klickbetrug.ch Open in urlscan Pro
45.138.175.224  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response klickbetrug.ch/	48 KB 12 KB	530ms 159ms	Document text/html	45.138.175.224 AUROLOGIC aurolog...
General Check archive.org Show headers Download Go to Full URL https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.138.175.224 , Germany, ASN30823 (AUROLOGIC aurologic GmbH, DE), Reverse DNS Software Caddy / Resource Hash bcf3858d5a33a29c102e1260eced9af6dbae069e983d291594a2ed16f3ad77fa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.ch/ Response headers access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin * content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 26 Feb 2024 06:10:56 GMT server Caddy vary Accept-Encoding
GET H2	200	funnel-page.css static.funnelcockpit.com/assets/css/	535 KB 82 KB	1871ms 359ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/css/funnel-page.css?v=9487295f537b63de Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 209ec8ece3adb13e7608adda22570b91b3c6e7b4b2c4df887dda03c86f9f0040 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:58 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:34:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 200 etag W/"4a654fd9cf3397a4c9211e5b57aa4375" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVmLFjcYIp5PmFPVJgorbMF%2Bgya8BQMcOX62sbI23EyEE1hfemdVTBMvx9fyI5D8SirUdACpkd5KxGcprVSck9YeWYqou%2BID1lTbN64lUwl7UZs28UEincEq32JZ1yUOBt1QSRPvDgw9LQo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 85b6072b681b6eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	a24503d12145fdde571f8d308339930a.svg static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	16 KB 4 KB	1953ms 441ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/a24503d12145fdde571f8d308339930a.svg Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f8faf4b80e574328b5581302f56e041b8b609e3b1ff4bed50f797131d039551 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:58 GMT content-encoding br cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"da1f491866a34b91f43e02b31390f1ba" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xjoyg%2BKdVc3v2bICJGt01fz43ndDL9Wn852RWbfYOjASywWVdLz6za2%2B3JiyvJ%2FN6etDY0n2kKYStRJx4U1Y4aorN5AN%2FJomIt6%2F2Nu2G96ByHZVPVMOpReDc%2BtTwg8YQs1EkTeM4ZDKk7o%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=43200 cf-ray 85b6072b681e6eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	605243325bcd84b5c73772ddb8ccce45.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	25 KB 25 KB	1953ms 440ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/605243325bcd84b5c73772ddb8ccce45.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57961a47a1d9db2f06f326e12bd14a6b04b55a9a349a0ccb67061f3528bfdb3b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:58 GMT cf-cache-status REVALIDATED last-modified Sun, 24 Dec 2023 21:57:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2fc64220224c8074978ae07e78d83dde" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6n0ZJs%2FYo3arA16eysg9Q2t9l9ptkLRHdDAZAVyScm7jGlL6gLUVA3LcTmS6BfmM3Q48VK1OJuWzBntXiYskWj9AaoSuW8JgyLbnN%2FTERHPLxKb4bExCXKOSgvt3NgV%2FyyyopVW%2F9egPxE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072b681f6eff-CDG alt-svc h3=":443"; ma=86400 content-length 25502
GET H2	200	4535f1501726550c0841a04005db9d5b.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	8 KB 8 KB	485ms 483ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/4535f1501726550c0841a04005db9d5b.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c635383da2b88b0e554fcf1d49b27c4443d3433356b77d667d40af702065d9 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:58 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "08a9b4b77090367f2c2241259a73310c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrBX3TasLnr7WsxmuA5GTNSwVj%2FAyuokyrSF9%2FQYV1%2BrxeuxCyuhlmCSTxt3sMeaQs7m%2F6PWf7Pk4ca7ez8wcCbzABc6O%2FfTMmOtJVU8J5M3%2B4yeocqp8cX4oiboN5ntZRr7Difco5A7e2Q%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072dba6e6eff-CDG alt-svc h3=":443"; ma=86400 content-length 7910
GET H2	200	5dbac4dbc193bf5b111817c2e343ba32.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	13 KB 14 KB	483ms 482ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/5dbac4dbc193bf5b111817c2e343ba32.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ddb6c41f152e61315d24c4443cae925eeaade0d16cd3514eab733b244f6c6f5 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:58 GMT cf-cache-status REVALIDATED last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7ddeecfeb71acd8948e80170c3265f95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZHndZTDAdhDFZNqkoy68K%2Fi3wSTV9kFvZlOuhdA5OOecHF8VHOTloVWsjuLC48VXYfXy7lsPrXEGqLRlIItKP9IU1gexMAV4oBS7t80St%2BbcPMghPeYN4i%2FANcPbME5B8KaYVxVOhReujI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072dba706eff-CDG alt-svc h3=":443"; ma=86400 content-length 13511
GET H2	200	2c857b76dfac0e633735f502880ba7af.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	50 KB 50 KB	522ms 517ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/2c857b76dfac0e633735f502880ba7af.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc72a967b6eccf48cf015f800da8fa81da341f16fc9f6bb793de4aba1ad724eb Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1041f9bc5444097fe0085609953ab353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWHCBroE8mAySlpXxNdFYXA17XTpvwGe1p%2BuM4v38obbKqPcpXKLY9QjKtz3AxlylPABExj4Lvn8YYRPzEKX8e0WhCi%2Ffks4e69nY3C0KHgILFua54J4rHp6DtzT31k%2BC466EhWk26xN6Fw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072fdc656eff-CDG alt-svc h3=":443"; ma=86400 content-length 51037
GET H2	200	3a7e69ef6fe5c4d973784541210d788c.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	11 KB 11 KB	788ms 784ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/3a7e69ef6fe5c4d973784541210d788c.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37f80cea9a2253a6264d692e092ced140bd89641d872dc20b9d5d727a135fe89 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f86a712fcf05cbc41740cc3e32cb5adf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEc%2FX%2FVTDKyM3TEpaSYjTkBpA%2B9XeRO3%2B2pAoSZgNui1pNWGFgYB3URZJY8byQqTtWQ7fWhQd68z3q0RS79hp702r3ft%2BbUfLlfD6aGA8dGLUTewF86cJL72tCCV376iM8wbypENQUciZXo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072fdc666eff-CDG alt-svc h3=":443"; ma=86400 content-length 11415
GET H2	200	823e2a892692a8a1ddce7c2ee78fa790.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	25 KB 25 KB	547ms 544ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/823e2a892692a8a1ddce7c2ee78fa790.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e2bb3ad016a6a88bea7eac1e06480c6fd06fa06181348b379ee6e0c1a9da096 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "cc4a36676d6ed1ee1e8b47354ae65b80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8Qi6T4EG7fJGhZiGsDyabKn857xyi1adX7ZqZJEk4pkndz2UprGqKsVylPhGr2F5uDFn6%2BEYnByq0XuN1d%2B6LtTH1beNAu2uI4XaeaidXx51tuo2NITNsoxjRgEYSMcOgXsMyyUR%2FveDOE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072fdc676eff-CDG alt-svc h3=":443"; ma=86400 content-length 25541
GET H2	200	dc87eef669813bd22fac2e20f0317de2.jpg static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	6 KB 6 KB	585ms 582ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/dc87eef669813bd22fac2e20f0317de2.jpg Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc22ec0cc7a298827aecf1f7828571fe86ca12bb55fdc28b992244a1120e0b1b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "21db8d598068a24406659ce9ddb5f097" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGsy5%2FAtF7ZOnyLYSzk31pbbK1sas3HX5Zh926F%2FD4aMiI4o%2BMDgSOUur%2B9wf3kiL%2BpxE2WcY8jfLz%2Bb72yt9vk4DeM6PRTOQXzfpmabShGCRnZA%2BrEre3iyG%2FR8peMxVqT12v60u7gTfN8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=43200 accept-ranges bytes cf-ray 85b6072fdc686eff-CDG alt-svc h3=":443"; ma=86400 content-length 5863
GET H2	200	funnel-page.js Show response static.funnelcockpit.com/assets/js/	104 KB 34 KB	480ms 477ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c3323f807eebf260d60b189452d96e61e141b21d8619c7c1e0d0bbc8c343640 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:33:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 201 etag W/"5179217db01b9990409bd6d959ecfeec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpWXCxgFWsl3aB9cU%2BwF9wqvTjBfU0FGC2YoubdblbLWyAjYo%2F7j8EbA2%2F7jQ3KFcXd5Mb5asrpJpCMQl5zsVrDv5b0xPc7Jhugn%2B%2B0HevZeRyoQT0W0nfuZmbBd%2FjDxdxpt1R%2FsUOS%2FU8g%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 85b6072fdc696eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	gtm.js Show response www.googletagmanager.com/	196 KB 71 KB	1124ms 304ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PSMMS9B Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash bd27a19daa1a299f89b4d2a80de87084bc4dcd82a0cd9836c62816c994ea0696 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 71875 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 26 Feb 2024 06:10:59 GMT
GET H2	200	a24503d12145fdde571f8d308339930a.svg static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	16 KB 4 KB	1046ms 1044ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/a24503d12145fdde571f8d308339930a.svg Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f8faf4b80e574328b5581302f56e041b8b609e3b1ff4bed50f797131d039551 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:01 GMT content-encoding br cf-cache-status HIT last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3 etag W/"da1f491866a34b91f43e02b31390f1ba" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp%2BQZVfRyz6%2B%2BxyIsBVOmxsskjnaNXCaLimkJlx%2ByL4TkRUOWJnA9xRahevB7WMSgqtSNpE8Jl5i4UXo9d2W0g7QIq6PfIItOMKE%2BVzSATfhUtLJESg254z8zvDsKQXo4p4vyYkHPhjrs2I%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=43200 cf-ray 85b6073dd92b6eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	605243325bcd84b5c73772ddb8ccce45.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	25 KB 25 KB	1077ms 1076ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/605243325bcd84b5c73772ddb8ccce45.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57961a47a1d9db2f06f326e12bd14a6b04b55a9a349a0ccb67061f3528bfdb3b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:01 GMT cf-cache-status HIT last-modified Sun, 24 Dec 2023 21:57:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3 etag "2fc64220224c8074978ae07e78d83dde" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfGnWKpEdQTMw1sKdxDHSJZcnOOiFOXpDSWAv0nry9WFhBnl2PnvYhLv9KDdyNEI4qPoW2oc0YmgVxO1T7IV0UNlJzqcSNLEkwWRJjds5TeN8ZY60D0%2FBW0g3anwyRITx5MiUx%2BbaQHU57I%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b607400b4d6eff-CDG alt-svc h3=":443"; ma=86400 content-length 25502
GET H2	200	4535f1501726550c0841a04005db9d5b.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	8 KB 8 KB	768ms 763ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/4535f1501726550c0841a04005db9d5b.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c635383da2b88b0e554fcf1d49b27c4443d3433356b77d667d40af702065d9 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:02 GMT cf-cache-status HIT last-modified Sun, 24 Dec 2023 21:57:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4 etag "08a9b4b77090367f2c2241259a73310c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpzZDph0D798PhzJTIczJb%2BiDXpKhMFpal%2Bzcna1OlXtvtnwWni%2BjBRPGCMHuqJFG8TZareAaW7IQerTRMkF1Eb6CLOLMAezTRy9Fhv5uE8ommpSgk1zFuoFEGpynBY0VqVFyqx%2B%2FZwwyYU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b60743ef766eff-CDG alt-svc h3=":443"; ma=86400 content-length 7910
GET H2	200	5dbac4dbc193bf5b111817c2e343ba32.png static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	13 KB 14 KB	778ms 774ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/5dbac4dbc193bf5b111817c2e343ba32.png Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ddb6c41f152e61315d24c4443cae925eeaade0d16cd3514eab733b244f6c6f5 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:02 GMT cf-cache-status HIT last-modified Sun, 24 Dec 2023 21:57:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4 etag "7ddeecfeb71acd8948e80170c3265f95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hws68gTr7zH%2B8UxGuUTWNa8jrfA50BEhfJbpfx5jxp6uS%2BDTfzkl9Kq9oL5WabMNP4virizIylsxfdOhPTM8NxkUISnYIIAe6d2Po5%2FLJIt5VbfzjI42L71XR61JfnWIZhkB%2BU%2BmuQ6qLEU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 85b60743ef776eff-CDG alt-svc h3=":443"; ma=86400 content-length 13511
GET H2	200	6b8978e82feb2b76a9ad138971daecd1.jpg static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/	305 KB 306 KB	960ms 960ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/2wZMcFEXNi9g89E7m/6b8978e82feb2b76a9ad138971daecd1.jpg Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4b72d62ad768027eb34b03207d423c64a687dfec97037bcae108264e7029de8 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Sun, 24 Dec 2023 21:57:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "294d19bf16714f50f73e983ee77c2e11" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlFbFucLxlhDtKut468dnttFFawEVWWu%2BIt71Np3kFe4eBG1piqmzDMa9saXsDpbh57OBrzK0%2B1OghjxTC8Vw7psgikwf9bEJBzRHqHVhAbTLrWoVAJb%2FgTr4I2M%2FFmCoNvjn173KzuI8yI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=43200 accept-ranges bytes cf-ray 85b607305cf26eff-CDG alt-svc h3=":443"; ma=86400 content-length 312707
GET H2	200	fa-solid-900.woff2 static.funnelcockpit.com/assets/fonts/	76 KB 77 KB	1214ms 361ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/fa-solid-900.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537 Request headers Referer https://www.google.ch/ Origin https://klickbetrug.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Thu, 01 Feb 2024 13:34:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "d824df7eb2e268626a2dd9a6a741ac4e" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OydK8Alhy%2B25EpsDjcW51nKMnIuWoQUbyySqqMvx29R5WcLoMc3OCoiu%2F%2BcbSaRuiybXCakXHqXkAqtf33SLyqXYoEftLIXHzwZQoIS9kfFBGcuCaIWxbkLW3NzwSiRD7q05Vqn0jXBLJaU%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 85b607343d3d6624-AMS alt-svc h3=":443"; ma=86400 content-length 78268
GET H2	200	fa-regular-400.woff2 static.funnelcockpit.com/assets/fonts/	13 KB 13 KB	2329ms 1478ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/fa-regular-400.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca Request headers Referer https://www.google.ch/ Origin https://klickbetrug.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Thu, 01 Feb 2024 13:34:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b91d376b8d7646d671cd820950d5f7f1" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzj5KQktqAtPwrSCtYxDJ0Hpc1xFFz8hUpcurxmIv4ucMuzyzY3kxVsgf6r746%2FhBca45sqsfQ%2BFnqcXd1wGbQtSW0%2F%2FAonqhmscZyQQyAKEsjenNk716XeZAo7SJ2XmS4gwP3HmY%2FbitXs%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 85b607343d406624-AMS alt-svc h3=":443"; ma=86400 content-length 13224
GET H2	206	click-fraud-main-animation-comp.webm statics.clixtell.com/wp-content/uploads/	154 KB 155 KB	4901ms 946ms	Media video/webm	18.66.122.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://statics.clixtell.com/wp-content/uploads/click-fraud-main-animation-comp.webm Requested by Host: klickbetrug.ch URL: https://klickbetrug.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-82.fra60.r.cloudfront.net Software Apache / Resource Hash c26b2cb8c1e94a1d7c5ba69ada273ac1546ee9e09c1f64fae264aab15ede6432 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.ch/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Range bytes=0- Response headers strict-transport-security max-age=31536000 content-security-policy upgrade-insecure-requests x-content-type-options nosniff date Mon, 26 Feb 2024 06:11:06 GMT via 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 age 71341 x-cache Hit from cloudfront Content-Range bytes 0-157928/157929 Content-Length 157929 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sun, 30 Dec 2018 19:35:40 GMT server Apache expect-ct max-age=7776000, enforce x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type video/webm accept-ranges bytes x-amz-cf-id EFcDJ2oh94Nkx-Oj6wN2BPVglsmX07ejhBESgjx2clf72mBKwA9VaA==
OPTIONS H2	200	track-page-visit api.funnelcockpit.com/	0 0	792ms 423ms	Preflight	159.69.147.208 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.funnelcockpit.com/track-page-visit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.147.69.159.clients.your-server.de Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://klickbetrug.ch Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language, cookie access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin https://klickbetrug.ch date Mon, 26 Feb 2024 06:10:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-download-options noopen x-xss-protection 1; mode=block
POST H2	200	track-page-visit Show response api.funnelcockpit.com/	0 372 B	4515ms 2906ms	XHR text/plain	159.69.147.208 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.funnelcockpit.com/track-page-visit Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.147.69.159.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Xss-Protection 1; mode=block Request headers Referer https://www.google.ch/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Mon, 26 Feb 2024 06:11:02 GMT strict-transport-security max-age=15724800; includeSubDomains x-download-options noopen access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin https://klickbetrug.ch cache-control private, no-cache, proxy-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language, cookie x-xss-protection 1; mode=block
GET H2	200	2819.d6d84bb98dbe0ff84b29.js Show response static.funnelcockpit.com/assets/js/chunk/	877 B 794 B	1775ms 1775ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/2819.d6d84bb98dbe0ff84b29.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:02 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:33:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3411 etag W/"900e8d6cebeba595cd4d9d397c936a97" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmReQGxXibWfkvUHfC%2BjxXuo3B9Q%2FI3REdhDbiIXkxcYcYHtl0JYYSBZfMOxhbE6VDQ07Nc1UybX3A7U4NfLVnAUslSDwMVCEj3Cv3F7yNpiTPiA8B4ZjmsobuTVjx58%2BPqk9CuS%2BW3PbYo%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 85b607446fe26eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	2681.f9ebe191577409e358e3.js Show response static.funnelcockpit.com/assets/js/chunk/	4 KB 2 KB	3167ms 3167ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/2681.f9ebe191577409e358e3.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:04 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:33:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 655 etag W/"45823df5200104062056ad9fe02fc457" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrZohAMi2UZE%2FUxHZYWumy%2BU5lvE7jxjC9PJBJRzAyJ7LyV8Sti7UOKhcfS4KWvb8QR2lGq%2F2YVh%2BTk2U45XFv9wUBGK4g7HTYpqKCl8e7Bn9R1U%2FvyPA4L4cXme0K%2B7X9nbuK6hoyETcOw%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 85b6074eda086eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	1304.31030298a02161531ca7.js Show response static.funnelcockpit.com/assets/js/chunk/	5 KB 2 KB	3207ms 3207ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:05 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:33:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4795 etag W/"789b48c7404e9ed9881c4fbd1f97afbc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOhO5LtExhP4ULUYsJCsdg9hrVE8k9L08Zl27NKozgPUkxre83RdJovbYC%2BDHZrKgYkcb9pPbx3rizuxqX7fb7DpGg9NC4l8jatLHCYxqxmNB8bCjHRsEldpRJfu%2FfRjibmJKhc%2FxMGAgUE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 85b60757da176eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	3063.26fbf89730552c8f1fa0.js Show response static.funnelcockpit.com/assets/js/chunk/	11 KB 4 KB	3191ms 3191ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/3063.26fbf89730552c8f1fa0.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ad18f015d84887da0ca413e01dc5883c042702e382ceadc4c986992f49d567c Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:05 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:33:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1200 etag W/"f1d4d6df1576763107054d2ffa7e02de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVckrfsiQicAxw7SuvRgI7c%2FLYih2%2B2SFpkRsQ15nVCfg8dv5An6EdOa%2FstmzkjvibbzSvo6b%2FdJILBZOwhkMLNTarM7HDRiY4CZDvmGT2qf5fnLePasSyBWUSKOKcctyX5ss70qUbHWRwE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 85b60757da196eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	red-hat-display.css static.funnelcockpit.com/assets/css/fonts/	6 KB 773 B	134ms 132ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/css/fonts/red-hat-display.css?v=9487295f537b63de Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0066a877015d053a9a363ae4c46a19fae84b137f658dea8cfdfeb40ea7d3b90 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Feb 2024 13:34:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 358 etag W/"ff6f6cdc65533bdf5f428a5d85aab1a4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2dbg6Mu%2BbssIZI5n%2F7c4GnNR09Enwx4EftNIn9bVkSiWyzl5yTqpy5LCVImaSMdKhoVUumAgMze0kf73rCQRX8S3uZyuX2FeD60Hto08Zw%2B%2FWBLVfGCsd7v2kzIze3xbCeMEfQ4muMotOU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 85b607317ded6eff-CDG alt-svc h3=":443"; ma=86400
GET H2	200	red-hat-display-v4-latin-regular.woff2 static.funnelcockpit.com/assets/fonts/	19 KB 19 KB	1661ms 1479ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/red-hat-display-v4-latin-regular.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/red-hat-display.css?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5040d27d166bc35d662bb85bca9bf44fb32b5d2340b1507d924ea6d36c4a3c8a Request headers Referer https://www.google.ch/ Origin https://klickbetrug.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Thu, 01 Feb 2024 13:35:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3a61111b00cb98030e3fff2f44b485c5" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHCnsxSAsESkOXuqwD4XNzpoD9hl9xu3OdUC7TzEgXxMY3lFk90avQ6ZoHxQoZeOl8HXPnOgESMg5rgKx0X3hvLkjRohyDyKwGLJ6heZWBqdTOjmAmvaRJlB%2F6fzKHCg2mItGPllEL1gu8c%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 85b607343d446624-AMS alt-svc h3=":443"; ma=86400 content-length 19024
GET H2	200	red-hat-display-v4-latin-700.woff2 static.funnelcockpit.com/assets/fonts/	19 KB 19 KB	1658ms 1476ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/red-hat-display-v4-latin-700.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/red-hat-display.css?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da6ae39dc1fcb55b48cbb8651b9328ab988e28f04323eff03a0e894300087cd1 Request headers Referer https://www.google.ch/ Origin https://klickbetrug.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Thu, 01 Feb 2024 13:35:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "754718ad21e8faba11828c41619a1731" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udT93Yt1ydtA9s%2FaSCgHso0hRQLNDJU5W7md9bQkKRhzWY8qoTHDGeP2VcieQyVffcGq14QMWuUXTHxAAae9Dr8TiW%2B%2BS8F1%2BamHXDDSc7J6ARRNNtofnvz90dsdzOuy9SFAT7sH1elnqac%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 85b607343d416624-AMS alt-svc h3=":443"; ma=86400 content-length 19144
GET H2	200	red-hat-display-v4-latin-500.woff2 static.funnelcockpit.com/assets/fonts/	19 KB 19 KB	1654ms 1475ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/red-hat-display-v4-latin-500.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/red-hat-display.css?v=9487295f537b63de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29fcb20f32600f8689c0506775b232c527534b616a9250cf42cd70e69fcbb565 Request headers Referer https://www.google.ch/ Origin https://klickbetrug.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:10:59 GMT cf-cache-status MISS last-modified Thu, 01 Feb 2024 13:35:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "eba55d8e46c83209cb77521ee06cb526" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhJrIB9UASEOUPqeWyOEZbByiLhvzIj2ARZ0%2Bd4R2VisrhhBbSryDRicJ4ewvh5luZrtAl7AS9BbO%2BT%2Bs3p%2Fqt1z4WjwbEFydbwxCG%2BWKhJG773MyVooehlORtRtVosz3LFLf4O8okoIluU%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 85b607343d436624-AMS alt-svc h3=":443"; ma=86400 content-length 19064
GET H2	200	js Show response www.googletagmanager.com/gtag/	280 KB 93 KB	1551ms 1550ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YQ69R023CP&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSMMS9B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8180c991ea09713a7ad5b35bb7d5190f2a7cebb06ee442676eb0bbf40f765a41 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Mon, 26 Feb 2024 06:11:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95045 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 26 Feb 2024 06:11:05 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	2567ms 593ms	Script text/javascript	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSMMS9B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 26 Feb 2024 05:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1377 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 26 Feb 2024 07:48:09 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 253 B	1641ms 744ms	Ping text/plain	216.239.32.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-YQ69R023CP&gtm=45je42l0v897182170z8897164191za200&_p=1708927858825&gcd=13l3l3l3l1&npa=0&dma=0&cid=458024685.1708927866&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708927865&sct=1&seg=0&dl=https%3A%2F%2Fklickbetrug.ch%2F&dt=Software%20gegen%20Klickbetrug%20im%20Vergleich%2C%20ClickGuard%2C%20Clixtell%20und%20ClickCease&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=9554 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YQ69R023CP&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Mon, 26 Feb 2024 06:11:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://klickbetrug.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 207 B	171ms 170ms	XHR text/plain	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1455520705&t=pageview&_s=1&dl=https%3A%2F%2Fklickbetrug.ch%2F&ul=en-us&de=UTF-8&dt=Software%20gegen%20Klickbetrug%20im%20Vergleich%2C%20ClickGuard%2C%20Clixtell%20und%20ClickCease&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=319441105&gjid=2062666877&cid=458024685.1708927866&tid=UA-105312532-4&_gid=628807673.1708927867&_r=1&_slc=1&gtm=45He42l0n81PSMMS9Bv897164191za200&gcd=13l3l3l3l1&dma=0&z=2073027587 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.google.ch/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 26 Feb 2024 06:11:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://klickbetrug.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| apiEndpoint object| trackingConfig object| dataLayer object| cookieNoticeConfig object| WebFontConfig object| webpackChunkfunnelcockpit_page_assets object| urlParameters object| tempPausedVideoPlayers object| overlays function| cleverPushInitCallback object| regeneratorRuntime object| gdpr-cookie-notice-templates string| gdprOriginalPaddingBottom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.klickbetrug.ch/	1970-01-21 04:18:07	Name: _ga_YQ69R023CP Value: GS1.1.1708927865.1.0.1708927865.0.0.0
			.klickbetrug.ch/	1970-01-21 04:18:07	Name: _ga Value: GA1.2.458024685.1708927866
			.klickbetrug.ch/	1970-01-20 18:43:34	Name: _gid Value: GA1.2.628807673.1708927867
			.klickbetrug.ch/	1970-01-20 18:42:07	Name: _gat_UA-105312532-4 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.funnelcockpit.com
klickbetrug.ch
region1.google-analytics.com
static.funnelcockpit.com
statics.clixtell.com
www.google-analytics.com
www.googletagmanager.com
142.250.184.200
142.250.184.238
159.69.147.208
18.66.122.82
188.114.96.3
216.239.32.36
45.138.175.224
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
209ec8ece3adb13e7608adda22570b91b3c6e7b4b2c4df887dda03c86f9f0040
29fcb20f32600f8689c0506775b232c527534b616a9250cf42cd70e69fcbb565
37f80cea9a2253a6264d692e092ced140bd89641d872dc20b9d5d727a135fe89
3f8faf4b80e574328b5581302f56e041b8b609e3b1ff4bed50f797131d039551
4c3323f807eebf260d60b189452d96e61e141b21d8619c7c1e0d0bbc8c343640
4ddb6c41f152e61315d24c4443cae925eeaade0d16cd3514eab733b244f6c6f5
5040d27d166bc35d662bb85bca9bf44fb32b5d2340b1507d924ea6d36c4a3c8a
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
57961a47a1d9db2f06f326e12bd14a6b04b55a9a349a0ccb67061f3528bfdb3b
61c635383da2b88b0e554fcf1d49b27c4443d3433356b77d667d40af702065d9
6e2bb3ad016a6a88bea7eac1e06480c6fd06fa06181348b379ee6e0c1a9da096
8180c991ea09713a7ad5b35bb7d5190f2a7cebb06ee442676eb0bbf40f765a41
8ad18f015d84887da0ca413e01dc5883c042702e382ceadc4c986992f49d567c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
b0066a877015d053a9a363ae4c46a19fae84b137f658dea8cfdfeb40ea7d3b90
bcf3858d5a33a29c102e1260eced9af6dbae069e983d291594a2ed16f3ad77fa
bd27a19daa1a299f89b4d2a80de87084bc4dcd82a0cd9836c62816c994ea0696
c26b2cb8c1e94a1d7c5ba69ada273ac1546ee9e09c1f64fae264aab15ede6432
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb
da6ae39dc1fcb55b48cbb8651b9328ab988e28f04323eff03a0e894300087cd1
dc22ec0cc7a298827aecf1f7828571fe86ca12bb55fdc28b992244a1120e0b1b
dc72a967b6eccf48cf015f800da8fa81da341f16fc9f6bb793de4aba1ad724eb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
f4b72d62ad768027eb34b03207d423c64a687dfec97037bcae108264e7029de8
fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7