Submitted URL: https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-K...
Effective URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Submission: On December 16 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 5 countries across 12 domains to perform 54 HTTP transactions. The main IP is 217.160.0.216, located in Germany and belongs to IONOS-AS IONOS SE, DE. The main domain is www.hcinema.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on May 30th 2024. Valid for: a year.
This is the only time www.hcinema.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.4 39572 (ADVANCEDH...)
5 139.45.196.64 9002 (RETN-AS R...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 104.18.23.222 13335 (CLOUDFLAR...)
2 8 104.18.22.222 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 52.53.88.18 16509 (AMAZON-02)
4 6 3.73.249.248 16509 (AMAZON-02)
1 1 3.66.53.110 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
3 37 217.160.0.216 8560 (IONOS-AS ...)
1 2a02:26f0:710... 20940 (AKAMAI-AS...)
54 10
Apex Domain
Subdomains
Transfer
37 hcinema.de
www.hcinema.de
447 KB
9 vurtaichu.net
vurtaichu.net
18 KB
6 clcktrck.com
clcktrck.com — Cisco Umbrella Rank: 159985
3 KB
5 leikovoleikamarada.com
leikovoleikamarada.com — Cisco Umbrella Rank: 908885
16 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 lotwiliticate.com
28904058-28768-ex.lotwiliticate.com
4 KB
1 idealo.com
img.idealo.com — Cisco Umbrella Rank: 192862
6 KB
1 guenstiger.de
suche.guenstiger.de — Cisco Umbrella Rank: 770033
1 KB
1 discountheld.de
discountheld.de — Cisco Umbrella Rank: 408461
2 KB
1 shoptastic.io
www.shoptastic.io — Cisco Umbrella Rank: 279931
338 B
1 share365.net
www.share365.net — Cisco Umbrella Rank: 481928
3 KB
0 google.com Failed
ads.google.com Failed
54 12
Domain Requested by
37 www.hcinema.de 3 redirects www.hcinema.de
9 vurtaichu.net 2 redirects leikovoleikamarada.com
vurtaichu.net
6 clcktrck.com 4 redirects www.shoptastic.io
5 leikovoleikamarada.com 28904058-28768-ex.lotwiliticate.com
leikovoleikamarada.com
2 my.rtmark.net leikovoleikamarada.com
vurtaichu.net
2 28904058-28768-ex.lotwiliticate.com 1 redirects
1 img.idealo.com www.hcinema.de
1 suche.guenstiger.de 1 redirects
1 discountheld.de 1 redirects
1 www.shoptastic.io
1 www.share365.net 1 redirects
0 ads.google.com Failed 28904058-28768-ex.lotwiliticate.com
54 12
Subject Issuer Validity Valid
*.lotwiliticate.com
R10
2024-12-05 -
2025-03-05
3 months crt.sh
leikovoleikamarada.com
R11
2024-10-01 -
2024-12-30
3 months crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
vurtaichu.net
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
shoptastic.io
Amazon RSA 2048 M03
2024-10-06 -
2025-11-05
a year crt.sh
clcktrck.com
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.hcinema.de
Encryption Everywhere DV TLS CA - G2
2024-05-30 -
2025-06-14
a year crt.sh
idealo.de
R10
2024-10-29 -
2025-01-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.hcinema.de/lampen/shop.php?id=n2789
Frame ID: BB3C42BE475C4504D42A1CC375FB18EB
Requests: 60 HTTP requests in this frame

Screenshot

Page Title

Ersatzlampe PHILIPS NLMP2793 für 55PL9524-37 - Nackte Philips Lampe

Page URL History Show full URLs

  1. https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9... Page URL
  2. https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9... HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x Page URL
  4. https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rdc/de?subId=892514888222777667_N&country=DE&campaignid=8543903 HTTP 302
    https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE... Page URL
  5. https://clcktrck.com/de/s/red_u_plain.php?uid=303069444&t=direct&s=22214&pub=10443&d=hcinema.de HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5f... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5f... HTTP 302
    https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5f... Page URL
  6. https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5f... HTTP 302
    https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3407293829&origin=noctemque_nextag_traffic&p... HTTP 302
    https://www.hcinema.de/lampen/index.php?id=n2789&m=7 HTTP 302
    https://www.hcinema.de/lampen/shop.php?id=n2789 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

10
IPs

5
Countries

480 kB
Transfer

601 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
  2. https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2228%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Dec%2016%202024%2014%3A27%3A29%20GMT%2B0100%20(Mitteleurop%C3%A4ische%20Normalzeit)%22%2C%22-60%22%2C%22de-DE%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x Page URL
  4. https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rdc/de?subId=892514888222777667_N&country=DE&campaignid=8543903 HTTP 302
    https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903 Page URL
  5. https://clcktrck.com/de/s/red_u_plain.php?uid=303069444&t=direct&s=22214&pub=10443&d=hcinema.de HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cffee6026a14ff04760647963894ee8e5f65caa6c70ca684de7570e9074c19f14b3 HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94 HTTP 302
    https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvOTM1ZmRlZDQ0ZGUyNjBkMTNlMWY0ZDZjNzI2NWFjYTFmMTdkMGVhNGU1ZmExYTRkYjRmMjY2Mzg4OTAxZTZlYzJkMmYxN2FmZGQ1YTlkYWYxYWVmMzg5NGMxYjliOGU4ZmQ3ZTRlYzA1NDBmYTk2ZWUwYzJiZmJhNmJiYTMxYjNkMDFlZjEzNTU5NmJkODExMmE4NDNjM2ViZmEyOTRkMzBjZWI1ODhmNWQyYWM0NzA4NWViZmY0YzM0YTUxY2ZmNGIxZjAyYzQ1NmRhOTRmYjJkNmY1MmFkZTNkYzU2MjljMDc4NzE1OGNkNzI3MTBmZTJiNWQ3MzFhYTY2YWE5ND9tPTE%253D HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=1 Page URL
  6. https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=2 HTTP 302
    https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3407293829&origin=noctemque_nextag_traffic&p=361525&clickSource=ea2092f2c1f16b5803e52c931887d5d1 HTTP 302
    https://www.hcinema.de/lampen/index.php?id=n2789&m=7 HTTP 302
    https://www.hcinema.de/lampen/shop.php?id=n2789 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2228%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Dec%2016%202024%2014%3A27%3A29%20GMT%2B0100%20(Mitteleurop%C3%A4ische%20Normalzeit)%22%2C%22-60%22%2C%22de-DE%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Request Chain 8
  • https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
  • https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Request Chain 15
  • https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
  • https://www.share365.net/vip/rdc/de?subId=892514888222777667_N&country=DE&campaignid=8543903 HTTP 302
  • https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
Request Chain 17
  • https://clcktrck.com/de/s/red_u_plain.php?uid=303069444&t=direct&s=22214&pub=10443&d=hcinema.de HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cffee6026a14ff04760647963894ee8e5f65caa6c70ca684de7570e9074c19f14b3 HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94 HTTP 302
  • https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvOTM1ZmRlZDQ0ZGUyNjBkMTNlMWY0ZDZjNzI2NWFjYTFmMTdkMGVhNGU1ZmExYTRkYjRmMjY2Mzg4OTAxZTZlYzJkMmYxN2FmZGQ1YTlkYWYxYWVmMzg5NGMxYjliOGU4ZmQ3ZTRlYzA1NDBmYTk2ZWUwYzJiZmJhNmJiYTMxYjNkMDFlZjEzNTU5NmJkODExMmE4NDNjM2ViZmEyOTRkMzBjZWI1ODhmNWQyYWM0NzA4NWViZmY0YzM0YTUxY2ZmNGIxZjAyYzQ1NmRhOTRmYjJkNmY1MmFkZTNkYzU2MjljMDc4NzE1OGNkNzI3MTBmZTJiNWQ3MzFhYTY2YWE5ND9tPTE%253D HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=1
Request Chain 25
  • https://www.hcinema.de/lampen/spracheen.png HTTP 301
  • https://www.hcinema.de/lampen/pracheen.png
Request Chain 36
  • https://www.hcinema.de/lampen/1punkteeol.gif HTTP 301
  • https://www.hcinema.de/lampen/1punkteol.gif

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ
28904058-28768-ex.lotwiliticate.com/
8 KB
3 KB
Document
General
Full URL
https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.4 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Mon, 16 Dec 2024 13:27:29 GMT
expires
Mon, 16 Dec 2024 13:27:29 UTC
last-modified
Mon, 16 Dec 2024 13:27:29 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/
0
0

link
leikovoleikamarada.com/
Redirect Chain
  • https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%...
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
31 KB
15 KB
Document
General
Full URL
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Requested by
Host: 28904058-28768-ex.lotwiliticate.com
URL: https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
6ed653b46e4526804308663317d778c64e07d67bf24ee84989464baca6ca8090
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 16 Dec 2024 13:27:29 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 16 Dec 2024 13:27:29 GMT
expires
Mon, 16 Dec 2024 13:27:29 UTC
last-modified
Mon, 16 Dec 2024 13:27:29 UTC
location
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
img.gif
my.rtmark.net/
43 B
889 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081343e6ac247dff2bd730e68613191&z=7205186&p_rid=563cbe2d-470d-4825-b91a-24d7b42aaa83&p_src=sf
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koj0q5QAgJj79ASWiJFFhiko%2Bj5qn9OFKXNOeWx2zc6SlFVcSmwv3B0TYzoppoj7qQh5b6rk9ut%2BoAFEqyDkQRT8XgZ6XYV4yqnshHhYDChV2H2sD2X7ct1MUndPLV9UtdG3JXhFF7dZXlKH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22460&min_rtt=21920&rtt_var=5162&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4147&recv_bytes=4464&delivery_rate=26596&cwnd=12000&unsent_bytes=0&cid=d8817270ff225d64&ts=134&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f2f02dd0dcb9143-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
vurtaichu.net/
43 B
662 B
Image
General
Full URL
https://vurtaichu.net/sftouch?userId=0081343e6ac247dff2bd730e68613191&z=7205186&p_rid=563cbe2d-470d-4825-b91a-24d7b42aaa83&p_src=sf&branchId=0&rb=TMObNslEX7pFfEz0eBRWbfmRIEi__xUlUi9m5-qHLeXBdZjB8vXceX-L-uKFcTB3l6sEhhta8TOCTY_CPlypaiGvgBbxR33sj8KjAuEHRP-S59sx4qu6C3fOeV5WzwXus7rkr7-efUuNsb4A2_iGQm5hzyW3Vt5JVvvRskNexRfDNMZrYTFRwBO_u3GGSiGPsrION7fvgMsXSq5UUDP8_mfnJ_DqgJWatzxXP6zb-kVkcg8n-OU3aR5swb85spiMRJ0m21AY0UDNRnwm39oyAszE7dGNbU2E5WNJPhjVsjXnsVqXjVKam4hJgpwRSHTw4yAWe4_PLn_1k65y1iQSpySSeh5gz5Tmja7dUnUZYaTEwF-eUh9iX4wCHJoMj4OXkLJWWRYfEd6EL9wAzdxXewjLGXkOMGKBfeazodON58GJ3jJwwIvd1nptGvMO8iINk-Gh0nThKCQ1tCe6iRQFUYJ32K7Kx9Fkqs9q1LNMcyPTfqIl4-hQ3p_L4-j-yXuUFLZv-bdxozqPNk5CLwuW4nNwedEAyRSGT_Vtsz-Fc6EEdkEhWpSgxWPHMJpAMqWMK_VhcuRGVgaSFrFbbjiLF7Cd31CoGKOSq0Wjogw49LYbKb9lE2mU-wbR6kN26v5hdVLVgVejvrgNAoLMSwH3AV9pvDRUu201zBK7xYybHei0tgKP4Pr7EgleUs1N9yR7TWpy5abm-gES7Qnvhkza1oSfanesr6pvCLsX2-lZOMDE3iIyNNeKoDS0zNIBplOEXdGnVN6OrJs=&w_img=1
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
e6d15e39184b90357f3c2de8af95e219
cf-ray
8f2f02dd7be7377c-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/log/
12 B
390 B
XHR
General
Full URL
https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=563cbe2d-470d-4825-b91a-24d7b42aaa83
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
12
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
leikovoleikamarada.com/async_log/
0
344 B
XHR
General
Full URL
https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=563cbe2d-470d-4825-b91a-24d7b42aaa83
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
0
date
Mon, 16 Dec 2024 13:27:30 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
leikovoleikamarada.com/
0
150 B
Other
General
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Mon, 16 Dec 2024 13:27:30 GMT
pragma
public
server
nginx
6118780
vurtaichu.net/4/
Redirect Chain
  • https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false
  • https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
31 KB
14 KB
Document
General
Full URL
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c26178e26666aa7335287e823eb8f860f64e99581c3357531c662b76d528344
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://leikovoleikamarada.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f2f02deb8953826-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 16 Dec 2024 13:27:30 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://leikovoleikamarada.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f2f02de483a3826-FRA
content-length
0
date
Mon, 16 Dec 2024 13:27:30 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://vurtaichu.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
a07e1157652689c60238ffbd0f26861f
favicon.ico
leikovoleikamarada.com/
0
0
Other
General
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Mon, 16 Dec 2024 13:27:30 GMT
pragma
public
server
nginx
img.gif
my.rtmark.net/
43 B
893 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081345ec8ba4774eea83224c1a477f0&z=6118780&p_rid=a52434e5-25b1-4c6a-8d20-2901fadec211&p_src=sf
Requested by
Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vurtaichu.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BOtqj3h2gvTO69XBFpzDvthsWGwUXSI8yG4UyFoTY3mR5CK%2F3lZgtmeX%2B2wi7NRDfsJFS37pVg7hPDAmhvzV%2FbkJA0Kk2uDVzw%2BXbCznAbkW5FPA6XlaSRXdnbXmme35X78hZVOlM3%2B82YV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21837&min_rtt=21557&rtt_var=4771&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4445&delivery_rate=26997&cwnd=12000&unsent_bytes=0&cid=a1c6e4ea33929106&ts=59&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f2f02e00eab1c3a-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
vurtaichu.net/
43 B
598 B
Image
General
Full URL
https://vurtaichu.net/sftouch?userId=0081345ec8ba4774eea83224c1a477f0&z=6118780&p_rid=a52434e5-25b1-4c6a-8d20-2901fadec211&p_src=sf&branchId=0&rb=qXJffBVoY3hd6Cj071Gs2djbjajNUcdqZdbkn0Iq16ZhQVKd4hd23o2RSszVis2swumKHcF8KPsCTP3xfK1S0u8iW_HWM6fATGVKc2tizsYMafGhbM03ruxhG0vpk6F75RdtI4ZAzH2CrUKp_lb_qq_9AANAimpN7Qqbjj89CEI5e4r1xsc045hUTuVghAzmjyigWrElkJiauRS6iD4ndVez6GK9IgW9JUu3C81Bw_sieyMWvoPTabFUt11f3bW9DPZQhqvr4OwRWEfyce-3GSZ79KScAbAKQLGkeybMxst9kq0odQzxAQXY59s=&w_img=1
Requested by
Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
20d65ae7be8cb9323bb0b6af0f0f6718
cf-ray
8f2f02e0091bdbe2-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
vurtaichu.net/log/
12 B
333 B
XHR
General
Full URL
https://vurtaichu.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a52434e5-25b1-4c6a-8d20-2901fadec211
Requested by
Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x

Response headers

cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:27:30 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
cf-ray
8f2f02e07a26dbe2-FRA
access-control-allow-origin
https://vurtaichu.net
content-length
12
server
cloudflare
add
vurtaichu.net/async_log/
0
289 B
XHR
General
Full URL
https://vurtaichu.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a52434e5-25b1-4c6a-8d20-2901fadec211
Requested by
Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8f2f02e07a40dbe2-FRA
access-control-allow-origin
https://vurtaichu.net
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:27:30 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
vurtaichu.net/
0
212 B
Other
General
Full URL
https://vurtaichu.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1072682
cf-ray
8f2f02e07a44dbe2-FRA
expires
Thu, 14 Dec 2034 13:27:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:27:30 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
hcinema-de-de-cpc
www.shoptastic.io/de/store/
Redirect Chain
  • https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false
  • https://www.share365.net/vip/rdc/de?subId=892514888222777667_N&country=DE&campaignid=8543903
  • https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
136 B
338 B
Document
General
Full URL
https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4a9610277352d5c33d5506682a244c505b65c45b647c3d8b65300755eaf998dc

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://vurtaichu.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Mon, 16 Dec 2024 13:27:31 GMT
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8f2f02e27965a079-FRA
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 13:27:30 GMT
location
https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbtlL6xQxsKXzY1uBOgWZa5bhhL1hWIMNUdAwSbXebSfJ2VuQjnhzOM6E93%2Bgg1%2B8fUHnp%2FOGD1%2BhcrKdx5ko72Ld9BhzyjLbOvT45dtuMppG93b7eQtf8eoT%2BVuLiTONPZtPG7vy2rBst%2Fy6ho%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=20132&min_rtt=20036&rtt_var=3287&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2369&delivery_rate=195985&cwnd=253&unsent_bytes=0&cid=a0865f94f8d64f30&ts=86&x=0"
strict-transport-security
max-age=31536000
favicon.ico
vurtaichu.net/
0
0
Other
General
Full URL
https://vurtaichu.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vurtaichu.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1072682
cf-ray
8f2f02e07a44dbe2-FRA
expires
Thu, 14 Dec 2034 13:27:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:27:30 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f0...
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain
  • https://clcktrck.com/de/s/red_u_plain.php?uid=303069444&t=direct&s=22214&pub=10443&d=hcinema.de
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd81...
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd81...
  • https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvOTM1ZmRlZDQ0ZGUyNjBkMTNlMWY0ZDZjNzI2NWFjYTFmMTdkMGVhNGU1ZmExYTRkYjRmMjY2Mzg4OTAxZTZlYzJkM...
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd81...
548 B
669 B
Document
General
Full URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=1
Requested by
Host: www.shoptastic.io
URL: https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.shoptastic.io/de/store/hcinema-de-de-cpc?pubId=10439&subId=892514888222777667_N&country=DE&campaignid=8543903
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Dec 2024 13:27:32 GMT
Referrer-Policy
origin
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 13:27:32 GMT
location
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=1
referrer-policy
origin
server
nginx/1.18.0 (Ubuntu)
Primary Request shop.php
www.hcinema.de/lampen/
Redirect Chain
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd81...
  • https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3407293829&origin=noctemque_nextag_traffic&p=361525&clickSource=ea2092f2c1f16b5803e52c931887d5d1
  • https://www.hcinema.de/lampen/index.php?id=n2789&m=7
  • https://www.hcinema.de/lampen/shop.php?id=n2789
110 KB
19 KB
Document
General
Full URL
https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache / PHP/8.2.26
Resource Hash
6cc43ccabc1f4a95c96fcc60076e5c2eceb95ccec474d4a8328d3d523f5c7f95

Request headers

Referer
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/935fded44de260d13e1f4d6c7265aca1f17d0ea4e5fa1a4db4f266388901e6ec2d2f17afdd5a9daf1aef3894c1b9b8e8fd7e4ec0540fa96ee0c2bfba6bba31b3d01ef135596bd8112a843c3ebfa294d30ceb588f5d2ac47085ebff4c34a51cff4b1f02c456da94fb2d6f52ade3dc5629c0787158cd72710fe2b5d731aa66aa94?m=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=iso-8859-1
date
Mon, 16 Dec 2024 13:27:32 GMT
server
Apache
x-powered-by
PHP/8.2.26

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 16 Dec 2024 13:27:32 GMT
location
shop.php?id=n2789
server
Apache
x-powered-by
PHP/8.2.26
favicon.ico
clcktrck.com/
0
230 B
Other
General
Full URL
https://clcktrck.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clcktrck.com/

Response headers

ETag
"645a16d2-0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Date
Mon, 16 Dec 2024 13:27:32 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 09 May 2023 09:48:02 GMT
Server
nginx
scripts-shop.js
www.hcinema.de/lampen/
2 KB
2 KB
Script
General
Full URL
https://www.hcinema.de/lampen/scripts-shop.js?rev=4711
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
9d2aaddd6f31c125d6d0e5528ae9bc830f7f2645805883638418d47bdf0c40c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
2021
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"7e5-570de084f0400"
content-type
text/javascript
last-modified
Fri, 13 Jul 2018 09:23:28 GMT
server
Apache
cssv2.css
www.hcinema.de/lampen/
6 KB
6 KB
Stylesheet
General
Full URL
https://www.hcinema.de/lampen/cssv2.css
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
cdb2af51d885bb2bc1aa51b5a3cec52a14dcd9356d9cbe0c2b5ff677d2dddae2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
6340
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"18c4-60ace6ddcedc0"
content-type
text/css
last-modified
Thu, 23 Nov 2023 09:26:23 GMT
server
Apache
jquery-1.10.2.js
www.hcinema.de/lampen/
85 KB
86 KB
Script
General
Full URL
https://www.hcinema.de/lampen/jquery-1.10.2.js
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
87535
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"155ef-6258a24e08134"
content-type
text/javascript
last-modified
Mon, 28 Oct 2024 14:18:34 GMT
server
Apache
schloss.png
www.hcinema.de/lampen/
3 KB
3 KB
Image
General
Full URL
https://www.hcinema.de/lampen/schloss.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1d4d863c38271c2a309adcef54eaea4f46ed7287cb06b53f6fc94de9eae5d514

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
3115
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"c2b-56df4e7fb30c0"
content-type
image/png
last-modified
Wed, 06 Jun 2018 08:25:15 GMT
server
Apache
logohandy.jpg
www.hcinema.de/lampen/
14 KB
14 KB
Image
General
Full URL
https://www.hcinema.de/lampen/logohandy.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2a8b24e662ba7917d5bb20a27ebc7414e096c6b80094d094cb3c2d4de4af3502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
14632
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"3928-546fbafa33e40"
content-type
image/jpeg
last-modified
Thu, 26 Jan 2017 09:08:01 GMT
server
Apache
suchelos.png
www.hcinema.de/lampen/
1 KB
1 KB
Image
General
Full URL
https://www.hcinema.de/lampen/suchelos.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
be2a0a0b3051214a6036988303a98e858c28c0767c866d812ccbadb99386ea45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1148
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"47c-546fbb15dbf80"
content-type
image/png
last-modified
Thu, 26 Jan 2017 09:08:30 GMT
server
Apache
pracheen.png
www.hcinema.de/lampen/
Redirect Chain
  • https://www.hcinema.de/lampen/spracheen.png
  • https://www.hcinema.de/lampen/pracheen.png
5 KB
5 KB
Image
General
Full URL
https://www.hcinema.de/lampen/pracheen.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e0a346eb8b0465305d090ae1b871c39ac6747a49656d34e40ea322872b7760c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
4885
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"1315-54c54ed139280"
content-type
image/png
last-modified
Tue, 04 Apr 2017 10:42:02 GMT
server
Apache

Redirect headers

location
https://www.hcinema.de/lampen/pracheen.png
content-length
250
date
Mon, 16 Dec 2024 13:27:32 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
hcinemamenuelogo.png
www.hcinema.de/lampen/
12 KB
12 KB
Image
General
Full URL
https://www.hcinema.de/lampen/hcinemamenuelogo.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
333834b8926d13eb0141bc30350094c0fa5983eb302e7ac325b96033dd417025

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
12576
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"3120-546e7db963fc0"
content-type
image/png
last-modified
Wed, 25 Jan 2017 09:28:39 GMT
server
Apache
zahlungen.png
www.hcinema.de/lampen/
28 KB
28 KB
Image
General
Full URL
https://www.hcinema.de/lampen/zahlungen.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1793c4c31d9c985f4bd465d5ac0accf705232f88e908142348c9c1dad51b14a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
28468
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"6f34-60e9579952f40"
content-type
image/png
last-modified
Wed, 10 Jan 2024 11:10:13 GMT
server
Apache
5sterne-klein.png
www.hcinema.de/lampen/
3 KB
3 KB
Image
General
Full URL
https://www.hcinema.de/lampen/5sterne-klein.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
898f682ff450f5670966cd5985f227f71bace1036c9f64c508f0e34436da5e68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
3009
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"bc1-4bb33a53ff140"
content-type
image/png
last-modified
Wed, 14 Mar 2012 13:06:37 GMT
server
Apache
e-index-lager.png
www.hcinema.de/lampen/
91 KB
91 KB
Image
General
Full URL
https://www.hcinema.de/lampen/e-index-lager.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
ae3f126f3b36d6b08872b854b4300ce44ad5284f68f9d1db2880574789167283

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
92760
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"16a58-5471133c33300"
content-type
image/png
last-modified
Fri, 27 Jan 2017 10:48:12 GMT
server
Apache
s1_rating_extern2.png
img.idealo.com/folder/Shop/25/2/25226/
6 KB
6 KB
Image
General
Full URL
https://img.idealo.com/folder/Shop/25/2/25226/s1_rating_extern2.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:879b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3016702b5f3aa3c1f593d53f78003639660ccd8bdbcabda7edf5bf8e2754ac9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/

Response headers

x-robots-tag
noindex
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 16 Dec 2024 13:27:33 GMT
apigw-requestid
C4evxhz_liAEJug=
content-length
6190
x-amz-cf-id
dCCT_aIOkihd7Zlj0lArxepYc93XnWWHnfkZmIcGwrM6UPhx5an9wg==
date
Mon, 16 Dec 2024 13:27:33 GMT
content-type
image/png
x-amz-cf-pop
FRA56-P10
facebook-impressum-k.jpg
www.hcinema.de/lampen/
2 KB
2 KB
Image
General
Full URL
https://www.hcinema.de/lampen/facebook-impressum-k.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
4c6d5cd443b1fdab6f5a9548488a77ce55f1144c7ec54bfd976475b79227ab4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1596
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"63c-48d6412c52a80"
content-type
image/jpeg
last-modified
Mon, 09 Aug 2010 13:34:18 GMT
server
Apache
twitter_logo-impressum-k.jpg
www.hcinema.de/lampen/
2 KB
2 KB
Image
General
Full URL
https://www.hcinema.de/lampen/twitter_logo-impressum-k.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
68e6937b1bfc5d3803a2e25c5742ffa6231ba0f1808394993aa295a76b281092

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1737
date
Mon, 16 Dec 2024 13:27:32 GMT
etag
"6c9-546fbe9838700"
content-type
image/jpeg
last-modified
Thu, 26 Jan 2017 09:24:12 GMT
server
Apache
youtube.jpg
www.hcinema.de/lampen/
2 KB
2 KB
Image
General
Full URL
https://www.hcinema.de/lampen/youtube.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a546bd2209dc4cf50d61941d674434b072ead54ae4378ab5a30d2205b7981ae2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1929
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"789-546fbe97444c0"
content-type
image/jpeg
last-modified
Thu, 26 Jan 2017 09:24:11 GMT
server
Apache
iconl.jpg
www.hcinema.de/lampen/
483 B
629 B
Image
General
Full URL
https://www.hcinema.de/lampen/iconl.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8b1354a2e43703bb23329ca8f0cf6e5b07ba16ebc589e70db0d726ad78ddb690

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
483
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"1e3-4c8df7d0b5700"
content-type
image/jpeg
last-modified
Tue, 04 Sep 2012 12:35:08 GMT
server
Apache
1punkte.gif
www.hcinema.de/lampen/
521 B
666 B
Image
General
Full URL
https://www.hcinema.de/lampen/1punkte.gif
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f2e316d39855cf84310af185f3fbfc01d81f8579a51bdfebdcb56b520e76b3d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
521
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"209-46e1b7b5234c0"
content-type
image/gif
last-modified
Tue, 07 Jul 2009 10:56:59 GMT
server
Apache
1punkteol.gif
www.hcinema.de/lampen/
Redirect Chain
  • https://www.hcinema.de/lampen/1punkteeol.gif
  • https://www.hcinema.de/lampen/1punkteol.gif
329 B
474 B
Image
General
Full URL
https://www.hcinema.de/lampen/1punkteol.gif
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
5132515b987e3964d8472eadd5ad87b8fe3eb5e9bd673f9289c56eb1ed6481c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
329
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"149-54eaf52cd8fc0"
content-type
image/gif
last-modified
Thu, 04 May 2017 09:23:19 GMT
server
Apache

Redirect headers

location
https://www.hcinema.de/lampen/1punkteol.gif
content-length
251
date
Mon, 16 Dec 2024 13:27:33 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
CIMG9314.jpg
www.hcinema.de/lampen/bilderg/
34 KB
34 KB
Image
General
Full URL
https://www.hcinema.de/lampen/bilderg/CIMG9314.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f88d95762af0c752392bc6b9ac99c1b72773f66434817382abe64bc0b17b81f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
35012
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"88c4-4bbd506c75ec0"
content-type
image/jpeg
last-modified
Thu, 22 Mar 2012 13:38:43 GMT
server
Apache
bulbonly-de.jpg
www.hcinema.de/lampen/
64 KB
64 KB
Image
General
Full URL
https://www.hcinema.de/lampen/bulbonly-de.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7b1ccdfe525065547aa7866272cf40ff7c81b62b06ba3951fe30aaeba3191ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
65177
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"fe99-5ba09b7856d00"
content-type
image/jpeg
last-modified
Fri, 29 Jan 2021 13:09:40 GMT
server
Apache
index-4.png
www.hcinema.de/lampen/
19 KB
19 KB
Image
General
Full URL
https://www.hcinema.de/lampen/index-4.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0e2080cb056e56a529183e0a6a810cf4a4d9fdfd71ae06be9cba60b7c29a2fd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
19285
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"4b55-546fbb0e3ad80"
content-type
image/png
last-modified
Thu, 26 Jan 2017 09:08:22 GMT
server
Apache
verlaufseite2.png
www.hcinema.de/lampen/
3 KB
3 KB
Image
General
Full URL
https://www.hcinema.de/lampen/verlaufseite2.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
88a3b9f919b2d9db6dcfdab1e1fa59b5436d9304cb979e78991d8d74e07fc858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
2836
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"b14-546fbaf19ea00"
content-type
image/png
last-modified
Thu, 26 Jan 2017 09:07:52 GMT
server
Apache
kasse.png
www.hcinema.de/lampen/
3 KB
4 KB
Image
General
Full URL
https://www.hcinema.de/lampen/kasse.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b03fafc978971cc96663ef28f2cf4029d53dd233dddeda707c429b134690078f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
3538
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"dd2-5479a2bcdda40"
content-type
image/png
last-modified
Fri, 03 Feb 2017 06:12:49 GMT
server
Apache
sucheanf.png
www.hcinema.de/lampen/
289 B
434 B
Image
General
Full URL
https://www.hcinema.de/lampen/sucheanf.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0391146c0a3a3ad6957bd041f0b6ec1a8b565c4a19934ff85732a663141a9af0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
289
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"121-546fbb15dbf80"
content-type
image/png
last-modified
Thu, 26 Jan 2017 09:08:30 GMT
server
Apache
warenkorbot.png
www.hcinema.de/lampen/
5 KB
5 KB
Image
General
Full URL
https://www.hcinema.de/lampen/warenkorbot.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a2b8cdeb2c634bf0197a53f948a37ea0bc92cd858343829a5e81fd5b6c073c20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
4951
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"1357-54828fd881940"
content-type
image/png
last-modified
Fri, 10 Feb 2017 08:36:13 GMT
server
Apache
tabo.png
www.hcinema.de/lampen/
2 KB
2 KB
Image
General
Full URL
https://www.hcinema.de/lampen/tabo.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
c29f6222ff09e75f2711fc8ea3fed93cf6a8c960fbda8edd0c2208191dfc8402

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1568
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"620-5479a2c1a2580"
content-type
image/png
last-modified
Fri, 03 Feb 2017 06:12:54 GMT
server
Apache
tabm.png
www.hcinema.de/lampen/
154 B
298 B
Image
General
Full URL
https://www.hcinema.de/lampen/tabm.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
94912e24b33baa1d07c607f632930c8294fbd2a658069432acf6785961dac59b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
154
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"9a-5479a2c1a2580"
content-type
image/png
last-modified
Fri, 03 Feb 2017 06:12:54 GMT
server
Apache
vorteil.gif
www.hcinema.de/lampen/
120 B
265 B
Image
General
Full URL
https://www.hcinema.de/lampen/vorteil.gif
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/cssv2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7ff4cfe3fc9714c88051bcef2ca9ca7618bdbf3742f8a97fde0a5dfc692bda85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/cssv2.css

Response headers

accept-ranges
bytes
content-length
120
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"78-546fbb1f65600"
content-type
image/gif
last-modified
Thu, 26 Jan 2017 09:08:40 GMT
server
Apache
tabu.png
www.hcinema.de/lampen/
2 KB
2 KB
Image
General
Full URL
https://www.hcinema.de/lampen/tabu.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
9fe25cb5453a73a8e30f0d92e9111f77b656931f38742393976e5d2592c6c7ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1693
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"69d-5479a2c1a2580"
content-type
image/png
last-modified
Fri, 03 Feb 2017 06:12:54 GMT
server
Apache
hintergrund.jpg
www.hcinema.de/lampen/
4 KB
4 KB
Image
General
Full URL
https://www.hcinema.de/lampen/hintergrund.jpg
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
74a512228db952185b927d1eb3c2ccd36ca007e94dcc3b8298b1155ffbb64d2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
3951
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"f6f-436c96de6a0c0"
content-type
image/jpeg
last-modified
Fri, 03 Aug 2007 10:57:47 GMT
server
Apache
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
24express.png
www.hcinema.de/lampen/
14 KB
14 KB
Image
General
Full URL
https://www.hcinema.de/lampen/24express.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
acda565216ed99e8d98c7a569ee317522fe536157a5f980849dd232546a1da77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
14662
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"3946-5478ceac006c0"
content-type
image/png
last-modified
Thu, 02 Feb 2017 14:24:03 GMT
server
Apache
verlaufseite.png
www.hcinema.de/lampen/
3 KB
3 KB
Image
General
Full URL
https://www.hcinema.de/lampen/verlaufseite.png
Requested by
Host: www.hcinema.de
URL: https://www.hcinema.de/lampen/shop.php?id=n2789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
bdecb7c15ea089cb1f2d9545e3366cb98e348f60e2e66200753e163ec670f3fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
2840
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"b18-546fbaf292c40"
content-type
image/png
last-modified
Thu, 26 Jan 2017 09:07:53 GMT
server
Apache
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
www.hcinema.de/lampen/
1 KB
1 KB
Other
General
Full URL
https://www.hcinema.de/lampen/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
22789fe163e498987778d814796d9a79ecffca012b64c36fcbaf9629e7bb2be6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1150
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"47e-5742ae07892c0"
content-type
image/vnd.microsoft.icon
last-modified
Fri, 24 Aug 2018 09:19:47 GMT
server
Apache
favicon-32x32.png
www.hcinema.de/
1 KB
1 KB
Other
General
Full URL
https://www.hcinema.de/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.216 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
217-160-0-216.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
ab19c1216741edb94393b77792fe9684804fe954196cd33335221c7c99156591

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hcinema.de/lampen/shop.php?id=n2789

Response headers

accept-ranges
bytes
content-length
1090
date
Mon, 16 Dec 2024 13:27:33 GMT
etag
"442-5742ae07892c0"
content-type
image/png
last-modified
Fri, 24 Aug 2018 09:19:47 GMT
server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ziel function| scrollFunction function| ziel2 function| changeCol function| timeout_losgehts function| timeout_starten object| XMLHTTP function| DatenAusgeben function| load function| sendText function| $ function| jQuery

13 Cookies

Domain/Path Name / Value
leikovoleikamarada.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 0081343e6ac247dff2bd730e68613191
vurtaichu.net/ Name: oaidts
Value: 1734355650
vurtaichu.net/ Name: OAID
Value: 0081343e6ac247dff2bd730e68613191
vurtaichu.net/ Name: syncedCookie
Value: true
www.share365.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJJZ2h1cXVTMDdDXC9iZEp3RVBcL0ZBQT09IiwidmFsdWUiOiJLS1wvT0VoOU9UUUkyaWJLVUQ3VThDdkhPS29SMmhrZHdWTjFTZ1I4dThhY0l4YUdLUE5WSHhQNFNyVnMxZmsxRyIsIm1hYyI6IjVjM2M4MTU4YmRlNGIxMzZkN2VhYjIwYjViZmY1YzY4NjgwNzJmZTI4Y2RmNTE4YjJiZGZhNGY3YWMxOTJiMWQifQ%3D%3D
www.share365.net/ Name: laravel_session
Value: eyJpdiI6ImtjRnJXSnUwZUJNeUE4cnhMQVpxRmc9PSIsInZhbHVlIjoiOURiSUpBTk1yUzRVK2RmMkRFejJMRVpTN1lndFdTYm1NRVpnOWFnMHZmWitJU3E3cjUraHBHMDJZRm9veHdtRiIsIm1hYyI6Ijk5MTI2Y2FjMWFjNDU4OTIyNjEwOTFhNzM0ZGU5MTAxODYzZmVmMmVhYjcwNGE0MzQzYzllNGViZTZhOGY1ZTEifQ%3D%3D
www.share365.net/ Name: __cflb
Value: 04dToYdiiqmwtkSqN2gkCjonAdP7MKkHX8xCa15Zco
suche.guenstiger.de/ Name: AWSALBCORS
Value: HoYQzZdkZpHDA7lhSg5PfqAaq0+VGu4efjQGtWZjBluKqtJWCJoaP/pL+vWPcdc9eM4AeAzrs3WJiZGZfcyh7ZapbLCCQKpK3g3B575XPCEP+NRk35TTdH/2CXJx
suche.guenstiger.de/ Name: AWSALB
Value: WJGuDmfJ/L/alTWa6qjLHie/zzCFBpcNH0UBwXcv70rStzpXaoWaXZs49gOloCcxhJspViTz9h7TOK4vw6YhvhadivmVrI0a2r2J+djnNeMlrP/wCsG+3wn+AlcS
suche.guenstiger.de/ Name: site.session
Value: FE5IpCnY9ZjxWyys5-WHzybeRsuIxt1m
.guenstiger.de/ Name: poolCookie
Value: _ngCP
.guenstiger.de/ Name: __cf_bm
Value: jTyWxU1Bz.E3Kee2FAAD2V3vdzTjAWcqkXDegww7Lmc-1734355652-1.0.1.1-z2N0NcheEM40DfW6whL6ldA1dXepzVemrSr7.w3wUx1iiiQR6x.CTXvg8f7oTIwCG3ZNrvcghogv7wnfHK5hMw

5 Console Messages

Source Level URL
Text
rendering warning URL: https://28904058-28768-ex.lotwiliticate.com/hyFADIw1NAfkZtczvVjFLSFKlNkRvoHRdv8GMpydHswWP82TpNdW9c2GV9RkedWSwYwCJ_h5gvm9euuzHOKnYBaKm6Olub-KcQkfT79Ox1N6mj47fG816JoVAeQ1xQ?kws=bana%2Cdayana%2Cbilir%2Cmisin%2Caltyaz%2Cerotik%2Cfilm%2Cizle%2Cfilmler&abl=0&fsb=0&pageUri=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A04501AC220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E00E0CAC220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0709A06AC220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Europe/Berlin&bto=-60&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0607D0FAC220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://vurtaichu.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000A41BAC220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28904058-28768-ex.lotwiliticate.com
ads.google.com
clcktrck.com
discountheld.de
img.idealo.com
leikovoleikamarada.com
my.rtmark.net
suche.guenstiger.de
vurtaichu.net
www.hcinema.de
www.share365.net
www.shoptastic.io
ads.google.com
104.18.22.222
104.18.23.222
139.45.196.64
217.160.0.216
2606:4700:3108::ac42:2b0b
2606:4700::6812:f5c
2a02:26f0:7100::5f64:879b
2a06:98c1:3120::3
3.66.53.110
3.73.249.248
52.53.88.18
88.208.22.4
0391146c0a3a3ad6957bd041f0b6ec1a8b565c4a19934ff85732a663141a9af0
0e2080cb056e56a529183e0a6a810cf4a4d9fdfd71ae06be9cba60b7c29a2fd9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1793c4c31d9c985f4bd465d5ac0accf705232f88e908142348c9c1dad51b14a7
1d4d863c38271c2a309adcef54eaea4f46ed7287cb06b53f6fc94de9eae5d514
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
22789fe163e498987778d814796d9a79ecffca012b64c36fcbaf9629e7bb2be6
2a8b24e662ba7917d5bb20a27ebc7414e096c6b80094d094cb3c2d4de4af3502
3016702b5f3aa3c1f593d53f78003639660ccd8bdbcabda7edf5bf8e2754ac9c
333834b8926d13eb0141bc30350094c0fa5983eb302e7ac325b96033dd417025
4a9610277352d5c33d5506682a244c505b65c45b647c3d8b65300755eaf998dc
4c6d5cd443b1fdab6f5a9548488a77ce55f1144c7ec54bfd976475b79227ab4e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5132515b987e3964d8472eadd5ad87b8fe3eb5e9bd673f9289c56eb1ed6481c9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
68e6937b1bfc5d3803a2e25c5742ffa6231ba0f1808394993aa295a76b281092
6cc43ccabc1f4a95c96fcc60076e5c2eceb95ccec474d4a8328d3d523f5c7f95
6ed653b46e4526804308663317d778c64e07d67bf24ee84989464baca6ca8090
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74a512228db952185b927d1eb3c2ccd36ca007e94dcc3b8298b1155ffbb64d2b
7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e
7b1ccdfe525065547aa7866272cf40ff7c81b62b06ba3951fe30aaeba3191ef0
7ff4cfe3fc9714c88051bcef2ca9ca7618bdbf3742f8a97fde0a5dfc692bda85
88a3b9f919b2d9db6dcfdab1e1fa59b5436d9304cb979e78991d8d74e07fc858
898f682ff450f5670966cd5985f227f71bace1036c9f64c508f0e34436da5e68
8b1354a2e43703bb23329ca8f0cf6e5b07ba16ebc589e70db0d726ad78ddb690
8c26178e26666aa7335287e823eb8f860f64e99581c3357531c662b76d528344
94912e24b33baa1d07c607f632930c8294fbd2a658069432acf6785961dac59b
9d2aaddd6f31c125d6d0e5528ae9bc830f7f2645805883638418d47bdf0c40c5
9fe25cb5453a73a8e30f0d92e9111f77b656931f38742393976e5d2592c6c7ab
a2b8cdeb2c634bf0197a53f948a37ea0bc92cd858343829a5e81fd5b6c073c20
a546bd2209dc4cf50d61941d674434b072ead54ae4378ab5a30d2205b7981ae2
ab19c1216741edb94393b77792fe9684804fe954196cd33335221c7c99156591
acda565216ed99e8d98c7a569ee317522fe536157a5f980849dd232546a1da77
ae3f126f3b36d6b08872b854b4300ce44ad5284f68f9d1db2880574789167283
b03fafc978971cc96663ef28f2cf4029d53dd233dddeda707c429b134690078f
bdecb7c15ea089cb1f2d9545e3366cb98e348f60e2e66200753e163ec670f3fb
be2a0a0b3051214a6036988303a98e858c28c0767c866d812ccbadb99386ea45
c29f6222ff09e75f2711fc8ea3fed93cf6a8c960fbda8edd0c2208191dfc8402
cdb2af51d885bb2bc1aa51b5a3cec52a14dcd9356d9cbe0c2b5ff677d2dddae2
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e0a346eb8b0465305d090ae1b871c39ac6747a49656d34e40ea322872b7760c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f2e316d39855cf84310af185f3fbfc01d81f8579a51bdfebdcb56b520e76b3d8
f88d95762af0c752392bc6b9ac99c1b72773f66434817382abe64bc0b17b81f8
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7