urlscan.io logo urlscan.io
SecurityTrails logo

campaign.sunflowerdate.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://planebale.com/click?s2=103979817381=351329&s3=178284=3038&s7=p&s8=252&trvid=10811&ow=26
Effective URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Submission: On August 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is campaign.sunflowerdate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2023. Valid for: a year.
This is the only time campaign.sunflowerdate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.75.58.142 10439 (CARINET)
1 1 35.244.193.194 15169 (GOOGLE)
1 1 66.254.106.253 29789 (REFLECTED)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
7 66.254.122.19 29789 (REFLECTED)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.50.64.3 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.19.146.54 13335 (CLOUDFLAR...)
28 13
1    216.75.58.142 (United States)

ASN10439 (CARINET, US)
PTR: occasionally.everwarsaw.de
planebale.com
1    35.244.193.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.193.244.35.bc.googleusercontent.com
www.c93jsk1wm.com
1    66.254.106.253 (United States)

ASN29789 (REFLECTED, US)
qllinks.com
7    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
campaign.sunflowerdate.com
pushstar.xyz
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
7    66.254.122.19 (United States)

ASN29789 (REFLECTED, US)
cdn.x1cdn.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pushvisit.xyz
1    2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)
device.maxmind.com
1    2606:4700::6812:1029 (United States)

ASN13335 (CLOUDFLARENET, US)
d-ipv6.mmapiws.com
1    104.19.146.54 (None, )

ASN13335 (CLOUDFLARENET, US)
d-ipv4.mmapiws.com
Apex Domain
Subdomains		 Transfer
7 x1cdn.com
cdn.x1cdn.com
1 MB
4 sunflowerdate.com
campaign.sunflowerdate.com
10 KB
3 pushstar.xyz
pushstar.xyz — Cisco Umbrella Rank: 866551
5 KB
2 mmapiws.com
d-ipv6.mmapiws.com — Cisco Umbrella Rank: 24172
d-ipv4.mmapiws.com — Cisco Umbrella Rank: 163593
548 B
2 pushvisit.xyz
pushvisit.xyz — Cisco Umbrella Rank: 199104
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1288
86 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1179
35 KB
1 maxmind.com
device.maxmind.com — Cisco Umbrella Rank: 41932
7 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 985
30 KB
1 qllinks.com
qllinks.com
651 B
1 c93jsk1wm.com
www.c93jsk1wm.com
521 B
1 planebale.com
planebale.com
2 KB
28 15
Domain Requested by
7 cdn.x1cdn.com campaign.sunflowerdate.com
4 campaign.sunflowerdate.com campaign.sunflowerdate.com
3 pushstar.xyz campaign.sunflowerdate.com
pushstar.xyz
2 pushvisit.xyz pushstar.xyz
2 fonts.googleapis.com cdn.x1cdn.com
2 use.fontawesome.com campaign.sunflowerdate.com
use.fontawesome.com
2 maxcdn.bootstrapcdn.com campaign.sunflowerdate.com
1 d-ipv4.mmapiws.com device.maxmind.com
1 d-ipv6.mmapiws.com device.maxmind.com
1 device.maxmind.com campaign.sunflowerdate.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com campaign.sunflowerdate.com
1 code.jquery.com campaign.sunflowerdate.com
1 qllinks.com 1 redirects
1 www.c93jsk1wm.com 1 redirects
1 planebale.com 1 redirects
28 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-27 -
2024-02-27		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
x1cdn.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
pushstar.xyz
E1		 2023-07-01 -
2023-09-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
pushvisit.xyz
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh
*.maxmind.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-10-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Frame ID: 37BA7EA2735E50A14FE91C35F962E484
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

K-Elite Kaffeemaschine

Page URL History Show full URLs

  1. https://planebale.com/click?s2=103979817381=351329&s3=178284=3038&s7=p&s8=252&trvid=10811&ow=26 HTTP 302
    https://www.c93jsk1wm.com/2J75T3/2M4GKFM/?sub2=8sp2pzov2bod HTTP 302
    https://qllinks.com/click?c=eyJhIjoyMDc4OCwibyI6NTI3LCJwIjoyNiwibHAiOjE1NzYsImMiOnt9fSAg&clickid... HTTP 302
    https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjo... Page URL
  2. https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

60 %
IPv6

15
Domains

16
Subdomains

13
IPs

5
Countries

1526 kB
Transfer

1833 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://planebale.com/click?s2=103979817381=351329&s3=178284=3038&s7=p&s8=252&trvid=10811&ow=26 HTTP 302
    https://www.c93jsk1wm.com/2J75T3/2M4GKFM/?sub2=8sp2pzov2bod HTTP 302
    https://qllinks.com/click?c=eyJhIjoyMDc4OCwibyI6NTI3LCJwIjoyNiwibHAiOjE1NzYsImMiOnt9fSAg&clickid=892259a8c329411187688138d35ef558&tracker=34_&s1=8sp2pzov2bod&jump= HTTP 302
    https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod&jump= Page URL
  2. https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://planebale.com/click?s2=103979817381=351329&s3=178284=3038&s7=p&s8=252&trvid=10811&ow=26 HTTP 302
  • https://www.c93jsk1wm.com/2J75T3/2M4GKFM/?sub2=8sp2pzov2bod HTTP 302
  • https://qllinks.com/click?c=eyJhIjoyMDc4OCwibyI6NTI3LCJwIjoyNiwibHAiOjE1NzYsImMiOnt9fSAg&clickid=892259a8c329411187688138d35ef558&tracker=34_&s1=8sp2pzov2bod&jump= HTTP 302
  • https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod&jump=

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
campaign.sunflowerdate.com/de/e09gi5u/azkuri/
Redirect Chain
  • https://planebale.com/click?s2=103979817381=351329&s3=178284=3038&s7=p&s8=252&trvid=10811&ow=26
  • https://www.c93jsk1wm.com/2J75T3/2M4GKFM/?sub2=8sp2pzov2bod
  • https://qllinks.com/click?c=eyJhIjoyMDc4OCwibyI6NTI3LCJwIjoyNiwibHAiOjE1NzYsImMiOnt9fSAg&clickid=892259a8c329411187688138d35ef558&tracker=34_&s1=8sp2pzov2bod&jump=
  • https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod...
659 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod&jump=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-29+0~20200514.35+debian9~1.gbpcc49a4
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f9321cb3f8a2c1a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 19 Aug 2023 14:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbW9dChPxK7zt1Ng%2Bs9e7GHr%2FnFnCBqnV94smpqgidxJGADh360T3e%2BKraffgLx%2BwZu%2FtrU6X4I4azZjpYg1hklqhMiR4WwHBiyI%2BVJSRCYhUeKyJII9UialvKA4Q9CSgh0kx00hSPRsk6sTEyapziBYdBN6Y6muOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40-29+0~20200514.35+debian9~1.gbpcc49a4

Redirect headers

content-length
0
date
Sat, 19 Aug 2023 14:36:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod&jump=
server
nginx
x-frame-options
DENY
Primary Request 01.php
campaign.sunflowerdate.com/de/e09gi5u/azkuri/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-29+0~20200514.35+debian9~1.gbpcc49a4
Resource Hash
0384970aa180079043b58bf0cb2e223189d466ab78b3be05ab98b31040b28f84

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://campaign.sunflowerdate.com
Referer
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/?c=eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g&tracker=34_&clickid=892259a8c329411187688138d35ef558&s1=8sp2pzov2bod&jump=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f9321cd09e02c1a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 19 Aug 2023 14:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OECZ6gjAUk00Npxkxp2zMJmwsHDYnohIw2a1H6zBuFxWxrHHFlh6N1q%2F0pjT3a%2FJllUEJp4rSSp6nO6yWeUvxCq8gOlzcJG%2FVFjVdTMB1fGJKn52egTi7oLUEQBgCJaA%2FGzOQHFImYGhqZM6qYU5tTuMP8ZRk4mjOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40-29+0~20200514.35+debian9~1.gbpcc49a4
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://campaign.sunflowerdate.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
752
cdn-cachedat
06/15/2023 15:41:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
52de7869c0034e84a30ac0a7ae1a9d32
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f9321ce88424d91-FRA
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://campaign.sunflowerdate.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1TH0189HY76HMPBY
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l5bBsRF1/sT4WdbweTJF2TlQYVEeQVyqmLSR+GMxEes96EqQmxnCKswhdRCSFWYNxTGUXZ8HdxOFFrpmQWdruLmzFzNmt7KRQ7zOUFUMEAw=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMKjhFdmvjj2tbwvWACLO7%2BnqjqMi4onJoPt3gW9Nxr3e7ZLJhZt%2BJPTu6PpFfdckwwCmo9u2%2FF%2FKXCOYx9r8hHXPUjJ8fR9Ef5hFLW9WzPanxmU8bz25ftX%2Fnv9ui8v%2Blzwy4ZcxuHxbm0fgdfBw5lW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7f9321ce8f1030f0-FRA
style.css
cdn.x1cdn.com/bh/az/global/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.x1cdn.com/bh/az/global/style.css
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
371e83c2dd0d90f3e19e6bb3200e020e246df3c00ca336759c2566b6c8a011c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Sun, 16 May 2021 05:30:34 GMT
etag
"23aea48b7-3b04-5c26bc6abf280"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=10556403
x-cdn-diag
fra1-11014-3-3217-h-0-0---;11037-31-2469378----0-0-0
accept-ranges
bytes
content-length
15108
expires
Sun, 10 Sep 2023 20:56:48 GMT
ace-push.js
pushstar.xyz/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushstar.xyz/ace-push.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a856db4c4b3ced5cf49968cef62c0cd74572044593dd8424b2876ceabbd8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 03 Aug 2023 14:22:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d9c615f7e92107"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh3OM9VgttTHYQ0s849wCxPWJD0Lo6nYugs2rSwDxQTJmIWBAsBnj7e95VLjsDCn6YqYbUuDg7JhYrVuxc71ho6eGPVtEKqqVxb75E%2Bq7lEwuoExY5Rn%2F0dZi3mB7VGJmuPulK5PHncAF%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
7f9321d3facd3659-FRA
alt-svc
h3=":443"; ma=86400
price-de.png
cdn.x1cdn.com/bh/az/global/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/az/global/price-de.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
36150f387acafaf92a5a27bbf3c781cfd35d40b5b9ecb7732996c641b4b83088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Mon, 14 Feb 2022 12:57:57 GMT
etag
"23467afa7-245d-5d7f9f7285f40"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10630752
x-cdn-diag
fra1-11028-1-39025-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
9309
expires
Sun, 10 Sep 2023 15:10:55 GMT
top.png
cdn.x1cdn.com/bh/en/azcm/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/en/azcm/top.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
39fa8101fa5740ba2f392ea8a3aa82a025403aaa52d591096127c7e3d7d16ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Fri, 22 Jul 2022 12:14:17 GMT
etag
"26f9b60d4-3685b-5e463c5eb9840"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10754712
x-cdn-diag
fra1-11037-2-1301414-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
223323
expires
Mon, 18 Dec 2023 00:07:40 GMT
secure2.png
cdn.x1cdn.com/bh/az/global/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/az/global/images/secure2.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
c7a07a2c8f15510da4c2ae3c3cc7ff2fd2b2ae28c7f31463455fb972a7387fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Mon, 15 Feb 2021 12:59:47 GMT
etag
"22f6cd623-a83-5bb5f8f7a56c0"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10703268
x-cdn-diag
fra1-11037-3-1301454-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
2691
expires
Mon, 31 Jul 2023 12:11:27 GMT
secure3.png
cdn.x1cdn.com/bh/az/global/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/az/global/images/secure3.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
a0a2b4decf654159b0b86d8f6df05996d42baf4ed8843ad81aac101bc8494603

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Mon, 15 Feb 2021 12:59:46 GMT
etag
"23291fc4a-9d0-5bb5f8f6b1480"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10630752
x-cdn-diag
fra1-11028-1-39025-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
2512
expires
Sun, 10 Sep 2023 15:10:55 GMT
secure1.png
cdn.x1cdn.com/bh/az/global/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/az/global/images/secure1.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
3af054219051fa2d21116b671ce04b82989fd0155e6148466851e081f3e55ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Mon, 15 Feb 2021 12:59:45 GMT
etag
"2341a2af9-bff-5bb5f8f5bd240"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10403259
x-cdn-diag
fra1-11015-1-30313-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
3071
expires
Fri, 08 Sep 2023 08:12:13 GMT
bot.png
cdn.x1cdn.com/bh/en/azcm/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.x1cdn.com/bh/en/azcm/bot.png
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
a87b299fc1a1332821b988a642dd269dc6c6d87d2f3b3d075f9a2553575dfb0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
last-modified
Fri, 22 Jul 2022 12:14:17 GMT
etag
"26f9b60d5-104530-5e463c5eb9840"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10405567
x-cdn-diag
fra1-11015-3-30425-h-0-0---;11037-31-2469378----0-0-1
accept-ranges
bytes
content-length
1066288
expires
Mon, 18 Dec 2023 00:53:30 GMT
email-decode.min.js
campaign.sunflowerdate.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaign.sunflowerdate.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 10:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ddfd41-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjUD4qv9dcyhRKhc6vRRMVi0WqTU7bLWYf4EGG2dHlXTU%2B9sT7VTmn45mwLGbjhtuCOFQ1%2FxJUwAAxIfUvUyyKJT%2FAq3WdAZgi%2FCxJAChnc7IBFOGeueOpXmHgnVqB4RkESy7zSW5ICGrUQFHTsWAqG37tZAs3LyXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f9321d12e8e03cd-FRA
expires
Mon, 21 Aug 2023 14:37:00 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://campaign.sunflowerdate.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1692455821.dop204.fr8.t,1692455821.cds124.fr8.hn,1692455821.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://campaign.sunflowerdate.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
244781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Thu, 22 Jun 2023 11:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d85-180d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8T0KJb73sv8eHszpPdALxBrDP4owcMC1WjsMl2emPw9bD1zEYQm8g%2FoJ8RzS9S6VzrEe1H6brFGxaL8INaYT1Hsfp5ec1GvaQQfaXIhm1JU6IPDurMPcWHHdSIIYGrw7%2BZsJS8WCb0NxahhR7nhU5bH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f9321d22c044d6e-FRA
expires
Thu, 08 Aug 2024 14:37:01 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://campaign.sunflowerdate.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
865
cdn-cachedat
11/25/2022 23:23:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5880cda6e0e5c260c885ebd4970fe77b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f9321d25e144d91-FRA
cdn-requestpullsuccess
True
cro-improvements.js
campaign.sunflowerdate.com/ 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://campaign.sunflowerdate.com/cro-improvements.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbf783027cf7e38b54678e9a75a91dab16b650a6d7370f1675b0b2725b25171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 09:54:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62d7d0be-531"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yag%2BIINWGxknuVpu7m13dvzPUZYWMedaN3HyM2dgcLqnH9p44CeOp6zkFoyFeNdKmbaCTe%2B9%2Fv7BLMcCQhIPTEXLkzXdt9o4CAeAwwN0k8HXfl53x19tvDLvF%2BMIWwmWPSmpcixWNivJj9ulsakKG7VfLX6vwcX1Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f9321d2a87003cd-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: cdn.x1cdn.com
URL: https://cdn.x1cdn.com/bh/az/global/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbd133aaccc627dd11acf8545f051db9b1e00f4875ff6c7e89ab3509f9871ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.x1cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 19 Aug 2023 14:23:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Aug 2023 14:37:01 GMT
css2
fonts.googleapis.com/ 		11 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700
Requested by
Host: cdn.x1cdn.com
URL: https://cdn.x1cdn.com/bh/az/global/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.x1cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Aug 2023 14:37:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 19 Aug 2023 14:37:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Aug 2023 14:37:01 GMT
truncated
/ 		147 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
52318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 00:05:03 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://campaign.sunflowerdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ET2DCQF5ED0VKBXR
alt-svc
h3=":443"; ma=86400
content-length
74256
x-amz-id-2
92kLUz/ZZjw2B1sz8SWBWzr5ApYBBGaBlvkZzTebJC34tDAg7q6SWOiMYzGmtWCGJqpGIfOYS5wcuHa0jVgWJ0z+apWAskA34T1Uzu//8GU=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"418dad87601f9c8abd0e5798c0dc1feb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bv4l01SaAse%2Frj%2FIv3zY%2BSaR%2BYwlZ0%2FjvlS9%2BZgT5X0VhDFuUetn%2FMmLNCQxrBBxKG%2Fk051xij55tyA2mnHqvljNTXl%2FeHMf%2FKVUWE5hWmzrb%2BZP0ON4RGHvbpy1aYyPmzHp9axcjC4qNyfw8ZhHeQTI"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7f9321d4483830f0-FRA
visit
pushvisit.xyz/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushvisit.xyz/api/v1/visit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://campaign.sunflowerdate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
*
content-length
0
date
Sat, 19 Aug 2023 14:37:01 GMT
visit
pushvisit.xyz/api/v1/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushvisit.xyz/api/v1/visit
Requested by
Host: pushstar.xyz
URL: https://pushstar.xyz/ace-push.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4c1072b30ad40894bd16f564912977dc5ee172e7a626d7a32ca373c10a857f58

Request headers

Referer
https://campaign.sunflowerdate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 19 Aug 2023 14:37:01 GMT
server
Kestrel
content-length
1488
content-type
application/json; charset=utf-8
device.js
device.maxmind.com/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://device.maxmind.com/js/device.js
Requested by
Host: campaign.sunflowerdate.com
URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d920363af3e8f84e9c6e997df4f6adc2ccc318facf005123c33cb1435d2a8f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.sunflowerdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:37:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 17:18:55 GMT
server
cloudflare
age
40608
etag
W/"64de567f-3f14"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=43200
cf-ray
7f9321d75db81917-FRA
expires
Sun, 20 Aug 2023 02:37:01 GMT
ant_squire
d-ipv6.mmapiws.com/ 		97 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv6.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1029 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640a32ec4f0081f21a6ad2a5ea342c4361189cb7865944252bb731abb3714d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://campaign.sunflowerdate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Aug 2023 14:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
7f9321d89fdd9bb0-FRA
log-client-error
pushstar.xyz/api/v1/visit/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushstar.xyz/api/v1/visit/log-client-error
Requested by
Host: pushstar.xyz
URL: https://pushstar.xyz/ace-push.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://campaign.sunflowerdate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 19 Aug 2023 14:37:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUFHz64HtLKmHTZDf1baWdvqJ8Ufply8ncG4aD79vhNOGjJbIA5UOVfOAtZjfk1qgG5H%2Fz8B8oeZ%2FBjvimdp7pIQh7VoWc6nCvYckLFmoFLxeDLJwmFuc2EwSg5pV%2F8fWR6nujAgI%2BEcqHs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7f9321d97e344dc4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log-client-error
pushstar.xyz/api/v1/visit/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushstar.xyz/api/v1/visit/log-client-error
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://campaign.sunflowerdate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f9321d89d454dc4-FRA
content-length
0
date
Sat, 19 Aug 2023 14:37:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdpPRsfG58Vxjli5002%2Bqx3%2FYoXZJ7rIbrccVqOvMnDndpMmUbQJ2b12BDjOvKqns7WNyBOPdpqwdoL9Oje9mmBVBKK8bg0gDlwxDFauB9QP7SsbNZAkRbpDeYw1OrzAcQmyCXIFLve2wd8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ant_squire
d-ipv4.mmapiws.com/ 		95 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv4.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.146.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c37f201971f5b8207088f5a5c131d1ee71112b3088cbcad019d1301afb5c3a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://campaign.sunflowerdate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Aug 2023 14:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
7f9321d9b8412c49-FRA

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap string| region string| maxmind_user_id object| el function| countIt function| releaseIt function| productChange number| animatePulsetwo function| removeBounce function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker object| __mmapiws

16 Cookies

Domain/Path Name / Value
campaign.sunflowerdate.com/de/e09gi5u/azkuri Name: c
Value: eyJhIjoyMDc4OCwibyI6NTI3LCJzbyI6MTQ5NiwicCI6MjYsImxwIjoxNTc2LCJjIjp7fX0g
campaign.sunflowerdate.com/de/e09gi5u/azkuri Name: tracker
Value: 34_
campaign.sunflowerdate.com/de/e09gi5u/azkuri Name: clickid
Value: 892259a8c329411187688138d35ef558
campaign.sunflowerdate.com/de/e09gi5u/azkuri Name: s1
Value: 8sp2pzov2bod
planebale.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_7yTS4_bNhDHv4owpwQgZD6shxkIgeu023bjoEA23UsvNDX2siuTAknJ2Ty-e0FJ2TWKnnub-c-IQ_40_68wog_GWZDAcppTIBCfegRJCYThcPcj1s6O6CO2II-qC0hAd0Y__taChDr0vP_iRn5wLRBoVUSQrNzwdVHUrCCg1blX5mRTN6M1YwRM2P2xBRn9gAS8iyoaN9UrJgj4ocOUCFZUBDy2xqOOe4wPrgXJCQQ3eD21MAKdsq2xp5TR5-yT70ACEHDHI_qpk1FaEzh4ZfXD0jwV59aHGPsgV6vL5ZLrjfg7PLLLOdfuvOK_V8WdWPH9-ub2l_3qbRgOvPnXo7ULcTrR44h2mKH16skNEaT4MWk3eI9WP4GETx_fAYHBm6vRfacsHlSH09gJ8NvAG0bFptrUrBI1a0TBBN_8NVDKyyAaVtW8XjeCinrRqqZforrhBZ_j6EfTNhP7WXCXhpdAwPTbtvUYQvqP65xtclYVOavFda2cSQ4B_faENoKEvftiuk6tipxmr-6Nbd0lZB_uMkZz-ia7N7Zcv8k-l-vX2bbvO7zHw62Jq0JUuSizV7e_3u3fk6wzj5jdoH50r7Pdg3dnXDFW5jQv6nWRb8rsozoqb5bPIME9okcPEv4fOi2ORuOzCVyitDw2bVb488U8yTkH7y5hut78mucTfvLKtjPEWdi7Frtr4YM645zreRzsnO-dT15KbulBwi0-XfCQbW-mfRts9GmR3v08gTnN90glE2f92zdIO-jRxl2itfjBm5Ox7_srKXplg9KzBQNIO3QdAT2E6M4gvwJ-juit6ia3_wdvIDDS-aiRpZYX7EniS0mAhAnruF6UtFh9CqpUKjh8__5PAAAA__9QAb23kgQAAA==
planebale.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_7yTS4_bNhDHv4owpwQgZD6shxkIgeu023bjoEA23UsvNDX2siuTAknJ2Ty-e0FJ2TWKnnub-c-IQ_40_68wog_GWZDAcppTIBCfegRJCYThcPcj1s6O6CO2II-qC0hAd0Y__taChDr0vP_iRn5wLRBoVUSQrNzwdVHUrCCg1blX5mRTN6M1YwRM2P2xBRn9gAS8iyoaN9UrJgj4ocOUCFZUBDy2xqOOe4wPrgXJCQQ3eD21MAKdsq2xp5TR5-yT70ACEHDHI_qpk1FaEzh4ZfXD0jwV59aHGPsgV6vL5ZLrjfg7PLLLOdfuvOK_V8WdWPH9-ub2l_3qbRgOvPnXo7ULcTrR44h2mKH16skNEaT4MWk3eI9WP4GETx_fAYHBm6vRfacsHlSH09gJ8NvAG0bFptrUrBI1a0TBBN_8NVDKyyAaVtW8XjeCinrRqqZforrhBZ_j6EfTNhP7WXCXhpdAwPTbtvUYQvqP65xtclYVOavFda2cSQ4B_faENoKEvftiuk6tipxmr-6Nbd0lZB_uMkZz-ia7N7Zcv8k-l-vX2bbvO7zHw62Jq0JUuSizV7e_3u3fk6wzj5jdoH50r7Pdg3dnXDFW5jQv6nWRb8rsozoqb5bPIME9okcPEv4fOi2ORuOzCVyitDw2bVb488U8yTkH7y5hut78mucTfvLKtjPEWdi7Frtr4YM645zreRzsnO-dT15KbulBwi0-XfCQbW-mfRts9GmR3v08gTnN90glE2f92zdIO-jRxl2itfjBm5Ox7_srKXplg9KzBQNIO3QdAT2E6M4gvwJ-juit6ia3_wdvIDDS-aiRpZYX7EniS0mAhAnruF6UtFh9CqpUKjh8__5PAAAA__9QAb23kgQAAA==
www.c93jsk1wm.com/ Name: uniqueClick_2M4GKFM
Value: bc8393aa-00d7-4f3c-b281-2ea8128fc3d9:1692455815
www.c93jsk1wm.com/ Name: transaction_id
Value: 892259a8c329411187688138d35ef558
qllinks.com/ Name: _uuid
Value: 617b8103-c809-427c-9359-b757bdc9b125
qllinks.com/ Name: so_527
Value: 1496
qllinks.com/ Name: ecde3b4e7f3dff0de587beb224b71a94
Value: true
qllinks.com/ Name: RNLBSERVERID
Value: ded464
campaign.sunflowerdate.com/ Name: RNLBSERVERID
Value: ded879
.pushstar.xyz/ Name: TiPMix
Value: 3.549707336028396
.pushstar.xyz/ Name: x-ms-routing-name
Value: self
.sunflowerdate.com/ Name: __mmapiwsid
Value: 018a0e3a-6393-7f18-b245-39a8b9dd5c38:d325869e1669c5a53f6ae273266f6270e17d2738

1 Console Messages

Source Level URL
Text
other error URL: https://campaign.sunflowerdate.com/de/e09gi5u/azkuri/01.php
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.sunflowerdate.com
cdn.x1cdn.com
cdnjs.cloudflare.com
code.jquery.com
d-ipv4.mmapiws.com
d-ipv6.mmapiws.com
device.maxmind.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
planebale.com
pushstar.xyz
pushvisit.xyz
qllinks.com
use.fontawesome.com
www.c93jsk1wm.com
104.19.146.54
20.50.64.3
2001:4de0:ac18::1:a:1b
216.75.58.142
2606:4700::6810:262f
2606:4700::6811:190e
2606:4700::6812:1029
2606:4700::6812:acf
2606:4700:e0::ac40:660b
2a00:1450:4001:802::2003
2a00:1450:4001:806::200a
2a06:98c1:3121::3
35.244.193.194
66.254.106.253
66.254.122.19
0384970aa180079043b58bf0cb2e223189d466ab78b3be05ab98b31040b28f84
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
35a856db4c4b3ced5cf49968cef62c0cd74572044593dd8424b2876ceabbd8ee
36150f387acafaf92a5a27bbf3c781cfd35d40b5b9ecb7732996c641b4b83088
371e83c2dd0d90f3e19e6bb3200e020e246df3c00ca336759c2566b6c8a011c1
39fa8101fa5740ba2f392ea8a3aa82a025403aaa52d591096127c7e3d7d16ef3
3af054219051fa2d21116b671ce04b82989fd0155e6148466851e081f3e55ba1
4c1072b30ad40894bd16f564912977dc5ee172e7a626d7a32ca373c10a857f58
5c37f201971f5b8207088f5a5c131d1ee71112b3088cbcad019d1301afb5c3a9
640a32ec4f0081f21a6ad2a5ea342c4361189cb7865944252bb731abb3714d09
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8bbf783027cf7e38b54678e9a75a91dab16b650a6d7370f1675b0b2725b25171
a0a2b4decf654159b0b86d8f6df05996d42baf4ed8843ad81aac101bc8494603
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a87b299fc1a1332821b988a642dd269dc6c6d87d2f3b3d075f9a2553575dfb0d
bbd133aaccc627dd11acf8545f051db9b1e00f4875ff6c7e89ab3509f9871ad3
bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e
c7a07a2c8f15510da4c2ae3c3cc7ff2fd2b2ae28c7f31463455fb972a7387fe0
d920363af3e8f84e9c6e997df4f6adc2ccc318facf005123c33cb1435d2a8f26
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe