www.opinionworld.ch
Open in
urlscan Pro
2600:9000:20ae:8600:1c:a3f5:1f00:93a1
Public Scan
Submitted URL: https://opinionworld.ch/
Effective URL: https://www.opinionworld.ch/
Submission: On October 09 via api from CH — Scanned from CH
Effective URL: https://www.opinionworld.ch/
Submission: On October 09 via api from CH — Scanned from CH
Summary
This website contacted 21 IPs
in 4 countries
across 17 domains to perform 65 HTTP transactions.
The main IP is 2600:9000:20ae:8600:1c:a3f5:1f00:93a1, located in
United States and
belongs to AMAZON-02, US.
The main domain is www.opinionworld.ch.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 25th 2024. Valid for: a year.
This is the only time www.opinionworld.ch was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M02 on April 25th 2024. Valid for: a year.
This is the only time www.opinionworld.ch was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
15.197.227.85
(United States)
ASN16509 (AMAZON-02, US)
PTR: a5cb21770000cfb11.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a5cb21770000cfb11.awsglobalaccelerator.com
| opinionworld.ch |
8
2600:9000:20ae:8600:1c:a3f5:1f00:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| www.opinionworld.ch |
17
18.66.192.119
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-119.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-119.muc50.r.cloudfront.net
| darwin-assets.dynata.com |
2
34.199.194.98
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-194-98.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-194-98.compute-1.amazonaws.com
| goggles.mw.dynata.com |
1
3.5.30.59
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
| upp-public.s3.amazonaws.com |
1
54.239.192.127
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-127.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-127.muc50.r.cloudfront.net
| d2wy8f7a9ursnm.cloudfront.net |
3
2a02:26f0:3500:16::215:148d
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net |
2
2a00:1450:4001:80b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
7
2.17.147.200
(Prague, Czech Republic)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-200.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-200.deploy.static.akamaitechnologies.com
| c.evidon.com |
1
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| adservice.google.com |
1
142.250.185.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
| www.googleadservices.com |
3
54.88.132.178
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-132-178.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-132-178.compute-1.amazonaws.com
| l.evidon.com |
1
18.173.187.80
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-80.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-80.muc50.r.cloudfront.net
| 0fc0cf82e841.us-east-1.sdk.awswaf.com |
6
54.230.228.33
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-33.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-33.muc50.r.cloudfront.net
| 0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com |
1
143.204.98.56
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net
| d3op16id4dloxg.cloudfront.net |
1
172.217.16.195
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
| fonts.gstatic.com |
2
18.234.8.110
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-8-110.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-8-110.compute-1.amazonaws.com
| rvid.imperium.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
dynata.com
1 redirects
darwin-assets.dynata.com — Cisco Umbrella Rank: 257389 goggles.mw.dynata.com — Cisco Umbrella Rank: 323599 |
5 MB |
| 10 |
evidon.com
1 redirects
c.evidon.com — Cisco Umbrella Rank: 1841 l.evidon.com — Cisco Umbrella Rank: 2521 |
41 KB |
| 9 |
opinionworld.ch
1 redirects
opinionworld.ch www.opinionworld.ch |
330 KB |
| 7 |
awswaf.com
1 redirects
0fc0cf82e841.us-east-1.sdk.awswaf.com — Cisco Umbrella Rank: 561762 0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 176277 |
289 KB |
| 6 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838 |
189 KB |
| 4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561 |
60 KB |
| 2 |
imperium.com
rvid.imperium.com — Cisco Umbrella Rank: 53710 |
2 KB |
| 2 |
bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 923 |
88 B |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
179 KB |
| 2 |
cloudfront.net
d2wy8f7a9ursnm.cloudfront.net d3op16id4dloxg.cloudfront.net |
184 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
23 KB |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89 |
|
| 1 |
google.com
1 redirects
adservice.google.com — Cisco Umbrella Rank: 357 |
18 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
964 B |
| 1 |
amazonaws.com
upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 559508 |
66 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113 |
11 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 791 |
30 KB |
| 65 | 17 |
| Domain | Requested by | |
|---|---|---|
| 17 | darwin-assets.dynata.com |
www.opinionworld.ch
d2wy8f7a9ursnm.cloudfront.net |
| 8 | www.opinionworld.ch |
www.opinionworld.ch
|
| 7 | c.evidon.com |
1 redirects
www.opinionworld.ch
c.evidon.com |
| 6 | 0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com |
d2wy8f7a9ursnm.cloudfront.net
|
| 5 | ka-f.fontawesome.com |
d2wy8f7a9ursnm.cloudfront.net
www.opinionworld.ch |
| 3 | l.evidon.com |
www.opinionworld.ch
|
| 3 | use.typekit.net |
www.opinionworld.ch
use.typekit.net |
| 2 | rvid.imperium.com |
darwin-assets.dynata.com
|
| 2 | sessions.bugsnag.com |
d2wy8f7a9ursnm.cloudfront.net
|
| 2 | www.googletagmanager.com |
www.opinionworld.ch
|
| 2 | goggles.mw.dynata.com |
1 redirects
darwin-assets.dynata.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | d3op16id4dloxg.cloudfront.net |
darwin-assets.dynata.com
|
| 1 | 0fc0cf82e841.us-east-1.sdk.awswaf.com | 1 redirects |
| 1 | p.typekit.net |
use.typekit.net
|
| 1 | www.googleadservices.com |
www.opinionworld.ch
|
| 1 | adservice.google.com | 1 redirects |
| 1 | fonts.googleapis.com |
www.opinionworld.ch
|
| 1 | kit.fontawesome.com |
www.opinionworld.ch
|
| 1 | d2wy8f7a9ursnm.cloudfront.net |
www.opinionworld.ch
|
| 1 | upp-public.s3.amazonaws.com |
www.opinionworld.ch
|
| 1 | maxcdn.bootstrapcdn.com |
www.opinionworld.ch
|
| 1 | code.jquery.com |
www.opinionworld.ch
|
| 1 | opinionworld.ch | 1 redirects |
| 65 | 24 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.offerjuice.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| opinionworld.com Amazon RSA 2048 M02 |
2024-04-25 - 2025-05-25 |
a year | crt.sh |
| *.dynata.com Amazon RSA 2048 M03 |
2024-07-16 - 2025-08-14 |
a year | crt.sh |
| *.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
| bootstrapcdn.com WE1 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-08-27 - 2025-09-27 |
a year | crt.sh |
| *.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-01-27 |
6 months | crt.sh |
| upload.video.google.com WR2 |
2024-09-24 - 2024-12-17 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-09-24 - 2024-12-17 |
3 months | crt.sh |
| betrad.com R10 |
2024-08-26 - 2024-11-24 |
3 months | crt.sh |
| *.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-03-20 - 2025-04-15 |
a year | crt.sh |
| ka-f.fontawesome.com WE1 |
2024-08-29 - 2024-11-27 |
3 months | crt.sh |
| *.evidon.com Amazon RSA 2048 M02 |
2024-08-08 - 2025-09-06 |
a year | crt.sh |
| *.mw.dynata.com Amazon RSA 2048 M02 |
2024-04-27 - 2025-05-25 |
a year | crt.sh |
| *.gstatic.com WR2 |
2024-09-24 - 2024-12-17 |
3 months | crt.sh |
| *.imperium.com Amazon RSA 2048 M02 |
2023-12-24 - 2025-01-21 |
a year | crt.sh |
| *.749fc3d2.us-east-1.token.awswaf.com Amazon RSA 2048 M02 |
2024-05-05 - 2025-06-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.opinionworld.ch/
Frame ID: 708199F00BDA24AF099A8137E9ACD8C6
Requests: 63 HTTP requests in this frame
Screenshot
Page Title
Enquêtes rémunérées en ligne | OpinionWorldPage URL History Show full URLs
-
https://opinionworld.ch/
HTTP 301
https://www.opinionworld.ch/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
BugSnag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /bugsnag.*\.js
Crownpeak
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- c\.evidon\.com
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.offerjuice.com/
Title: Affiliation
Title: Affiliation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://opinionworld.ch/
HTTP 301
https://www.opinionworld.ch/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
- https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=3
- https://c.evidon.com/sitenotice/1696/opinionworld/settings.js HTTP 301
- https://c.evidon.com/sitenotice/1696/opinionworld/settingsV3.js
- https://adservice.google.com/pagead/regclk?auid=2059995456.1728450605&ref=www.google.com&url=https%3A%2F%2Fwww.opinionworld.ch%2F&tft=1728450605283&tfd=1860&frm=0>m=45He4a70v859587088za200&gcd=13l3l3l3l1l1&dma=0&npa=0&tag_exp=101533421~101671035~101747727 HTTP 302
- https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=2059995456.1728450605&ref=www.google.com&url=https%3A%2F%2Fwww.opinionworld.ch%2F&tft=1728450605283&tfd=1860&frm=0>m=45He4a70v859587088za200&gcd=13l3l3l3l1l1&dma=0&npa=0&tag_exp=101533421~101671035~101747727
- https://0fc0cf82e841.us-east-1.sdk.awswaf.com/0fc0cf82e841/ad21f328575e/challenge.js HTTP 307
- https://0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/challenge.js
65 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.opinionworld.ch/ Redirect Chain
|
230 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.opinionworld.ch/blueprint/dist/stylesheets/ |
97 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
www.opinionworld.ch/blueprint/dist/stylesheets/layouts/default/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hydra.css
darwin-assets.dynata.com/upp-ui/ |
2 MB 735 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hydra.es.js
darwin-assets.dynata.com/upp-ui/ |
999 KB 264 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons.js
www.opinionworld.ch/blueprint/dist/common/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-color.png
darwin-assets.dynata.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
global.js
upp-public.s3.amazonaws.com/upp-client/1.2.2/ Redirect Chain
|
66 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nectarCanvass2-global.js
www.opinionworld.ch/blueprint/dist/packages/ |
617 KB 149 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
home.js
www.opinionworld.ch/blueprint/dist/apps/home/ |
134 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout.js
www.opinionworld.ch/blueprint/dist/common/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kuh2wxq.css
use.typekit.net/ |
3 KB 942 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b7da1dbf2d.js
kit.fontawesome.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
carousel.js
darwin-assets.dynata.com/ |
190 B 576 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 964 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
315 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
205 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-video-bkgrnd.jpg
darwin-assets.dynata.com/OW/bg/ |
132 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
www.opinionworld.ch/shared/vendor/font-awesome/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OW-hero_video_FINAL_v3.mp4
darwin-assets.dynata.com/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oo-uk-lp-_paypal.png
darwin-assets.dynata.com/OW/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zalando.png
darwin-assets.dynata.com/OW/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Uber_UE-Logo_Stacked_Black.svg
darwin-assets.dynata.com/rewards/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-homapage-slider-1_JOIN-01.webp
darwin-assets.dynata.com/OW/ |
12 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-slider_1.gif
darwin-assets.dynata.com/ |
56 KB 56 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-homapage-slider-2-SHARE-01.webp
darwin-assets.dynata.com/OW/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-homapage-slider-3-REDEEM-01.webp
darwin-assets.dynata.com/OW/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-slider_2.mp4
darwin-assets.dynata.com/OW/ |
12 KB 12 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-slider_3.mp4
darwin-assets.dynata.com/OW/ |
35 KB 36 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ |
78 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
country.js
c.evidon.com/geo/ |
299 B 484 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snthemes.js
c.evidon.com/sitenotice/1696/ |
115 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
settingsV3.js
c.evidon.com/sitenotice/1696/opinionworld/ Redirect Chain
|
19 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.googleadservices.com/pagead/set_partitioned_cookie/ Redirect Chain
|
0 0 |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
sessions.bugsnag.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
sessions.bugsnag.com/ |
21 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 173 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/7dffb4/00000000000000003b9b1e4a/27/ |
30 KB 30 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/1e9639/00000000000000003b9b1e44/27/ |
28 KB 28 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
94 KB 22 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
27 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
823 B 975 B |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
2 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en-63642.js
c.evidon.com/sitenotice/1696/translations/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
evidon-barrier.js
c.evidon.com/sitenotice/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
63642
l.evidon.com/site/v3/1696/68963/21/1/3/2/ |
0 120 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
63642
l.evidon.com/site/v3/1696/68963/21/50/3/2/ |
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browserCheck.js
darwin-assets.dynata.com/upp-ui/ |
28 B 460 B |
Fetch
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
goggles.mw.dynata.com/api/v1/panel/ |
13 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ |
154 KB 154 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
63642
l.evidon.com/site/v3/1696/68963/21/5/3/2/ |
0 120 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
challenge.js
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ Redirect Chain
|
1 MB 284 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RelevantID4.js
d3op16id4dloxg.cloudfront.net/ |
171 KB 172 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ow-favicon.ico
darwin-assets.dynata.com/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
dedupe
rvid.imperium.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
dedupe
rvid.imperium.com/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
verify
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ |
300 B 645 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
inputs
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ |
477 B 823 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
verify
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ |
300 B 645 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
telemetry
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ |
868 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
telemetry
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com/0fc0cf82e841/ad21f328575e/ |
956 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
191 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| svg object| dataLayer function| ScrollTo function| ScrollToResolver function| $ function| jQuery function| horScrollFunction function| ScrollInView function| sliderResize function| ScrollLR function| isInViewport function| CounterScrollfunction object| corona object| google_tag_manager object| google_tag_data object| evidon string| CONSENT_LS_VISTOR number| MAXIMUM_STACK object| UPP function| _ object| angular object| googleCaptchaCompleted function| captchaReadyCallback function| formatPoints object| SiteNotification function| bugsnag object| bugsnagClient object| FontAwesomeKitConfig function| SmoothScrollView object| DD_RUM object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| $Rxp object| Alpine string| bucketid function| contractMode object| awsWafCookieDomainList function| a0_0x1c0621 function| a0_0x18ac function| a0_0x1b73 object| RVIDPrivacy string| _RVIDCaptureString object| _extraDataPoints string| _version object| captureObject string| __xe1913148__ object| PluginDetect string| userAgent boolean| isLinux boolean| isChrome number| counter object| body1 number| jsver object| BrowserDetect string| propertyString1 object| RVIDFlash string| hasRIF function| sha256 string| imperiumOriginalCookie function| sendLogMessageAsync function| createRVIDXMLHttpRequest function| setHoPoDetection function| tochar function| rvidPing function| setRVIDDataReadyAndSubmitForm function| callRVIDNow function| addValue function| addCapValue function| getOS function| checkIframes function| getSilverlightVersion function| getSilverlightMajorVersion function| detectSilverlight function| detectDirector function| getDirectorVersion function| getWindowsMediaVersion function| detectWindowsMedia function| isFlip4MacInstalled function| Flip4MacVersion function| getFlashInfo function| canDetectNavigatorPlugins function| detectPlugin function| getAllPlugins function| createScriptTag function| getJavascriptVersion function| BrowserInfo function| Get_Cookie function| Set_Cookie function| GetFontSize function| getTimeZoneDiff function| getJavaScriptBuild function| getBrowserBuild function| getNetMeetingBuild function| getServicePack function| getUserLanguage function| getSystemLanguage function| detectGecko function| getGeckoBuildDateToInt function| getConnectionType function| supportsDHTML function| supportsXMLHttpRequest function| supportsXML function| getAolVersion function| isEmailCrawler function| canUploadFile function| persistentCookies function| sessionCookies function| ExpireCookie_ function| addToCapture function| getBrowserTime function| getBrowserTimeMS function| getJavaEnabled function| getDataPoints function| rvidFreezeSetProp function| AddScriptTag function| checkTime function| checkTimeTime function| getDateTime function| createDiv function| createSol function| writeRIF function| setRIF1 function| setRIF2 function| getRIF1 function| readRIF function| rifStatusCheck function| createField function| createRVIDField function| createOutputFields function| getScore function| IsPageTranslated function| executeService function| isPropStringValid function| LogWarningForAnyMissingRequestPars function| LogWarningForMissingRequestPar function| getFunctionHash function| ImperiumXhrPost function| ImperiumGetValue function| isSSLv3MigratedClient function| getCNprintLegacyHash function| getCNprintLegacy function| getCNprintHash function| getWebGLRenderer function| getWebGLDataHash function| Get_CookieRIF3 function| Set_CookieRIF3 function| Expire_CookieRIF3 function| setRIF3 function| getRIF3 function| isMobile function| isMobile1 function| inIframe function| featDetectBrowser function| _pluginContains function| checkForAutomatedBrowserProps function| notificationPermissions function| isNotificationPermissionsOverridden function| keyboardLayoutMapSize function| mediaDevicesConstraintsCount function| _supportsBluetooth function| storageManagerDetails function| _userAgentClientHints function| _accelDetect function| _gyroDetect function| getAudioSampleRate function| mediaDeviceGroups function| _detectPrivacyMode function| getAllMimeTypes function| rvidDevToolsOpen object| relevantID object| jstz number| RVIDTrack object| C object| ZZZ object| MobileOSArray object| MobileType object| isThisMobile object| browserobject number| pluginsArrayCounter number| namesCounter object| ma number| RVIDReady function| RVIDResponseComplete function| getScoreAdditional object| start1 object| start2 object| a0_0x2f87 function| a0_0x434d object| AwsWafIntegration object| ChallengeScript object| start45 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .opinionworld.ch/ | Name: corona_visit Value: "eyJwYW5lbElkIjoiMjIyOCIsImR0IjoiMTcyODQ1MDYwNDMwOSIsInV1aWQiOiI1MWE0ZTBmNC03MDg5LTRmYWQtYWFjZC05YWFlNzhhNGYyOWQiLCJ0b2tlbiI6IjVkODEyYzc2ZGZlZGJlNDE3MWE0NTkxNDA4NTBjNjZjYTdjMzNhZGIifQ==" |
|
| .opinionworld.ch/ | Name: _gcl_au Value: 1.1.2059995456.1728450605 |
|
| www.opinionworld.ch/ | Name: RVIDExtId Value: D17921A0-3092-422C-AE11-2B297D624D2F |
|
| .opinionworld.ch/ | Name: aws-waf-token Value: 2b4e4580-450a-45b7-8a0d-e89969b9b4d6:EQoAvcAjlIxMAAAA:WRwmkvToP0fdsWtkRGb/gpM0qLuQgnPM4m7bqsyMVVjSbdGCVYDwG1x2slfj7KwkTbWCZTWXaNwrGGH8bD5UPDnHwcuLcmSNFgXDmXI/9ahDB5Do0LUIieQYZXO0dlrKFidnVD5Dw2qeP2hR5y/nBFSRZ7Kch2QTZ4O43c95u+mwPILF/eEr+fPCTgX21aMiA4UnARS5l7DKjFWrKcK6yhnCNH6lNlwGHiHJj8k068z+N/Q9tJKvteV+aqoWHvVJg1YYfFHukaAcsA== |
|
| www.opinionworld.ch/ | Name: _dd_s Value: rum=0&expire=1728451507195 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0fc0cf82e841.749fc3d2.us-east-1.token.awswaf.com
0fc0cf82e841.us-east-1.sdk.awswaf.com
adservice.google.com
c.evidon.com
code.jquery.com
d2wy8f7a9ursnm.cloudfront.net
d3op16id4dloxg.cloudfront.net
darwin-assets.dynata.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
ka-f.fontawesome.com
kit.fontawesome.com
l.evidon.com
maxcdn.bootstrapcdn.com
opinionworld.ch
p.typekit.net
rvid.imperium.com
sessions.bugsnag.com
upp-public.s3.amazonaws.com
use.typekit.net
www.googleadservices.com
www.googletagmanager.com
www.opinionworld.ch
104.18.10.207
142.250.185.130
142.250.186.34
143.204.98.56
15.197.227.85
172.217.16.195
172.67.139.119
18.173.187.80
18.234.8.110
18.66.192.119
2.17.147.200
2600:1901:0:7a0b::
2600:9000:20ae:8600:1c:a3f5:1f00:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:16::215:1495
2a04:4e42:400::649
3.5.30.59
34.199.194.98
54.230.228.33
54.239.192.127
54.88.132.178
005d86f0880b3570ec3407b24bb4fff3597b8602079ea5b535d511c0b1f8e21d
0072ac4da2be62e296da967e0c844bc37e237e74bfab56683c927528eefdd6e0
06b0ec3cc1bf4b24f99517dc076b64997599feca351ca10268b7714ea97231ae
06bce0ca18a74338337bf71c607588beef4a388c139808343473e88535708af6
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d224c506dea46489fa978824e457e62f0e8746008c5d09d562608d9ac27107e
14bd5ed5188da6b6e2106596318a12768c9f9434fad42503215998a12ed15dd1
190227a1c08602dcbacc26e48082c6abf10d59e35a34d7288ca6613aa2e5f10b
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2559798c7fb9004d84e450154886b91f2a2e7d1ba5167642c574ce9ca4ab41aa
28353d8da04a9e03a2bb06ad9ac4314e1e14917bb136e2ae0efdc8ebe68f87f1
2b6f06369edc285ff7e29219320830aa62d7286fd14e944c8fe5cd19a32c2cac
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
3b28f2499158cc58e393e5420a244ec75006a548d31ce3ade85e2ccf12b2f6e9
3eb25c38d02919325fcc53833f6046d9ad52448cd76cb9e259bd0fda1dc28ed9
45d2dabf97a5ccf5ea1f6b8d9a5f93613fed978b64cb277764f469540b592bfb
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
554989a51b8d53b5b5d1791a15ae802a69bf23581681265d4483cbcdc26dac5a
5b758a5f8453f6c03942a89c4a1b7654a09c78f35e98973f5050a024e4b4f1a6
5ead0c9647e108f4ae87cb0924a857c9c9c45ac482b36b9860aec42b162a1c0b
5fa1e32a9813be5f6a71574e6ccf0665243e1226e72916c561ca6dfc11bfceff
699eba2bb089309eb15e9db91cde0eb192a1b3e087ab5339aeedf02aff05b64b
6a446368810477f0f621772b4ebefc7849210822901992bc0eeeb95490cf4790
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
6cc8c500049bb35458bd6386b6cc8085bcc0619cb81539351bf797cb3e030366
7dc7445b43ff69bb578652f1b1927a22c11e84a8885ac0ffe6f830f087e272f1
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
88fa8ca611cd7ebe38470acc2e716ce867a3f38766632605029d8a47b0901218
96501d65b8c20d2ab7195f013a5c21475d1bccb9f9133858657cffd89c8004a0
968aae55d64dc2cb3a99c50154093ea8579cbe442ba2ed0f4306359976f235b1
9d11b3086152f2a97c8edb6cec8ad895e7e63a970bc77bdedd816dea6305766c
ae5f578a8705e4726d8b93e3916a900930605aa38128e8ea42e774ec5df1fe16
b2d40981d65a2f0f4e9cf2b1f30560d697ad818ee812623e325a37e20c89bbbc
b3faa732e258cbefbfaa9734df1b25a7754c784558320d4aad0fd7daf124cac5
b40d137f5777cba687385caf2438ba59767f4212e55961bf66377dc6744c5b91
b71b00862682ea7be6a12c992a3177ba823189fa68c88fb53dba2b7f5d991dfd
b8757a1704b7296925b77fb7001004336e72f5085a2b0a33958e1b3e77938f02
ba794c0fe95cd477f508c69d82fbd04edbc4d0c783e72da6947f8b499c4adc1c
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d31e8ca4a588ecf8a867d77f8ccdbcb817d21ef5c1b0b4fa1226b2814e31c0b4
dae9e68f0ea7de7488c2c6429040941b922c18cef2dfc2181b189beb37d4dc2f
dd81812b6243e24c01ed9be8589d5fea74e0777057f0f75cc996f12d38542cb6
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
debd85581b91173fd4d334f1a5197ec0d991bc43bef7cf1cdc1f4feaa05525b3
e1e1f0f5c1a82d304cd5522f69f8116c4834c8328a038b5b4bd3f7f9f7200b00
e362bdd99e12af232e093da5da85619f84c30a2f89ada71beef4d784c8159598
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c6765bd82016dc972c88a51f957202146a122cc09a3b19a252680e5ee4e380
e9bea535ce7c58a4b79ee8c723d8a843067489d485919de8cbaf46ebf0dd71f0
e9cd67ab9e223d7e3cadab5f4fd76ecbe2e222de56a7ecdb275b6040b40dbb30
ec42b81ee43cdf1aef41c5b099738300da3c22d3dc462d1e43559716031cec5a
eeb6122bc2c086cb14d0bb6923f4091e69144a3b803b92b84b00eb7527f0539c
ef131a6d48e603122920e8cd03bdb77de5a7ad22b3289da088b7d4f33d75b5a9
f616414afc5ec4fb36e114c55ba26c9e7270b95dd22f4ad0a57dd9f366886648
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995