHlsa2tVTFlNVnR6Q2pyOUxYdWpvcTNJdDF6bm96QkMzbTRSTEIwQzVyRlBJUGRtdjFPVEVjQm1IVTNQKzVDb0dBV1FNUE16Qm93VGwvS0JjOXRjV2JEU21SV1VCUXhHclk2WWhJVWtZdmRPdEV6MjBaZmtYTTZ5a1NzdTFuZkdwN2NqdDVNSFBINUhHc01SdkVnQ0dneUZDT0U3NExUay9sQk9WMXhKQTNtNDQyWjRIdE9CcXFNYlZSZUdaOHdjaktFK01TWXBWOTZiUWZzcGkwcHNTaS93QjVWSmJFZHlQUFNTRTBLc210QzM5TTdwbzVnWEtDWWo4a0JJb0FEQ1RhaEF4ZEJra3NtVXNoWUNQc09jVEhIM2JZa3ZnaE5kQmQ4Q2NFK3RkMTZWYjh5Z051am5US085WFE2SEFKZm1IYmdva3lWVlpjbEttenhWZkI4RTh6L1oxM1lhZi9sS3ZlRFV2b1BtWWpna1RDUHZGamUwRDNpVnRXSVFIQWdGRGNTS1BMYUY0eDZOcjZYeXhxdzB0cW1qWlRzQmhPVTdPOVBpdTVnUDkyUnQ4TjNabHVOSnNxR29aVENPYU1YL1JRZkJaYmlBV0lISnNteExUWTNFNUdGZnNhMEVLV3BKcWVvMlk2N2pXbktkcjNpc0lLRzIrY1BMVDU0ZUhpVW1XbGQ2MC9Pd0NSNzU0clBzTGc4OUFyMmZWNzZlaTlHM0l2NXN2a28ydGtiN09ZYjYxUm52V3lseU9MSExwTjZmQXFVS0NMOW90SVhyeG9VMjdNYkN1TXRsK0c0NStoRDJxY2dWZGF1Ry9kK2dGRlNPcHduQk8xTXdUeEczTnNibTVnNGdZclNjR3dZMjhJWUdJWEZLRUpzY0NoMlFIS0VEeUlRMnVvVEpMZjlCZ0haa2t4Q1p3RFJUWDlBVFZMekk0Sm9HNGJYNEJTb1pKeTNFeTBwUzVKM0lrVUNJTDkyVkNIQld3OGpkUzZtdXNndE8zYytRUGluU3pKSzlSc1pOTkk4Snhja0xxbjg2bXBXQk0zSEhjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
- https://clever-redirect.com/s/r6?s=721614&s3=1474711399&sid=20220624231751289d54f9f6710a58ba
58 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
r2.php
1redirc.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
1redirc.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
1redirc.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
1redirc.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r6
clever-redirect.com/s/ Redirect Chain
|
322 B 672 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
lookandfind.me/s/ |
368 B 535 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r
lookandfind.me/s/ |
300 B 329 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
kiosk.news/ Redirect Chain
|
101 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
kiosk.news/include/css/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.css
kiosk.news/include/css/ |
519 B 544 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_typo_3.0.28.css
kiosk.news/include/css/ |
69 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie-emulation-modes-warning.js
kiosk.news/include/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corefuncs_1.1.js
kiosk.news/include/js/ |
3 KB 943 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
kiosk.news/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
35JahreEXM.png
kiosk.news/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider_default.jpg
kiosk.news/images/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SliderVorschlag2final.JPG
kiosk.news/_pics/ |
306 KB 307 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infoicon.png
kiosk.news/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_full.png
kiosk.news/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_half.png
kiosk.news/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Autozeitung.jpg
exm-medien.de/_pics/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BildderFrau.jpg
exm-medien.de/_pics/ |
143 KB 143 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ChipPlus.jpg
exm-medien.de/_pics/ |
157 KB 157 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ComputerBild.jpg
exm-medien.de/_pics/ |
123 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cosmopolitan.jpg
exm-medien.de/_pics/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
derSpiegel1.jpg
exm-medien.de/_pics/ |
86 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FuerSie.jpg
exm-medien.de/_pics/ |
127 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Focus1.jpg
exm-medien.de/_pics/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
freundin.jpg
exm-medien.de/_pics/ |
130 KB 130 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tvmovie.jpg
exm-medien.de/_pics/ |
167 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vogue1.jpg
exm-medien.de/_pics/ |
101 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zuhausewohnen1.jpg
exm-medien.de/_pics/ |
137 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbildpraemien.jpg
kiosk.news/_pics/ |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbildmonatgeschenkt.jpg
kiosk.news/_pics/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KNZeitschriftenseitenBild.JPG
kiosk.news/_pics/ |
88 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bildgeldpraemie.jpg
kiosk.news/_pics/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_02959c3aa8c7_mbildhotline.jpg
kiosk.news/_pics/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbildhotline.jpg
kiosk.news/_pics/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
kiosk.news/include/js/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
kiosk.news/include/js/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.js
kiosk.news/include/js/ |
641 B 687 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mobile.custom.min.js
kiosk.news/include/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trad.js
t.adcell.com/js/ |
56 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backing_summer.jpg
kiosk.news/include/images/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTSans-Regular.woff
kiosk.news/include/fonts/ |
79 KB 79 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
kiosk.news/include/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTSansBold.woff
kiosk.news/include/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_e04e783f6727_icongeldpraemie.png
kiosk.news/_pics/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_80579d5423f3_icongeschenk.png
kiosk.news/_pics/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stball.png
kiosk.news/include/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconpersbreatung.png
kiosk.news/_pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041444682/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cman_1.01.js
exm-medien.de/cman/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1041444682/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1041444682/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cman_v1.0.0.css
exm-medien.de/cman/include/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsonp.php
exm-medien.de/cman/ |
1 KB 733 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
112 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| SSLserv string| appsw string| servRoot function| DoTriggerAltLieferanschrift function| TriggerAltLieferanschrift function| DoTriggerAltBankverbindung function| TriggerAltBankverbindung function| TriggerFN function| TriggerFNalt function| GetStrassenOfPLZ function| GetStrassenOfAltPLZ function| GetStrassenOfWEPLZ function| DoFillWEwithUserdaten function| FillWEwithUserdaten function| $ function| jQuery object| jQuery111306948270980075004 function| LoadFootOverlayer function| ShowSpezialModal function| ShowHIPOverlayer function| ShowSachWertLayerFromList function| detectIPadOrientation function| SetButtonBText function| MarkPayPalButton function| SelectPaypal function| SelectLS function| onorientationchange object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| Adcell string| linktodsb string| cmanhost boolean| cmanloadjq string| cmansrc object| thiscman boolean| showloading boolean| localtest undefined| isipad undefined| browser undefined| cmanjqsrc undefined| cmanjq function| addCmanCSS function| SendDataToServerAndGet function| urldecode function| LoadCookieSettings function| AcceptAllCookies function| SaveCookieSettings function| CMANCookieLife function| RenderBanner function| setCMANCookieAndReload function| ReloadPage function| setCMANCookie function| ResetCookieSettings function| InitCman object| shpcss undefined| jQuery111306948270980075004_16560766746677 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
steamcommuniry.com/ | Name: __tad Value: 1656076670.3702055 |
|
.1redirc.com/ | Name: __dsnsid Value: 20220624231751289d54f9f6710a58ba |
|
clever-redirect.com/ | Name: 26697f797d71f3f90f619e39e4fa983a Value: 57aeb8e52fb5c8530f7edd5f5b85527278f7f686491d6c0c713d8751f8d343b4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2226697f797d71f3f90f619e39e4fa983a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D |
|
t.adcell.com/ | Name: ADCELLpid5439 Value: 147862-96812-aba96d740bef26fe3310370e8de326ca%23%23%23%23https%3A%2F%2Flookandfind.me%2F%40%40%40%401656076674 |
|
kiosk.news/ | Name: PHPSESSID Value: 95e1qe49vejitoiiq5pm22ap8o |
|
kiosk.news/ | Name: EXMAKTVP Value: 280%7C005 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirc.com
clever-redirect.com
exm-medien.de
googleads.g.doubleclick.net
kiosk.news
lookandfind.me
steamcommuniry.com
t.adcell.com
www.google.com
www.google.de
www.googleadservices.com
103.224.182.206
103.224.182.210
157.90.169.168
216.58.212.130
2a00:1450:4001:810::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a02:cb40:200::242
78.46.197.88
91.90.155.53
047cdff2074a1af21e5b8c1d30b2d7cb99285dc863c942f969d0f426fb7eb95f
0bb254e7877706adbd813fccdcdb1d55d767145af8b923c7d7f59ad90c7eef1f
0bc90eb1dd589b13f55aa679855bbe693962a305ddd1e6665a1d32e55755d2fb
0fbc7000326e72386046c9ba2f834b1f974a6bd2ce8b90fb46427dc4b259fa47
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c110a445c60c784968657723b7ea120c19455bbae460164133df2c8faeff80f
2e576ee1c6859eae80654c6847e4dc21995bd730eb00cc312772d63f390a0bfd
2e5daf6c5da9242d851242f4e0909aaa964020e194440f14abe718425d186929
3184b468597748509039c40b6d99bd06d0dcf5087057f98596ff600b6266d0e3
3cfe28ba0202c9bf4037d3c2fb0298cd4fa613ffd2c22c3e64e4d7fe12d73e4f
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
538556c470907fab4b67254cc937ce2f5b8aae9f898cfaebeb3ad6df57af113f
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea
75df8314d0c2c5b7153babb70c5f9eb6906750401f9ef4bae1b8e9c27c687c8e
77428d850708097d2285cdca68a24a1a102eb031923e994c9b8ad61803d1c13d
77e3bdfb73066e1c7ce07b8e91e81b63380a761919fa65049925a0238fbbdd1c
7a719e02727112bd53e5e3fefe4740f73a8dabec8e8a44a9ee543acf6d23a419
7a9aae1f3b1e870fd2d6a07577155de37b87075cfbb7483bdf9b2de1996276e4
7e0b87967d392ddb9c0eac7a56defc95ad6a0b0ee6fb0091545d4bd3008bd636
7e85ceecd347e033577f0b64f62012e0034c23af7d8fb51d5d5e32d6ad632731
806b37c01d18889b39c12b67f199587528f80f9ad9cbe0f7b565ecb3ba5a94ad
8267b33e30b5bd1e061ece8df851892e3fc5dcdd9e3e5b101dee30d46ab6afe9
82e0fd1f1a48310af6d122a32166740da42f47071f0b49de3991181f8d1dea68
82f77fd74a6df1ea1a672b265a877c210493a42c8e17aaf7c11f6e3069c24e59
847f73da9d5e6a119648a6f6f0dce695be67659d65b3d8ce9e06ac462f2e29cf
94990b508f0b4fb301980797d04cb9cfc847576beb03be96bbcec0c89c1af4bd
9962051fdf992e6be784300202c969dfaaf53c0efabd280190c02816343f2823
9d5fa9ee399bc3d769b792ea0a0b233ca12a4a51ef76c9a8bf68ce561dbb8d5c
a137609d2e5f614f85a1e9a88261bcc532f9efb103345ac91a0102535df40d4b
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a9aaf1d167ebecae115c5021e533cf0bcd954ee5f940942d992da00282300077
aa6e072c2c3f64f22dc3b0b442a8997ace2ea9c7700fbc5b10147ade9e619274
ac97c7964e247c7da9fee0bfad442af844a3d022c64ee464f397cec2b495fd33
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b2d5915ee9cc291cb80eddfd4f038537d44ff2285a17fe6787c02d0879d927f6
b355034756941984d2e514590224cf106d5425982995b83225374b5a1311e59d
b9ceeffc4ca6923e0265885332dfa92aa50de4a40e7b9bc09652f5f1a37e831e
bddad2dc15d0a5016ed509979318e0b5b13d59c1f0b193ff686bb0c5cf710f99
bee848d18f9000a8cc51ce34e8f32a9e7a2f06976a6267549963369c085553e5
c45c7db3790eb4aa35199ae88e87f311e789b3a5a5a2131be6f1cb26f0bab607
c596a440c9d44ff756ce356b68ff9172241e7a14b6e69e9b3efd5be3eccaabc0
c9bed4d660ee222cc542a9a2dcb076d8b566acd7b939fec73fa1824244344e59
ca366473650cc2542ea7de0f8f6decd0e6af5628c5fd9c763ac848574845450b
d745cc39b73599b17691012134c397b11555812c48fa7c57c167cb2515b79a10
eb5e1e6e7d59f52530d1901ecb043286d9f61af1323aa0e40ad543f77ca7841f
ec2bf02abff74659b9d8198a4a7e4d74909e4be8132657fcf33632f632e663e2
edf55bbaa8ce6aeed6f25a261ecbb5fe154d112119731b44f48e1c6838735c68
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
fbd17bf93ec5be4d253c6b7b0ee28beae1d6c4bb709ab861ae42bb923fb61e99
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c