urlscan.io logo urlscan.io
SecurityTrails logo

tagataman.de Open in urlscan Pro
130.255.79.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://directhourshoulders-8.life/web/?sid=t4~dzr2oela1fs45elkmodxxld2
Effective URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Submission: On February 20 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 10 domains to perform 29 HTTP transactions. The main IP is 130.255.79.215, located in Germany and belongs to BKVG-AS, DE. The main domain is tagataman.de.
TLS certificate: Issued by R3 on January 20th 2021. Valid for: 3 months.
This is the only time tagataman.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.189.217.43 209813 (FASTCONTENT)
1 2 185.50.248.98 209813 (FASTCONTENT)
1 1 34.247.62.153 16509 (AMAZON-02)
1 5 130.255.79.215 29141 (BKVG-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 65.9.28.174 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
7 85.13.149.2 34788 (NMM-AS D)
29 6
1    5.189.217.43 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
directhourshoulders-8.life
2    185.50.248.98 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
universal-mobileapp-inventory.net
1    34.247.62.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-62-153.eu-west-1.compute.amazonaws.com
trk.adtrk18.com
5    130.255.79.215 (Germany)

ASN29141 (BKVG-AS, DE)
PTR: server-redlemon01.virtualhosts.de
www.exklusive-preise.de
tagataman.de
www.rlcontrol.de
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
14    65.9.28.174 (Orlando, United States)

ASN16509 (AMAZON-02, US)
rlmgws-data.s3-accelerate.amazonaws.com
2    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
7    85.13.149.2 (Neusalza-Spremberg, Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd31026.kasserver.com
rltools.de
www.rltools.de
Domain Requested by
14 rlmgws-data.s3-accelerate.amazonaws.com tagataman.de
rlmgws-data.s3-accelerate.amazonaws.com
6 www.rltools.de rlmgws-data.s3-accelerate.amazonaws.com
3 tagataman.de universal-mobileapp-inventory.net
rlmgws-data.s3-accelerate.amazonaws.com
tagataman.de
2 maxcdn.bootstrapcdn.com tagataman.de
maxcdn.bootstrapcdn.com
2 universal-mobileapp-inventory.net 1 redirects
1 www.rlcontrol.de tagataman.de
1 rltools.de tagataman.de
1 cdn.onesignal.com tagataman.de
1 www.exklusive-preise.de 1 redirects
1 trk.adtrk18.com 1 redirects
1 directhourshoulders-8.life 1 redirects
29 11

This site contains links to these domains. Also see Links.

Domain
blueleads.online
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
universal-mobileapp-inventory.net
R3		 2021-01-16 -
2021-04-16		 3 months crt.sh
www.tagataman.de
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.s3-accelerate.amazonaws.com
Amazon		 2020-05-19 -
2021-04-20		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
rltools.de
R3		 2021-01-31 -
2021-05-01		 3 months crt.sh
www.rlcontrol.de
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Frame ID: B469629B76AB20885A2717A6FAE64CEF
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://directhourshoulders-8.life/web/?sid=t4~dzr2oela1fs45elkmodxxld2 HTTP 302
    https://universal-mobileapp-inventory.net/?url=I4WHKFughjKzpcbEVeGSzAMCq7AwVk%2fKCLndG2RplCYUU7fINdER2PNtsik6pwfszdb2N... HTTP 302
    https://universal-mobileapp-inventory.net/away.php Page URL
  2. https://trk.adtrk18.com/aff_c?offer_id=11643&aff_id=1390&url_id=11587&aff_sub=23a471c3-799c-4196-ae4... HTTP 302
    https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=227&idCampaignAd=0&subId=102b06cc... HTTP 302
    https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

29
Requests

100 %
HTTPS

25 %
IPv6

10
Domains

11
Subdomains

6
IPs

4
Countries

1165 kB
Transfer

1281 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://directhourshoulders-8.life/web/?sid=t4~dzr2oela1fs45elkmodxxld2 HTTP 302
    https://universal-mobileapp-inventory.net/?url=I4WHKFughjKzpcbEVeGSzAMCq7AwVk%2fKCLndG2RplCYUU7fINdER2PNtsik6pwfszdb2NP9d0y5YChjhYC0u%2fnSbr%2bHQ7W9CtFqFigqxKN0cxudjOgltsKRCIOaYQAhDyuXjGtFkFuGnd6CUI%2bph9V7wvgzXMg4qenGdAGo3Vohk1PEbtZ0Jqg%3d%3d HTTP 302
    https://universal-mobileapp-inventory.net/away.php Page URL
  2. https://trk.adtrk18.com/aff_c?offer_id=11643&aff_id=1390&url_id=11587&aff_sub=23a471c3-799c-4196-ae42-ad6b6fc004fe&aff_sub5=cm4l62458 HTTP 302
    https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=227&idCampaignAd=0&subId=102b06cc576c1c6faf5efe753b0c64&subIdentifier=1390&rlmset=supermarkt_ff_de HTTP 302
    https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://directhourshoulders-8.life/web/?sid=t4~dzr2oela1fs45elkmodxxld2 HTTP 302
  • https://universal-mobileapp-inventory.net/?url=I4WHKFughjKzpcbEVeGSzAMCq7AwVk%2fKCLndG2RplCYUU7fINdER2PNtsik6pwfszdb2NP9d0y5YChjhYC0u%2fnSbr%2bHQ7W9CtFqFigqxKN0cxudjOgltsKRCIOaYQAhDyuXjGtFkFuGnd6CUI%2bph9V7wvgzXMg4qenGdAGo3Vohk1PEbtZ0Jqg%3d%3d HTTP 302
  • https://universal-mobileapp-inventory.net/away.php

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
away.php
universal-mobileapp-inventory.net/
Redirect Chain
  • https://directhourshoulders-8.life/web/?sid=t4~dzr2oela1fs45elkmodxxld2
  • https://universal-mobileapp-inventory.net/?url=I4WHKFughjKzpcbEVeGSzAMCq7AwVk%2fKCLndG2RplCYUU7fINdER2PNtsik6pwfszdb2NP9d0y5YChjhYC0u%2fnSbr%2bHQ7W9CtFqFigqxKN0cxudjOgltsKRCIOaYQAhDyuXjGtFkFuGnd6CU...
  • https://universal-mobileapp-inventory.net/away.php
334 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://universal-mobileapp-inventory.net/away.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.50.248.98 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
6868e14ad578848c84633ef659093fb1145cf3e007fce643e4665dac9acc3f12

Request headers

Host
universal-mobileapp-inventory.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=t312351p497214kp2316h97vk7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sat, 20 Feb 2021 11:21:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 20 Feb 2021 11:21:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=t312351p497214kp2316h97vk7; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/away.php
Primary Request campaign_1055.html
tagataman.de/
Redirect Chain
  • https://trk.adtrk18.com/aff_c?offer_id=11643&aff_id=1390&url_id=11587&aff_sub=23a471c3-799c-4196-ae42-ad6b6fc004fe&aff_sub5=cm4l62458
  • https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=227&idCampaignAd=0&subId=102b06cc576c1c6faf5efe753b0c64&subIdentifier=1390&rlmset=supermarkt_ff_de
  • https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
66 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Requested by
Host: universal-mobileapp-inventory.net
URL: https://universal-mobileapp-inventory.net/away.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
26b2395f305145cbf2e02221fb72eb397b7d7c6975ae05b83adca48f8f364210

Request headers

:method
GET
:authority
tagataman.de
:scheme
https
:path
/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://universal-mobileapp-inventory.net/away.php

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=u7v446selsv4flmtitoq4rarv0; path=/ coyoteAffiliTokenId1055=408853195; expires=Sat, 20-Feb-2021 15:21:08 GMT; Max-Age=14400; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
11882
content-type
text/html; charset=UTF-8

Redirect headers

date
Sat, 20 Feb 2021 11:21:07 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=6rf8vqnm5alfs5ju2ia4l5ral9; path=/ coyoteTrackingCookie_872=408853195; expires=Mon, 22-Mar-2021 11:21:08 GMT; Max-Age=2592000; path=/;samesite=None; Secure coyoteSimpleTrackingCookie=408853195; expires=Mon, 22-Mar-2021 11:21:08 GMT; Max-Age=2592000; path=/;SameSite=None; Secure
location
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
22
content-type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
601
etag
W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6247d7a34b2d4ecd-FRA
cf-request-id
0860c51a0d00004ecdbc033000000001
expires
Sat, 20 Feb 2021 12:21:08 GMT
style_new_new_doi_info.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		89 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f4103adc36eeeb59ffe9794c4fb9d4f61040132b48e85fd665cbfebd2790961

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
Last-Modified
Wed, 09 Dec 2020 10:56:02 GMT
Server
AmazonS3
x-amz-request-id
7P4Q2NBVAWEW3Z2Y
ETag
"0ba0d8a60631fc7b5f6ade35c26ba033"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
91512
x-amz-id-2
chReyCzL8GyyIWhXc+JTHtvH5+MNLfO4W3RtkWprQ8Np9U+IAJJPYt5nQdENlVGp2XLdIYR0ZI0=
X-Amz-Cf-Id
ujmG2OpuOWPVJq7z-T5QdumToEvUPABDjn-WDbkl8XBGFmMrI-8nQw==
spinner.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/spinner.css
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 0921eae154c93e666b192fa267ea4bfb.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
0A3C3DBD7E23B0C4
ETag
"308609aca6938598a1390b47ec576e97"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
1295
x-amz-id-2
HSXCWkPEPNWF+/Vh0ED0RHTE3/gGPjjrqnZVcKBucNqRLKloC0hEcsT6Y+xYKO87AUyyEXFQfQM=
X-Amz-Cf-Id
9BijQtdvCmkdeHILmZTdQ9kvQdPVVrtCdhMTT8JVCZDLCB4cK4bKGg==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
balloon.min.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/balloon.min.css
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
F90843D48D3B6EC2
ETag
"acd37f0b3be30c6cefff2ed8117e5938"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
5489
x-amz-id-2
GTyvZUGAvM+ZKWvp8HuXoOdGmH9i18bKmPM5ElcJeazU1aGC8eXEEKAfEC9n89DlfvLq+7w5Mpg=
X-Amz-Cf-Id
EqSPT2J_4DuHggDHNbG4_3ei5Hlu2XXmprQoyG739VLv2FXT0xGd3w==
jquery-3.4.1.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		274 KB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Aug 2019 14:45:01 GMT
Server
AmazonS3
x-amz-request-id
330F6BCBE0A99CC2
ETag
"11c05eb286ed576526bf4543760785b9"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
280364
x-amz-id-2
mS/AfXmRwtXUVz7Wtj8obYy5RRfXm9uCfp0L0QzXQfTccTjY7ujfYoQOsjeiyUgCFrZhcQdLjxg=
X-Amz-Cf-Id
sxrKcZVKFXiYHezKIW2jbebnNF_iMTSqTqG1CppZaMrnsdhuGnFWCA==
logic_new_new_doi_info.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/ 		231 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/logic_new_new_doi_info.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddda1e2ac0ccec1fe54594d5e15d6bcbed1f367b445fbd00500410abfbc70706

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 ec5f7ca5219bc2c06993f1aa180b2fa1.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Feb 2021 09:53:22 GMT
Server
AmazonS3
x-amz-request-id
AAEAB61F49F81629
ETag
"dbf602422f51a6a5521e8c08c7db5556"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
236498
x-amz-id-2
n2QWwa+C3wmbeUPESh5p7rc93mx8gM7TG4RoTFeROyJl3+hmm/RC7g0gIkG2YuFdrrUbiM9Mm7Y=
X-Amz-Cf-Id
w-VA5Fli-DjPDAUpsjjxPiUvpgL9wpke0W7DozBTE7IP0cOgv4I33Q==
md5.min.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/md5.min.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 7fbfed9453edeb4b5dca9173a3f5f8dd.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Oct 2019 09:23:31 GMT
Server
AmazonS3
x-amz-request-id
D0BC928511DA8DBF
ETag
"d42ff83c2d527cdab773855cfe523561"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
3767
x-amz-id-2
d0zoPlbwzCMeRWKGonL39qz5qhpLmJI2UKFfedWLh6EflpM2QILJBBZiH9AZlzMn51Yunlk5teI=
X-Amz-Cf-Id
zuUCJgI2arO3T6J7lKa9ES4RM9rI7j0sgtWfolZn18L8YNjrpMZGeQ==
rlm_stat.js
rltools.de/rlm_analytics/scripts/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rltools.de/rlm_analytics/scripts/rlm_stat.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 16:01:32 GMT
server
Apache
etag
"35fa-5aaf5bca2492e-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2918
adressDeOrt.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/adressDeOrt.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 10:52:07 GMT
Server
AmazonS3
x-amz-request-id
4CA8CDB72B27C24A
ETag
"f27bf73696475a931df4f92fb97cae2f"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
9770
x-amz-id-2
b7+YiTxUUu8ynds5dAcuptigv9NHY7BK/iv3WDCbTr66CtnIkLRv2yYU7/WzK+OFVdRl0PEj9S4=
X-Amz-Cf-Id
9D9C7Z0-IX4fZKw9FU2FePy_wx4E_KhtmgfVSuTHok0bl32MSh4Xww==
moment.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/lib/moment.min.js
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
gzip
last-modified
Tue, 24 Jul 2018 14:05:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16804
expires
Mon, 22 Mar 2021 11:21:08 GMT
rlm_stat.php
www.rltools.de/rlm_analytics/ 		21 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
8743024b2172a5d845ae1d13b4acaad6bf43b43f654cd28bc5c5080d11d532fa

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
outer_slice_top.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/ 		136 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_top.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
8F37FE74C14C22EA
ETag
"b3cd71c3db91f48dfd8b00d472022dc0"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
136
x-amz-id-2
ihE1pQ3HehBBWgS2IyrDhEaMd/kslHxAd/JSpdQPGpwE1DfC0mCukuQpm6RBCNO0/KBAUZO4jb0=
X-Amz-Cf-Id
qcbkHw8AxH63SB16iU2i_PrdxmAALpmXgSySq7D9g5ldR_ZS5nJcKQ==
outer_slice_bottom.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/ 		143 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_bottom.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 ec5f7ca5219bc2c06993f1aa180b2fa1.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
1E4ADF803262A3EF
ETag
"cdfb089c7a2ffb19106f0553ad115375"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
143
x-amz-id-2
NnHlsBCrWRooibF4p6m41mRFtEOUoUNeUMaMbZrRBQly8FK+7iEHhfSb7DlE75bDfCWZJTZnIo0=
X-Amz-Cf-Id
2b0XBBamzzsdVrL8k7B3feOWv_nBmrXp2mlBIweMJPepRVKsuOtWqA==
Aileron-Regular.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Regular.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69

Request headers

Origin
https://tagataman.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 f1f7e88380a0546160e4e023c7c1d332.cloudfront.net (CloudFront)
x-amz-request-id
EW6JBGBP5P6RCH4W
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
21776
x-amz-id-2
hLKRWB5RmqTBrPZMBLY0xru32FUwh5/rj3srWDdgNaXYQGGrfkpa4eXQEkht1bhLjcANy3ltRKk=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"4309f5e6504ab4404a1c909a5ef8457f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
XOMMsV8CU6eyzsMGpDT13502oh6cFBECRcxwtBoJGQe3-gDKGi36eg==
Aileron-Bold.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Bold.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad

Request headers

Origin
https://tagataman.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
x-amz-request-id
9696C4C925BD3D93
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23108
x-amz-id-2
IUyRPrLhz/NNChmTOgNsY3tzzRoO4thDjYO0HTBQ3WTmmPQELITWf+HqdnxBXibh3u+bQ3VvDwI=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"317ed94a878c8d8ea413f51e575513f4"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Hio_OSS7R79R4_yrDdTlYlJukKJAvQQcrIcUXiDnPFN_2M6xt2-DbQ==
Candal.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Candal.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84

Request headers

Origin
https://tagataman.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 a0b6e5bd6cf5596d4f38f0df8fa929e1.cloudfront.net (CloudFront)
x-amz-request-id
1570168BF68871B7
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
25000
x-amz-id-2
GksEgkepfttYlclQ6/z9vAR4L46mrG/8oITBNkPouLPk08EmEbQ+K0EoS8ts/YPNmAckxBDouPY=
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
ETag
"e29c6ae99d1f2dc8d6a607b46c082b74"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
EUdb0BlQtr7WIRVKdkG0E34U0lXu4_JpNetFwraakbSHGjXl0a12cw==
resource.php
tagataman.de/ftp/flexfancy/services/ 		1 KB
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tagataman.de/ftp/flexfancy/services/resource.php?rlmset=supermarkt_ff_de
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
b8f439fb3caf77a98b854c0bd3d2afe2cc4f26806865a5dc66c89f79faa0566d

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
gzip
server
Apache
content-length
578
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=utf-8
Aileron-Heavy.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Heavy.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87

Request headers

Origin
https://tagataman.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
x-amz-request-id
49C2AB412D3CB5D1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23280
x-amz-id-2
LY5t9Fp7V5MlFwozl8qsuDHgYsy6NtlAoLiOlaULbF0Cljd3WQ82rYp2ITQOA/4BS6kokYVgaxE=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"977a8badf138ba0183b618103fbea86a"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
YXM_hjb46bprBnyQuIMtl8d6qCZZObBnqjP9O6p6sJpAaW6teufWQQ==
checkbox.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/checkbox.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.28.174 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new_new_doi_info.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 11:21:09 GMT
Via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Jun 2018 15:08:55 GMT
Server
AmazonS3
x-amz-request-id
EK8Q2PCS3Z9WFSAJ
ETag
"46b1a02714406cd093dfe9a7af57997d"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
1509
x-amz-id-2
c0QgJR+4V4yKpfDke9jZXrRa5cu/GF2IXZfKPofpmscSF+e+8uq+PbZ4WP6uWFRtCLu0nE55yHg=
X-Amz-Cf-Id
e8rkixUR0pYc-ZKdDtKWboUDAD3rA8UDKkhiQmj_A_-h3tJ57HFuAg==
750supermarkt.png
tagataman.de/ftp/flexfancy/build/promotion/ 		328 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tagataman.de/ftp/flexfancy/build/promotion/750supermarkt.png
Requested by
Host: tagataman.de
URL: https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
70f5581856f2a30616c3ee1e226c5a8942ba0de83d76721238ea347be92ab4f9

Request headers

Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
last-modified
Wed, 22 Jan 2020 14:41:41 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
336132
expires
Mon, 22 Mar 2021 11:21:08 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://tagataman.de
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:08 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:14 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:19 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://tagataman.de/campaign_1055.html?coyoteAffiliTokenId=408853195&rlmset=supermarkt_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Feb 2021 11:21:24 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| OneSignal function| $ function| jQuery boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| coregCount boolean| coregsUncovered boolean| coregSlider object| currentCoregParent number| lastPercentage number| currentPercentage object| percentInterval number| weightedCoregCount number| initProgress string| prepageProcessingMessage function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnPromoPage1 function| OnThankYouPage function| SetPromotionImage function| set_progress function| apply_coreg_highlights function| transform_tile_coregs function| DrawProgressIndicator function| DecodeBase64 function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| IsEnglishVersion function| GetLocale object| messageStrings function| Translate function| GetCookie function| SetCookie function| FinishPrepageSection function| InitPrepageQuiz string| originalContinueButtonLabel string| originalPromoImage function| InitPrepageImageSelector function| PadNumber function| FormatClockTime function| RunCountdownClock function| UpdateUserProgress function| InitTextSwitchControls function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes function| InRange function| CheckMaxAge function| FP_ShowMessage function| FP_MessageBoxIsVisible function| apply_fisherprice_coreg_changes function| apply_o2_coreg_changes function| assign_coreg_indices function| show_first_coreg function| get_coreg_container_by_index function| show_next_coreg function| hide_coreg_and_show_next function| InitGui function| ShowMessage function| ShowPromoConsentMessage function| InputValidator object| inputValidators function| VerifyInputFields function| ShowSecondRegPage number| agbNum number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor boolean| skipSecondRegPage function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| EmailAddressOnWhitelist function| SetupContinueButton function| SetupPromoConsentInfoWindow function| AssignInputProxies function| AttachShowSponsorsHandlers function| SetupSponsorsList function| AssignInputValidator function| AssignInputValidators function| CreateDefaultConfig function| ConfigureContinueButton function| DrawCoregProgressShape number| currentProgressStage number| targetProgressWidth object| coregProgressInterval function| DrawCoregProgressBar number| currentCoregStep function| UpdateCoregProgress function| GetCoregCount function| GetNextCoregId function| FinalizeCoreg object| lastSelectedRadio boolean| blitzCoregClicked function| build_radio_buttons function| InitCoregs function| ConfigureSweepstake function| ConfigureSimplePage function| OnRegistrationPage function| OnRegistrationPage1 function| OnRegistrationPage2 function| InitSweepstake function| ApplyFazTweaks function| RebuildBlitzCoreg function| IsMobileBrowser function| showArrowHint function| ModifySpiegelCoreg function| ApplyAdjustments function| ShowCoregStoerer function| HideCoregStoerer function| SetupStoerer function| SetupNewProgressbar function| AssignInputCounterparts function| HighlightErrors function| add_coreg_images function| apply_agb_coreg_changes function| apply_selection_list_coreg_changes function| apply_iframe_coreg_changes function| apply_nicey_coreg_changes function| GetCoregIdFromElement function| md5 function| RlmStat number| globalStatisticJavaSciptFunctionsLoaded string| globalAjaxUrl function| setAjaxUrl function| CopyStreetValue function| moment function| CalcCalendarWeek number| calendarWeek

2 Cookies

Domain/Path Name / Value
tagataman.de/ Name: coyoteAffiliTokenId1055
Value: 408853195
tagataman.de/ Name: PHPSESSID
Value: u7v446selsv4flmtitoq4rarv0

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
directhourshoulders-8.life
maxcdn.bootstrapcdn.com
rlmgws-data.s3-accelerate.amazonaws.com
rltools.de
tagataman.de
trk.adtrk18.com
universal-mobileapp-inventory.net
www.exklusive-preise.de
www.rlcontrol.de
www.rltools.de
130.255.79.215
185.50.248.98
2001:4de0:ac19::1:b:3b
2606:4700::6812:e134
34.247.62.153
5.189.217.43
65.9.28.174
85.13.149.2
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
26b2395f305145cbf2e02221fb72eb397b7d7c6975ae05b83adca48f8f364210
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f4103adc36eeeb59ffe9794c4fb9d4f61040132b48e85fd665cbfebd2790961
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87
6868e14ad578848c84633ef659093fb1145cf3e007fce643e4665dac9acc3f12
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69
70f5581856f2a30616c3ee1e226c5a8942ba0de83d76721238ea347be92ab4f9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84
8743024b2172a5d845ae1d13b4acaad6bf43b43f654cd28bc5c5080d11d532fa
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad
b8f439fb3caf77a98b854c0bd3d2afe2cc4f26806865a5dc66c89f79faa0566d
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77
ddda1e2ac0ccec1fe54594d5e15d6bcbed1f367b445fbd00500410abfbc70706