www.onesafe-software.com
Open in
urlscan Pro
34.240.152.236
Public Scan
Submitted URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&cad=rja&uact=8&ved=2ahUKEwjBpumvmKXmAhUFFYgKHVvkD3MQFjA...
Effective URL: https://www.onesafe-software.com/de/cleaner/LP13.php?tracking=UTL_DE_PP_CLDEAL_OSPCC&campaignid=CLDEAL&clickid=c330878f36fc47b6b1...
Submission: On December 08 via manual from PH
Effective URL: https://www.onesafe-software.com/de/cleaner/LP13.php?tracking=UTL_DE_PP_CLDEAL_OSPCC&campaignid=CLDEAL&clickid=c330878f36fc47b6b1...
Submission: On December 08 via manual from PH
Summary
This website contacted 18 IPs
in 8 countries
across 21 domains to perform 53 HTTP transactions.
The main IP is 34.240.152.236, located in
Dublin, Ireland and
belongs to AMAZON-02 - Amazon.com, Inc., US.
The main domain is www.onesafe-software.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 27th 2018. Valid for: 2 years.
This is the only time www.onesafe-software.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 27th 2018. Valid for: 2 years.
This is the only time www.onesafe-software.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
2a00:1450:4001:817::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
1
2606:4700:30::6818:7573
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| tswt.jpa-hibernate.de |
1
176.114.9.149
(Ukraine)
ASN56485 (THEHOST-AS, UA)
PTR: dg.alekseev.freedomain.thehost.com.ua
ASN56485 (THEHOST-AS, UA)
PTR: dg.alekseev.freedomain.thehost.com.ua
| 176.114.9.149 |
3
209.205.219.178
(Piscataway, United States)
ASN55081 (24SHELLS - 24 SHELLS, US)
PTR: static-178-219-205-209.24shells.net
ASN55081 (24SHELLS - 24 SHELLS, US)
PTR: static-178-219-205-209.24shells.net
| abc2.adtelligent.com |
2
2606:4700:e2::ac40:8605
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| feed-6003.codemylife.info |
4
2606:4700:30::681f:47f8
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| 2.13i.org | |
| 13i.org |
2
2a05:d018:483:6130:2464:bd6c:b85f:35d9
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| secureconv-dl.com |
1
2a05:d018:483:6110:aea0:a7da:f2eb:7245
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| gdmconvtrck.com |
25
34.240.152.236
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-152-236.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-152-236.eu-west-1.compute.amazonaws.com
| www.onesafe-software.com |
3
2001:4de0:ac19::1:b:1b
(Netherlands)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
| maxcdn.bootstrapcdn.com |
2
2a00:1450:4001:824::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
2001:4de0:ac19::1:b:1a
(Netherlands)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
| code.jquery.com |
2
2.19.39.221
(Ascension Island)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-39-221.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-39-221.deploy.static.akamaitechnologies.com
| seal.websecurity.norton.com |
4
2a00:1450:4001:817::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| maps.googleapis.com |
3
2a03:2880:f01c:8012:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net | |
| staticxx.facebook.com |
2
2a00:1450:4001:818::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
2
2a00:1450:4001:81b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
1
2a03:2880:f11c:8183:face:b00c:0:25de
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
1
2a00:1450:400c:c00::9a
(Brussels, Belgium)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| stats.g.doubleclick.net |
1
2a00:1450:4001:825::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.de |
| Domain | Requested by | |
|---|---|---|
| 25 | www.onesafe-software.com |
gdmconvtrck.com
www.onesafe-software.com |
| 4 | maps.googleapis.com |
www.onesafe-software.com
maps.googleapis.com |
| 3 | maxcdn.bootstrapcdn.com |
www.onesafe-software.com
|
| 3 | 2.13i.org |
1 redirects
176.114.9.149
|
| 3 | abc2.adtelligent.com | 3 redirects |
| 2 | www.google-analytics.com |
1 redirects
www.onesafe-software.com
|
| 2 | fonts.gstatic.com |
www.onesafe-software.com
|
| 2 | connect.facebook.net |
www.onesafe-software.com
connect.facebook.net |
| 2 | seal.websecurity.norton.com |
www.onesafe-software.com
|
| 2 | fonts.googleapis.com |
www.onesafe-software.com
|
| 2 | secureconv-dl.com |
1 redirects
176.114.9.149
|
| 2 | feed-6003.codemylife.info | 2 redirects |
| 2 | www.google.com | 1 redirects |
| 1 | www.google.de |
www.onesafe-software.com
|
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | www.facebook.com |
connect.facebook.net
|
| 1 | staticxx.facebook.com |
connect.facebook.net
|
| 1 | cdn.jsdelivr.net |
www.onesafe-software.com
|
| 1 | cdn.taboola.com |
www.onesafe-software.com
|
| 1 | code.jquery.com |
www.onesafe-software.com
|
| 1 | gdmconvtrck.com |
secureconv-dl.com
|
| 1 | arbmuzhik.com | 1 redirects |
| 1 | 13i.org | 1 redirects |
| 1 | tswt.jpa-hibernate.de | 1 redirects |
| 53 | 24 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.symantec.com |
| webtools.avanquest.com |
| onesafesoftware.com |
| www.avanquest.com |
| twitter.com |
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-03 - 2020-10-09 |
10 months | crt.sh |
| securecloud-cd.com Amazon |
2019-04-20 - 2020-05-20 |
a year | crt.sh |
| gdmconvtrck.com Amazon |
2019-04-19 - 2020-05-19 |
a year | crt.sh |
| www.onesafe-software.com DigiCert SHA2 Secure Server CA |
2018-06-27 - 2020-06-08 |
2 years | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| *.googleapis.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
| jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
| seal.websecurity.norton.com DigiCert SHA2 Extended Validation Server CA |
2018-04-04 - 2020-04-03 |
2 years | crt.sh |
| f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-07-30 - 2020-07-25 |
a year | crt.sh |
| f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-05-29 - 2020-04-23 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-11-06 - 2020-02-04 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
| www.google.de GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.onesafe-software.com/de/cleaner/LP13.php?tracking=UTL_DE_PP_CLDEAL_OSPCC&campaignid=CLDEAL&clickid=c330878f36fc47b6b1c40e6cc6b67ee8b2e8&filter=88919&keyword=568
Frame ID: 798CD925652801FD10BA8EA52CEDEF0F
Requests: 51 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: F36FD31D151A9FCE12D7E8643C3ACAF5
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2e6760a1789a7%26domain%3Dwww.onesafe-software.com%26origin%3Dhttps%253A%252F%252Fwww.onesafe-software.com%252Ff545e95054d198%26relation%3Dparent.parent&container_width=360&height=70&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FOneSafeEN&locale=fr_FR&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=325
Frame ID: A524B254884F89C0622CF128BBBC1EEE
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&cad=rja&uact=8&ved=2ahUKEwjBpumvmKX... Page URL
-
https://tswt.jpa-hibernate.de/1-trillion.html
HTTP 302
http://176.114.9.149:8081/offer?sid=DE_k2&keys=1+trillion&lan=&redir=http%3A%2F%2F149.202.65.142%2FmxJ... Page URL
-
https://abc2.adtelligent.com/tracking/pushclick?adid=02DD726AC987528D_391465_473927
HTTP 302
https://feed-6003.codemylife.info/api/message/click?id=f14068674717&time=1575778851&sig=ef48636bd1a3b23165c039... HTTP 302
https://13i.org/ck?c_id=5628&u_id_p=583&u_id=322&s_id=4431542&sb_id=0&ip=109.236.94.15&g=NL&... HTTP 301
https://arbmuzhik.com/click.php?key=uiq64km94ws9br8v3fy9&bma_cpc=0.001&bma_source=322-4431542-0&bm... HTTP 302
https://secureconv-dl.com/?a=88919&c=159464&s2=fb51eqna7a4168&s1=568 Page URL
-
https://secureconv-dl.com/?a=88919&c=155917&oc=56534&sr=t&so=48007&sc=10677554&scr=159464&rc=24_59177&...
HTTP 302
https://www.onesafe-software.com/de/cleaner/LP13.php?tracking=UTL_DE_PP_CLDEAL_OSPCC&campaignid=CLDEAL&clicki... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Google Web Server
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /gws/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://www.symantec.com/ssl-certificates
Title: ABOUT SSL CERTIFICATES
Title: ABOUT SSL CERTIFICATES
Search URL Search Domain Scan URL
URL: https://webtools.avanquest.com/download.cfm?tracking=UTL_DE_PP_CLDEAL_OSPCC&keyword=568&campaignID=CLDEAL&clickid=c330878f36fc47b6b1c40e6cc6b67ee8b2e8&filter=88919&skip=&gclid=&uid=&go=https://cdn.onesafe-software.com/OneSafe_PC_Cleaner/OneSafe_PC_Cleaner.exe
Title: HERUNTERLADEN
Title: HERUNTERLADEN
Search URL Search Domain Scan URL
URL: https://onesafesoftware.com/software/de/uninstall?lang=de
Title: Software deinstallieren
Title: Software deinstallieren
Search URL Search Domain Scan URL
URL: https://onesafesoftware.com/software/de/eula?lang=de
Title: Endbenutzer-Lizenzvertrag
Title: Endbenutzer-Lizenzvertrag
Search URL Search Domain Scan URL
URL: https://onesafesoftware.com/software/de/kontakt?lang=de
Title: Kontakt
Title: Kontakt
Search URL Search Domain Scan URL
URL: https://onesafesoftware.com/software/de/privacy?lang=de
Title: Datenschutzerklärung
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
URL: http://www.avanquest.com/Deutschland/group/rechtliches/agb.html
Title: Allgemeine Geschäftsbedingungen
Title: Allgemeine Geschäftsbedingungen
Search URL Search Domain Scan URL
URL: https://onesafesoftware.com/software/de/impressum?lang=de
Title: Impressum
Title: Impressum
Search URL Search Domain Scan URL
URL: https://twitter.com/intent/tweet?text=OneSafe%20Software%20https://www.onesafesoftware.com
Search URL Search Domain Scan URL
URL: https://www.facebook.com/OneSafeEN
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&cad=rja&uact=8&ved=2ahUKEwjBpumvmKXmAhUFFYgKHVvkD3MQFjAFegQIAhAB&url=https%3A%2F%2Ftswt.jpa-hibernate.de%2F1-trillion.html&usg=AOvVaw2yVrApQ56wVXlqVyGFZpm_ Page URL
-
https://tswt.jpa-hibernate.de/1-trillion.html
HTTP 302
http://176.114.9.149:8081/offer?sid=DE_k2&keys=1+trillion&lan=&redir=http%3A%2F%2F149.202.65.142%2FmxJV5f%3Fsub_id_1%3DDE_k2_tb Page URL
-
https://abc2.adtelligent.com/tracking/pushclick?adid=02DD726AC987528D_391465_473927
HTTP 302
https://feed-6003.codemylife.info/api/message/click?id=f14068674717&time=1575778851&sig=ef48636bd1a3b23165c039a7de3a0b&u=aHR0cHM6Ly8xM2kub3JnL2NrP2NfaWQ9NTYyOCZ1X2lkX3A9NTgzJnVfaWQ9MzIyJnNfaWQ9NDQzMTU0MiZzYl9pZD0wJmlwPTEwOS4yMzYuOTQuMTUmZz1OTCZlPTAuMDAxJmM9MC4wMDA4JmZ0PTEmdHRsPTE1NzU3Nzg4NTE%3D&srv=1 HTTP 302
https://13i.org/ck?c_id=5628&u_id_p=583&u_id=322&s_id=4431542&sb_id=0&ip=109.236.94.15&g=NL&e=0.001&c=0.0008&ft=1&ttl=1575778851 HTTP 301
https://arbmuzhik.com/click.php?key=uiq64km94ws9br8v3fy9&bma_cpc=0.001&bma_source=322-4431542-0&bma_source_2=322-4431542&bma_source_1=322&bma_user-ip=109.236.94.15&bma_user-geo=NL&bma_campaign_id=5628 HTTP 302
https://secureconv-dl.com/?a=88919&c=159464&s2=fb51eqna7a4168&s1=568 Page URL
-
https://secureconv-dl.com/?a=88919&c=155917&oc=56534&sr=t&so=48007&sc=10677554&scr=159464&rc=24_59177&s1=568&s2=fb51eqna7a4168&vt=1575778854191&h=65d3730382efdb237154123536c75e23887e25ec&req=https%3A%2F%2Fsecureconv-dl.com%2F%3Fa%3D88919%26c%3D159464%26s2%3Dfb51eqna7a4168%26s1%3D568&us=ae989534597f43dab0a77ddc4efba50d
HTTP 302
https://www.onesafe-software.com/de/cleaner/LP13.php?tracking=UTL_DE_PP_CLDEAL_OSPCC&campaignid=CLDEAL&clickid=c330878f36fc47b6b1c40e6cc6b67ee8b2e8&filter=88919&keyword=568 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://tswt.jpa-hibernate.de/1-trillion.html HTTP 302
- http://176.114.9.149:8081/offer?sid=DE_k2&keys=1+trillion&lan=&redir=http%3A%2F%2F149.202.65.142%2FmxJV5f%3Fsub_id_1%3DDE_k2_tb
- https://abc2.adtelligent.com/tracking/icon?adid=02DD726AC987528D_391465_473927 HTTP 302
- https://feed-6003.codemylife.info/api/message/impression?id=f14068674717&time=1575778851&sig=0b612c01b7a3e96c081965416a871b&u=aHR0cHM6Ly8yLjEzaS5vcmcvaWFlP2NfaWQ9NTYyOCZ1X2lkX3A9NTgzJnVfaWQ9MzIyJmY9L2ltZy81ODMtMzBjMjVkMzMmZnQ9MSZnZW89Tkwmcj0yNjQ1MS03MjU0&srv=1 HTTP 302
- https://2.13i.org/iae?c_id=5628&u_id_p=583&u_id=322&f=/img/583-30c25d33&ft=1&geo=NL&r=26451-7254 HTTP 302
- https://2.13i.org/img/583-30c25d33
- https://abc2.adtelligent.com/tracking/image?adid=02DD726AC987528D_391465_473927 HTTP 302
- https://2.13i.org/img/583_6c007ac6
- https://abc2.adtelligent.com/tracking/pushclick?adid=02DD726AC987528D_391465_473927 HTTP 302
- https://feed-6003.codemylife.info/api/message/click?id=f14068674717&time=1575778851&sig=ef48636bd1a3b23165c039a7de3a0b&u=aHR0cHM6Ly8xM2kub3JnL2NrP2NfaWQ9NTYyOCZ1X2lkX3A9NTgzJnVfaWQ9MzIyJnNfaWQ9NDQzMTU0MiZzYl9pZD0wJmlwPTEwOS4yMzYuOTQuMTUmZz1OTCZlPTAuMDAxJmM9MC4wMDA4JmZ0PTEmdHRsPTE1NzU3Nzg4NTE%3D&srv=1 HTTP 302
- https://13i.org/ck?c_id=5628&u_id_p=583&u_id=322&s_id=4431542&sb_id=0&ip=109.236.94.15&g=NL&e=0.001&c=0.0008&ft=1&ttl=1575778851 HTTP 301
- https://arbmuzhik.com/click.php?key=uiq64km94ws9br8v3fy9&bma_cpc=0.001&bma_source=322-4431542-0&bma_source_2=322-4431542&bma_source_1=322&bma_user-ip=109.236.94.15&bma_user-geo=NL&bma_campaign_id=5628 HTTP 302
- https://secureconv-dl.com/?a=88919&c=159464&s2=fb51eqna7a4168&s1=568
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1908468935&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onesafe-software.com%2Fde%2Fcleaner%2FLP13.php%3Ftracking%3DUTL_DE_PP_CLDEAL_OSPCC%26campaignid%3DCLDEAL%26clickid%3Dc330878f36fc47b6b1c40e6cc6b67ee8b2e8%26filter%3D88919%26keyword%3D568&dr=https%3A%2F%2Fsecureconv-dl.com%2F%3Fa%3D88919%26c%3D159464%26s2%3Dfb51eqna7a4168%26s1%3D568&ul=en-us&de=UTF-8&dt=OneSafe%20PC%20Cleaner&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1785195965&gjid=1709884156&cid=1508761573.1575778855&tid=UA-59354621-4&_gid=1271248598.1575778855&_r=1&z=2035106029 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59354621-4&cid=1508761573.1575778855&jid=1785195965&_gid=1271248598.1575778855&gjid=1709884156&_v=j79&z=2035106029 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59354621-4&cid=1508761573.1575778855&jid=1785195965&_v=j79&z=2035106029 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59354621-4&cid=1508761573.1575778855&jid=1785195965&_v=j79&z=2035106029&slf_rd=1&random=1534729871
53 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
url
www.google.com/ |
953 B 960 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
offer
176.114.9.149/ Redirect Chain
|
879 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
583-30c25d33
2.13i.org/img/ Redirect Chain
|
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
583_6c007ac6
2.13i.org/img/ Redirect Chain
|
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
secureconv-dl.com/ Redirect Chain
|
2 KB 932 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trck
gdmconvtrck.com/ |
1 KB 876 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
 Cookie set
LP13.php
www.onesafe-software.com/de/cleaner/ Redirect Chain
|
43 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 596 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
788 B 388 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer.css
www.onesafe-software.com/css/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LP13.css
www.onesafe-software.com/css/cleaner/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
detect_os.js
www.onesafe-software.com/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OneSafePCCleaner-logo.png
www.onesafe-software.com/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
microsoft.png
www.onesafe-software.com/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_download.png
www.onesafe-software.com/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OSPCC_DE_1.png
www.onesafe-software.com/images/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OSPCC_DE_3.png
www.onesafe-software.com/images/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bullet1.png
www.onesafe-software.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boostez_icon.png
www.onesafe-software.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gagnez_icon.png
www.onesafe-software.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ptotegez_icon.png
www.onesafe-software.com/images/cleaner/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
win-compatible.png
www.onesafe-software.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
www.onesafe-software.com/js/ |
28 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
maps.googleapis.com/maps/api/ |
116 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hover-dropdown.js
www.onesafe-software.com/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wow.min.js
www.onesafe-software.com/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
browser-error.js
www.onesafe-software.com/js/ |
234 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tfa.js
cdn.taboola.com/libtrc/avantquestdownloadfrsc/ |
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sticky.js
www.onesafe-software.com/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-scripts.js
www.onesafe-software.com/js/ |
463 B 772 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.6.0/ |
41 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.fancybox.pack.js
www.onesafe-software.com/js/fancybox/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.mousewheel.pack.js
www.onesafe-software.com/js/fancybox/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/fr_FR/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
buttonG.gif
www.onesafe-software.com/images/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bullet0.png
www.onesafe-software.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vEFR2_JTCgwQ5ejvG1EmBg.woff2
fonts.gstatic.com/s/signika/v10/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/fr_FR/ |
194 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame F36F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page.php
www.facebook.com/v2.8/plugins/ Frame A524 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
win10_logo.png
www.onesafe-software.com/images/cleaner/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/39/3/ |
76 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/39/3/ |
143 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 144 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jscd function| activity string| u5 undefined| sopener function| symcBuySSL function| vrsn_splash number| ver string| v_ua object| re boolean| v_old_ie function| v_mact function| v_mDown function| v_resized string| dn string| lang string| tpt string| vrsn_style string| splash_url string| sslcenter_url string| seal_url string| u1 string| u2 object| FB object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| WOW function| ChangeUrl object| TRC object| _tfa object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| __trcJSONify undefined| Script undefined| initialize object| dotq string| GoogleAnalyticsObject function| ga string| infos object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _xdc_4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .onesafe-software.com/ | Name: _gat Value: 1 |
|
| .onesafe-software.com/ | Name: _gid Value: GA1.2.1271248598.1575778855 |
|
| .onesafe-software.com/ | Name: _ga Value: GA1.2.1508761573.1575778855 |
|
| www.onesafe-software.com/ | Name: PHPSESSID Value: dh4f0tue3tf9t1rq5q6boneto2 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
13i.org
2.13i.org
abc2.adtelligent.com
arbmuzhik.com
cdn.jsdelivr.net
cdn.taboola.com
code.jquery.com
connect.facebook.net
feed-6003.codemylife.info
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
seal.websecurity.norton.com
secureconv-dl.com
staticxx.facebook.com
stats.g.doubleclick.net
tswt.jpa-hibernate.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.onesafe-software.com
151.101.114.2
159.65.14.38
176.114.9.149
2.19.39.221
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
209.205.219.178
2606:4700:30::6818:7573
2606:4700:30::681f:47f8
2606:4700:e2::ac40:8605
2a00:1450:4001:817::2004
2a00:1450:4001:817::200a
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:824::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
2a05:d018:483:6110:aea0:a7da:f2eb:7245
2a05:d018:483:6130:2464:bd6c:b85f:35d9
34.240.152.236
008018ccd7791cb4c14ab8370357e85610dfdaba0a5f0e3cca30ccce760087fd
061ce254066afa9886e1d779d5919e32dd349be1b19a8f6a098bbdec84d60146
0ef3fd524c01b909a28a50ebd42082c73267964bfe30b3f94006fdd13957c5d4
15ffdf17d35d306f22ad6301cfa2e9335a1009cf99cba4234060d34b530c6620
1bb86dc07eb8fd7ef8a292671a0e570a3ba097d78ee54bd7f4575049775a2f0c
1e9fee5d41c2e3d4435ac8316d67abb76eca9b49438200f1c89b69c5a3fe8f09
2d96f1a99b2f52e241e686336a137548ce40a932d575f7452319ff8ed90bd880
3152228b3222d16544577b3933ea1776ab296bdc77a816d424bbb9b4dc94e26c
3262d61214c051fd1ddc466741e89970ef1755f2044de8ba9d6821a7adfa8841
39b2edbe6c72db9882b030f8d7cfbcc45ee2d57ecd0ebc81a8f8a7613bb3f40b
3b42c42398ec7a76c84b56cff116489820c92bf3f0ab7928ff2e1f51f562e364
5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe
5bdc7b89bc5ed6d3b11a1ce4f17e5061246439a40786d4d07dae25ccdf8011be
637e92c8ab6d6945a8f1c93967cf0a125c24e08c174f042fda901d5f63490933
67291de29632d3b7eaa094724f38bf7e4602543a8ec189d6ebc843be6cee9ae6
6deec9300c5af1fd897cab7974f220f5f03586eb42e163afea63b18ce1a790c2
7b5f32549a610aa5f6291d7ca3bc322be8043f785c40b9c36b365cee9c3762ce
7d492996e39b1034fc7542d0ab505911d9c4541c23977388cf2bb1e0dfd5a84b
84b3c479dba41569d3fa523d365660c7c045321dc8bad86c3b9451bd5be6f97d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
92b5aaccecff2d896f0fff34ca8e708a1d79f8dd1bd38bfb48e35b85346c1f31
93a2bfdf828112254445384d769d9a93e1658eb779b3313bd1d745b5e30ca093
94f5dc195472855969670538619ebfb47937b79aa49627e2d1414ac9fee1b8a7
984deb280b11e79dc52309fce39f2bf581b9ee8278b5f8af2b18a55ba3d59cb6
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9edd8b1252ca936283be1145fe77a18512bdb2cfd72454075936c93b052c0dc7
9f74d29729e06a4e28b85b1c9afe9f6f82f0434f3d7069f5fb82c782eb644caa
aa3d3f308371152ad8332449d1172431034a07e06051dcac7e315128a7f5a16d
b2104ae27147c1d67b2c8269a261ea8270159878b29f13d53579ff4eb68629fc
b3fbbe0e9161fa174c6b4a8a7c5d1924d535233a6a421ddc9480c5c57d07fed3
b8aa8bb79e762bc8a00238afddcbe33ede3c497159a4bf9d213b1a659fb899b2
c441e9ad0673339a2a4a361836c40dfd96fb846c273ad19262153b75c7d2b18c
c6b06f60dd7eab3a9ab3e2f40b61b1ff7eacc8d27e2560b1f037154bfe44e5ff
ccb83be2f12f6e8cd7d61a8e2cd8bc8dbd966bd5a064fd55c5926e01a30daddb
d1d1a4426c5422dd40405bd8fc4e7e4ab48197f8e1e973b6ed860f809c9d081e
da8a9d615e6820d46963fe8ec50ee3e5acd37c033e888365a31e78e5c1349a4d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcf33a5d57626e80ad28c3d3614e45fee90f256031608e081825187daf0669e4
ddaa1ca7d5f506e87d9fdcc3a8268096de5e01950b51657d6118d4343bfd26db
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
ebe5bccc8293a7e7090201417d39069c49bdeaea71e3a7a19d3ed4d74c0a1d04
ebeeffecf5256237662219856cfb4714049e2b7b11530fd83f94f1b4239473b9
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b721704f4b18255d68e6c9fcb2a7f7a45b83cbc410d55d27577310058f5ffe
f426211ef32ec13302b2492c9fa5087dbc11ea019e1fd708f194a0e1f1393982
f7cab7889170d91aeeed458420660bed5822cd21cbbb0f8246b88ebf35eb1428
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ff9adec4582eefae0a1184294e36523d3c8db571c04f042b3ddda743878faebe