urlscan.io logo urlscan.io
SecurityTrails logo

www.qualifizierte-preise.de Open in urlscan Pro
2606:4700::6812:f39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
Effective URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=...
Submission Tags: falconsandbox
Submission: On June 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6812:f39, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.qualifizierte-preise.de.
TLS certificate: Issued by R3 on April 3rd 2021. Valid for: 3 months.
This is the only time www.qualifizierte-preise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.115.153.221 20773 (GODADDY)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2.16.186.179 20940 (AKAMAI-ASN1)
3 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 51.89.21.30 16276 (OVH)
2 2 52.59.30.175 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 3.127.51.194 16509 (AMAZON-02)
22 9
1    217.115.153.221 (Germany)

ASN20773 (GODADDY, DE)
news.ultima-media.com
9    2606:4700::6812:f39 (United States)

ASN13335 (CLOUDFLARENET, US)
www.qualifizierte-preise.de
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
3    2.16.186.179 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-179.deploy.static.akamaitechnologies.com
static2.creative-serving.com
3    2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
2    52.59.30.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadus.exelator.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
Domain Requested by
9 www.qualifizierte-preise.de www.qualifizierte-preise.de
4 id5-sync.com 3 redirects static2.creative-serving.com
3 ka-f.fontawesome.com kit.fontawesome.com
3 static2.creative-serving.com www.qualifizierte-preise.de
static2.creative-serving.com
2 ads.creative-serving.com 1 redirects
2 loadus.exelator.com 2 redirects
2 ice.360yield.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 pixel.rubiconproject.com
1 kit.fontawesome.com www.qualifizierte-preise.de
1 fonts.googleapis.com www.qualifizierte-preise.de
1 news.ultima-media.com 1 redirects
22 12

This site contains no links.

Subject Issuer Validity Valid
www.qualifizierte-preise.de
R3		 2021-04-03 -
2021-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
static2.creative-serving.com
R3		 2021-05-13 -
2021-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-13 -
2021-10-12		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.creative-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-23 -
2022-04-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Frame ID: 94BA2C74BAB87DC0EF908ED614B425BF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4 HTTP 302
    https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

22
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

9
IPs

4
Countries

485 kB
Transfer

692 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4 HTTP 302
    https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://id5-sync.com/i/101/8.gif?id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&fs=0&o=api&gdpr_consent=&gdpr=0 HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/101/124/7/2.gif?puid=6a862862-77dc-4a6a-b16d-12d762fae12a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F101%2F103%2F6%2F3.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F101%2F103%2F6%2F3.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/101/103/6/3.gif?puid=320a180fd7076481c87375942db0d400&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA
Request Chain 20
  • https://ads.creative-serving.com/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncResponse HTTP 302
  • https://ads.creative-serving.com/ul_cb/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncResponse

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/
Redirect Chain
  • http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
  • https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hribersc...
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8683106d33f1afbb300b2acb038e970157c703045bcf595a182c479c947f1f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.qualifizierte-preise.de
:scheme
https
:path
/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-type
text/html
vary
Accept-Encoding Accept-Encoding
last-modified
Thu, 20 Feb 2020 08:31:59 GMT
expires
Wed, 09 Jun 2021 16:40:09 GMT
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
cf-cache-status
MISS
cf-request-id
0a8e17fca1000005ed488cb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65c38f743ea305ed-FRA
content-encoding
gzip

Redirect headers

Date
Tue, 08 Jun 2021 16:40:09 GMT
Server
Apache
Location
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Grüne Mitte&zipcode=72585&city=Riederich
Connection
close
Cache-Control
max-age=7200
Expires
Tue, 08 Jun 2021 18:40:09 GMT
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-DNS-Prefetch-Control
off
Content-Length
0
Content-Type
text/html; charset=UTF-8
foundation-custom.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/foundation-custom.css
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/css/foundation-custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:31:59 GMT
server
cloudflare
etag
W/"3711812421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
cf-ray
65c38f749fab05ed-FRA
cf-request-id
0a8e17fcdd000005ed829f6000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
main.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ 		3 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af245271d7ebe82f886d6bdbc092b3c9640c58660b9cd290b190b1940148c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/css/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:31:59 GMT
server
cloudflare
etag
W/"3888393694"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
cf-ray
65c38f749fae05ed-FRA
cf-request-id
0a8e17fcde000005ed7d269000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
css
fonts.googleapis.com/ 		11 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 14:44:01 GMT
server
ESF
date
Tue, 08 Jun 2021 16:40:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Jun 2021 16:40:09 GMT
mootools-core-1.4.5-full-compat-yc.js
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/mootools-core-1.4.5-full-compat-yc.js
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/js/mootools-core-1.4.5-full-compat-yc.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:32:00 GMT
server
cloudflare
etag
W/"3091293997"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
cf-ray
65c38f749faf05ed-FRA
cf-request-id
0a8e17fcde000005ed47bb5000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
script.js
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ 		2 KB
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/script.js
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5463fb7c6a2161201535da9345108d44be9b1a7f7612d84d5fa6f0c9648cd48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/js/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:32:01 GMT
server
cloudflare
etag
W/"2369690723"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
cf-ray
65c38f749fb305ed-FRA
cf-request-id
0a8e17fcde000005ed4f1a0000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
0722a600ec.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0722a600ec.js
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6444d6ee29ad0de8c1cc977e1326915210ff54a10e996aaacb250843ff83f97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Origin
https://www.qualifizierte-preise.de
Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
MISS
strict-transport-security
max-age=31536000; preload
cf-request-id
0a8e17fcef000005f9621eb000000001
x-request-id
Foao40Lk-g-ZLsbx411h
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
65c38f74b9ea05f9-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
prize.png
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/prize.png
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce23e320279a9e57052e7479ca9c68a5aec6bbdb0fff4e31945e5d1d377547b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/images/prize.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:32:00 GMT
server
cloudflare
etag
"2435824798"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
cf-ray
65c38f75091105ed-FRA
content-length
183184
cf-request-id
0a8e17fd27000005ed5ba7d000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
loader.gif
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/loader.gif
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba85596b84eccd6b23d0c66f63bdf0f8addeeba09d8454b9c41695d00e305d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/images/loader.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:31:59 GMT
server
cloudflare
etag
"2539228571"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
cf-ray
65c38f75091a05ed-FRA
content-length
7247
cf-request-id
0a8e17fd29000005ed8525a000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
pixel_loader.js
static2.creative-serving.com/ 		527 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel_loader.js
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-179.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 08 Jun 2021 16:40:09 GMT
Last-Modified
Mon, 07 Jan 2019 15:46:58 GMT
Server
AkamaiNetStorage
ETag
"68faa1738e44f8aabb6f53cba51f29d3:1546876018"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
527
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=0722a600ec
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8e17fd3d00002b4d40bca000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CweWwlM7RitX22lI1kkNcuys%2B8Y4Z1wswi9PYq43zRjby1oNbhQ%2BGwRsOsgsWODh1TcrAmX0ZidKL%2FS8d2QwPwUzaHGWURB8QAmDtXwGa%2BVedxCz2N6SmuqFcUarOGFyuzBp%2FmtQ84VhZ58ZwOw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
65c38f7529162b4d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
UCUBReLYQhPmv9R7wdsaXiuIFj8YMdUYyPRBHJ2MY8XYkEUKl2X3pg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=0722a600ec
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8e17fd4000002b4d42b47000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PCQa99gAwU4LgQlT6TVboOMTC06mRokTJQBnGxoc%2BpLMonikpmQOZaU6lgv1AtRI1N1z7wdJ3ev6lMmpIIjqbabSC6mkogL1LTXTELXzoyDaJy0G50z73RxDo%2FdH7kpzNqireLIFdAhb7Ra8Q%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
65c38f75291f2b4d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
zX9T0JeGcWIurQVKS3TTeGUit1bQY40vPOkbUSqfyoGP3ihh9dCWJw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=0722a600ec
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8e17fd4200002b4d220a6000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Bg%2BKZxqgiJUe8XuuMclwb4Qnor80o0S8GHonO%2FTe77Bob6Obeexk5uBNMMggR9Y23cdRoJBZklhLhnZ24sGuKnu7%2FjkI73zX0medkrGKpaAtzDn%2Fnfqr%2FvtOwghBzWP45eGly12E%2Fm%2FluoAruXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
65c38f7529212b4d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
--59go2Rxzaj4dELgJJBPvTWEyzkMHooIQFNdjRZTSoJH3PaD2peJw==
bg.jpg
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/bg.jpg
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd09fdcb2259ab9499133f8fd5c508f3eb2ddf106f0ac997a9d671e28a2ecccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_supload/_prelander/138_609/images/bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
cf-cache-status
MISS
last-modified
Thu, 20 Feb 2020 08:31:59 GMT
server
cloudflare
etag
"3034559811"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
cf-ray
65c38f75091f05ed-FRA
content-length
165138
cf-request-id
0a8e17fd2a000005ed9b9e0000000001
expires
Wed, 09 Jun 2021 16:40:09 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.qualifizierte-preise.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
age
558462
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
expires
Thu, 02 Jun 2022 05:32:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.qualifizierte-preise.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 13:14:27 GMT
x-content-type-options
nosniff
age
12342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 13:14:27 GMT
pixel.js
static2.creative-serving.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel_loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-179.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee71c8139ce64b0c4c22f19eda35b90901f124b1ca715af35ee2d12087ce9ae6

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 08 Jun 2021 16:40:09 GMT
Last-Modified
Tue, 23 Feb 2021 15:51:24 GMT
Server
AkamaiNetStorage
ETag
"7fdc90b2b99cc429a9a50bfd40e26ad7:1614095484.086727"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2684
global.pl
www.qualifizierte-preise.de/cgi-bin/ 		77 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qualifizierte-preise.de/cgi-bin/global.pl?todo=log_clicks_prelander&source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Requested by
Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/cgi-bin/global.pl?todo=log_clicks_prelander&source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.qualifizierte-preise.de
referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:40:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-map-context
de
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/gif
cf-ray
65c38f75cc8d05ed-FRA
content-length
77
cf-request-id
0a8e17fdbf000005ed93349000000001
x-served-by
a-04
id5-api-2.js
static2.creative-serving.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/id5-api-2.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-179.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 08 Jun 2021 16:40:09 GMT
Last-Modified
Tue, 16 Feb 2021 09:21:12 GMT
Server
AkamaiNetStorage
ETag
"43e554f8c9787fa63a85955c07ba1918:1613467272.324637"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33888
101.json
id5-sync.com/g/v2/ 		546 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/101.json
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/id5-api-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9a60fa6a5e9d3a745b1085bf3e1eb58e1d8eb5cdf60876a107260a17f66e31c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 08 Jun 2021 16:40:10 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.qualifizierte-preise.de
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://id5-sync.com/i/101/8.gif?id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&fs=0&o=api&gdpr_consent=&gdpr=0
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F7%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F7%2F2.gif%3Fp...
  • https://id5-sync.com/cq/101/124/7/2.gif?puid=6a862862-77dc-4a6a-b16d-12d762fae12a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F101%2F103%2F6%2F3.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F101%2F103%2F6%2F3.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/101/103/6/3.gif?puid=320a180fd7076481c87375942db0d400&gdpr=1&gdpr_consent=
  • https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA
Date
Tue, 08 Jun 2021 16:40:11 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ads.creative-serving.com/ul_cb/
Redirect Chain
  • https://ads.creative-serving.com/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncResponse
  • https://ads.creative-serving.com/ul_cb/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncR...
89 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.creative-serving.com/ul_cb/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncResponse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.51.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5f93e7bd7aaa9cfecaf35c23999aa6962d04def56d498d8ce34cd45d31a287ce

Request headers

Referer
https://www.qualifizierte-preise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 08 Jun 2021 16:40:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript

Redirect headers

Location
https://ads.creative-serving.com/ul_cb/pixel?id=3155415&id5id=ID5-ZHMO8Zuci1Pf9_pQ_5Ra4Fc50d2wZXium-v7j3fwDA!ID5*YgMEusnQ1X5rlL4PaLTdr9gccCTl-yyNltCiDrc8ufkAANxmzi1EjAYKbDIJtYgt&type=jsonp&cb=syncResponse
Date
Tue, 08 Jun 2021 16:40:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $pick function| $try function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff function| show_next_question function| fadeing object| FontAwesomeKitConfig string| __to object| p161 string| para string| href function| get_url_parameters object| id5Script object| ID5 function| syncResponse function| fire

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
fonts.googleapis.com
fonts.gstatic.com
ice.360yield.com
id5-sync.com
ka-f.fontawesome.com
kit.fontawesome.com
loadus.exelator.com
news.ultima-media.com
pixel.rubiconproject.com
static2.creative-serving.com
www.qualifizierte-preise.de
2.16.186.179
217.115.153.221
2606:4700::6812:1734
2606:4700::6812:f39
2606:4700:e6::ac40:cb1c
2a00:1450:4001:809::2003
2a00:1450:4001:831::200a
3.127.51.194
34.254.143.3
51.89.21.30
52.59.30.175
69.173.144.138
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
5f93e7bd7aaa9cfecaf35c23999aa6962d04def56d498d8ce34cd45d31a287ce
6444d6ee29ad0de8c1cc977e1326915210ff54a10e996aaacb250843ff83f97f
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
8683106d33f1afbb300b2acb038e970157c703045bcf595a182c479c947f1f90
8af245271d7ebe82f886d6bdbc092b3c9640c58660b9cd290b190b1940148c08
93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670
9a60fa6a5e9d3a745b1085bf3e1eb58e1d8eb5cdf60876a107260a17f66e31c3
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb
ba85596b84eccd6b23d0c66f63bdf0f8addeeba09d8454b9c41695d00e305d83
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce23e320279a9e57052e7479ca9c68a5aec6bbdb0fff4e31945e5d1d377547b4
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
dd09fdcb2259ab9499133f8fd5c508f3eb2ddf106f0ac997a9d671e28a2ecccc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5463fb7c6a2161201535da9345108d44be9b1a7f7612d84d5fa6f0c9648cd48
ee71c8139ce64b0c4c22f19eda35b90901f124b1ca715af35ee2d12087ce9ae6