urlscan.io logo urlscan.io
SecurityTrails logo

sprmrkt.happy-nachrichten.de Open in urlscan Pro
45.156.91.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sprmrkt.happy-nachrichten.de/
Effective URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Submission: On April 24 via manual from VN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is sprmrkt.happy-nachrichten.de.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time sprmrkt.happy-nachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 45.156.91.33 211823 (ABUNTIS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.158.79.89 16509 (AMAZON-02)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 78.46.198.121 24940 (HETZNER-AS)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
29 9
12    45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)
sprmrkt.happy-nachrichten.de
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
2    35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
meine.pixelweiche.de
1    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de
lv1.mycleverpush.com
4    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
Apex Domain
Subdomains		 Transfer
12 happy-nachrichten.de
sprmrkt.happy-nachrichten.de
2 MB
11 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 25386
api.cleverpush.com — Cisco Umbrella Rank: 22122
110 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
35 KB
1 mycleverpush.com
lv1.mycleverpush.com
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
59 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
11 KB
29 7
Domain Requested by
12 sprmrkt.happy-nachrichten.de 1 redirects sprmrkt.happy-nachrichten.de
7 static.cleverpush.com sprmrkt.happy-nachrichten.de
static.cleverpush.com
4 api.cleverpush.com static.cleverpush.com
2 meine.pixelweiche.de sprmrkt.happy-nachrichten.de
meine.pixelweiche.de
1 lv1.mycleverpush.com static.cleverpush.com
1 connect.facebook.net sprmrkt.happy-nachrichten.de
1 ajax.googleapis.com sprmrkt.happy-nachrichten.de
1 use.fontawesome.com sprmrkt.happy-nachrichten.de
1 fonts.googleapis.com sprmrkt.happy-nachrichten.de
29 9
Subject Issuer Validity Valid
*.happy-nachrichten.de
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cleverpush.com
E1		 2024-03-02 -
2024-05-31		 3 months crt.sh
coyote.pixel-weiche.de
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-01 -
2024-05-01		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sprmrkt.happy-nachrichten.de/start_55.html
Frame ID: B03434C607E4ABDE899371A8EE568A46
Requests: 26 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fsprmrkt.happy-nachrichten.de
Frame ID: A4CDB6AD6F33F83301806A82B6D4A12A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lidl Geschenkkarte Gewinnen

Page URL History Show full URLs

  1. https://sprmrkt.happy-nachrichten.de/ HTTP 302
    https://sprmrkt.happy-nachrichten.de/start_55.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

2538 kB
Transfer

3439 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sprmrkt.happy-nachrichten.de/ HTTP 302
    https://sprmrkt.happy-nachrichten.de/start_55.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request start_55.html
sprmrkt.happy-nachrichten.de/
Redirect Chain
  • https://sprmrkt.happy-nachrichten.de/
  • https://sprmrkt.happy-nachrichten.de/start_55.html
152 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
07f25ac7abe8c42ae0f5e5c85baa169b73ee0ec5cc77de894a2afa0a78577394

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
34729
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Apr 2024 04:33:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Apr 2024 04:33:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
location
https://sprmrkt.happy-nachrichten.de/start_55.html
cpa_style.css
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteFiles/55/ 		248 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteFiles/55/cpa_style.css
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Apr 2019 17:47:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0cd-5875e6a2f1525-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
40035
css2
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 04:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 03:51:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 04:33:10 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Origin
https://sprmrkt.happy-nachrichten.de
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
832529
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiAMNboBIT0Cfbf2OX2aI0s4HRiQRHU3z7By6AWHgDfJbUuwjkphBRMTMIcm3249FIOvt4ah41Ba9KR8BwNmYWdWhBSyuhkqaBVQeIIHew%2FfTEBr9z3YLyIs9qNZHJSWdWKy4%2F7fUTLr5sEHrPRAuYYA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
87935fa97ef042ab-EWR
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 21:54:55 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		228 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62abe92176c8621d0af7896f9c788f66aff713218aeb7962f26d454c19440a51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5WFF7SF7XVX0JWK2
age
114
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vNC7Ln0gO+rRM8lh0MxhBYPIIHjgg+lEfP5149dj597p4XIA1PjVFvT3nx74tRpQNwIUAvOT4Yg=
last-modified
Wed, 24 Apr 2024 00:33:19 GMT
server
cloudflare
etag
W/"a24c60880a734047c81115c479f65be1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bknFz5vC7cj7BBIhYhsyBSTDSvzl8xa48UB80jZJ80dDlg6ch0c9ec3EJjC6lfCKTXu796OucdCQQ1hlO1H6G8e6%2FnmchzsSbqAUo8BkGLXGq27%2BjNlEccCBPT74R7uDeFS4oNadF9j5ssWBkqpVXP18w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
87935facde64c340-EWR
lidl,new.png
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		482 KB
482 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/lidl,new.png
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
73043ea26e864ed3b3618d20d8f874d097e6af39ed233278b5dae169b5d9cfac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:10 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"787da-5b6d45521b211"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
493530
lidl,mobile4.png
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		547 KB
548 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/lidl,mobile4.png
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0c87eadf110ad5a705bc26da26d70075a1896cb9642b47823bca2ead2b47f3c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:10 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"88ce2-5b6d45521b211"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
560354
screenshot11.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/screenshot11.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
61442389f2ded8fd67a1629061e1b92d2ef09894b07b733f271267f8dd4374bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:10 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"43530-5b6d45521c1b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
275760
screenshot9.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/screenshot9.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
db88d8acfc46eacf5ebc5a2b46ddef64c4d84cbd09234ad6bfd7d73d466d9e05

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:10 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4492b-5b6d45521c1b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
280875
screenshot10.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/screenshot10.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
58b8396eec1cca248b68750047aab897d87dfbd24a88f3641966445596e2f29d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:11 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2e439-5b6d45521c1b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
189497
screenshot12.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/screenshot12.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eb24e0f489c76dd4aad3d4d719112925d71de42d152e07a191667622b4885568

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:11 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"29868-5b6d45521c1b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
170088
screenshot3.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/screenshot3.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
39834622177e86b208b91235e95fae55ee87d21ce9280eada75d4b4323474029

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:11 GMT
Last-Modified
Sat, 19 Dec 2020 17:12:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"27b9b-5b6d45521c1b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
162715
script.js
meine.pixelweiche.de/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:11 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag
"3c4-5581a7e5699e1;616922bc1b4c0"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
964
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 04:33:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=13, mss=1392, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
LehH7CsupT4d/IcOBzDLQ/erPIBNAOkNvK2RpPvef42qIPPbYVjIQysycy3mU9we9EVQVoQKbsRibcSyjrmIkQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.jpg
sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sprmrkt.happy-nachrichten.de/media/adresseManager/microSiteImg/55/bg.jpg
Requested by
Host: sprmrkt.happy-nachrichten.de
URL: https://sprmrkt.happy-nachrichten.de/start_55.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b97ef6f3b2702c954145e9b6e69bd60ef430fdbf8e4c8da55fc94a3db05ab870

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:11 GMT
Last-Modified
Thu, 25 Apr 2019 17:55:04 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"169d4-5875e8491a59a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
92628
script.js
meine.pixelweiche.de/tg/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2024 04:33:12 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By
PHP/5.6.30
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
5.7bf12eb14858c1f4fd98.js
static.cleverpush.com/sdk/chunk/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.7bf12eb14858c1f4fd98.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3da607dc4e6637a6eb1c83aad352e1b934bf4cc8bb5420e0962e6f20336dc8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K73CJZB4E8YRCZE8
age
11914
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UGc8oKhDiB8NIPP4JEI3p9mHZx+Yz3LPLeYHOCngItFScGa3od4ZI4MvqJDGAyWDH44CveQt7+Y=
last-modified
Sat, 20 Apr 2024 12:44:30 GMT
server
cloudflare
etag
W/"71195a8ffdfcc2d26e073cafb5d147b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltSQOtDbgwyU02sQ8WgthzeSfHk7JpSG9G0ClyJGXItYYxfDsTebAePp%2FUDDBhCFdIOU5REaipx6DDnkkwekxf%2Fbz3P2NeSP%2FlLh4JNsIZHaPh9luRwa4G6qFDPrN40fpVffCTmiBDKTBKUSzWwdcwjlbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
87935fb77cc1c340-EWR
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K738JQASPE1TMQWM
age
11914
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GAzbivj19F5vmMxieHNqtyZhiQuPKzkV353oHiw5XY9tNr8WdBJPhWDqqe+r761LPtbOPUIk+CI=
last-modified
Sat, 20 Apr 2024 12:44:29 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkJGWNuf0b1eto6u8n8YQzVhyC%2BCesdfQ%2B%2BHJEz4pDheysvRb91%2F9ByK%2BtahkPENJUhQtEeiyWks45usv%2Fz6gAHyMlJ0V3M%2FK7h%2FuQsFrnHnCpP1NkR88GOQYNz9zM%2Fu8%2FnocvXPk62YyUf8s8Em0LcMnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
87935fb77cc3c340-EWR
115.45e07019e1b45bb84052.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.45e07019e1b45bb84052.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdcf90c7e14bc33b9e979ccc5d19c74c991ae35cd871e8bf86737f9818d14ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SBPK8J80ZSZF7G2B
age
11912
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QuEzPuvRhEfpPWZiC6qWdK5YRf7067buzR1TiHJo4Qnu4BicHOp/vDJFOeuRYeN7yBnuqO5cpqs=
last-modified
Sat, 20 Apr 2024 12:44:29 GMT
server
cloudflare
etag
W/"b59346d8363e9382e25c428e746176db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F98a7dn%2BgaBkKE2DpzFWA4yMu47Hh1cZJtKM9LteZBlnOiqncrVaXwam1iMgeB4u5Gxxcg5j7i31VWuPVl0eWS1BlHuZltUS%2FVAwViLee%2F4fpLGcNYShPKmYnbWoBWjvcRY611MzJIHeeZadra7zK4YUCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
87935fb77cc4c340-EWR
iframe
lv1.mycleverpush.com/ Frame A4CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fsprmrkt.happy-nachrichten.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.198.46.78.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://sprmrkt.happy-nachrichten.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 04:33:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-15
x-cache-status
MISS
x-robots-tag
noindex
103.ca34caf4a7c7f94a245a.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P9KWMXD55679V27M
age
11912
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yaZ3QSyFX62L2hq4kWEML8+Gu9oAkuyEcQoC5IiLiN0WRBAAswi3SEznCfoC97TtmZjqwvK7kpk=
last-modified
Sat, 20 Apr 2024 12:44:29 GMT
server
cloudflare
etag
W/"edca157e63c1ec51d4f0d926c455f313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y47cCpbiHa4jki%2Btp561JCp7eQDENfKuhO4sI1Gpzjb6CDpfNRyWQn1DldhAiR6epxj%2Fs6VN5F%2FnLiZcpMaGTZ%2FCDEfh22d%2FWOwuuzTjx3SO2kGfHVppLWfnQ8zYxu6TfH5lZaP8dT0FsP%2B4tztbLHPusA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
87935fc0ead0c340-EWR
720.da266ba8d9bc4aa9c01f.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.da266ba8d9bc4aa9c01f.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cec1854c6b8ea6682d7244def0b34b5206c98f71790818da2458c0dbe64e426

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P9KSEBH6R18T5VD4
age
11912
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lVHr/at8/d/Io7MPzUIyuZuBjfj2vRrGApXqlbsecYPa63IB46BHNQCKeWr8L57pFerRoQjP1kc=
last-modified
Sat, 20 Apr 2024 12:44:31 GMT
server
cloudflare
etag
W/"38798b78419fb8fe75980f36deeb16be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nz6seCSXh9EbOXhzm2In73q9jW0K7PQWwjTah8QyOhBAXnCgdO%2BeUZ1Dvq6taEaTZKw0ypTXC0iR6nqBplzBeLuKy9282iTW7bFl4KtMAkBT%2BWH4Le%2FTU1b8NbBGJ4hQI1Tx6yFDXe9Fw%2FxV3y5m4HWiRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
87935fc0ead1c340-EWR
favicon.ico
sprmrkt.happy-nachrichten.de/ 		72 KB
72 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sprmrkt.happy-nachrichten.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/start_55.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 04:33:14 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11e46-5e822ffd79f32"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
73286
optin-visitor
api.cleverpush.com/channel/ 		16 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://sprmrkt.happy-nachrichten.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZpIp%2BQDejsRXTy4duleKuUz5RkAlJqZ%2BUkzqw6sg4PwbNz1eS22RotXdklDSwV3nV3mzZ3Onv8%2FFtg3gAo%2BxTesYTU6xhTMf97mhcAYHqyCgYFY0jSJiW3VJqL%2FRxZRJ9i4P3mvVtyz8UODIaWySw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
87935fc63fed78e2-EWR
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sprmrkt.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
87935fc3ff0478e2-EWR
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 24 Apr 2024 04:33:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLsDtPa5O6h5y%2Bl4%2BQVU8Ygb790h8jPcd%2BkP4djeevkAm6DVNWwexjU188eQVVXj%2BVzIZ8C44nTw8xUeByQOHwRsxfebyoOmRDF5hIRtIMz8yLZamoVTYUg%2FwQG84lELZ4x5G7OTrTfT7YuXmyF3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sprmrkt.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
87935fcecbac78e2-EWR
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 24 Apr 2024 04:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=de1xIT9%2BUNCUrG6%2BUXODU78Nw2zOe96MiNvtRVeEXCZLSqCgmrciJSbATS5rupwBy5ExhciLJcusZzIO6nthsnwJdByK844X8QwHEf1iaMXljzJ7YsVO7fNKAdvTwc%2FtAHyo%2FiEFzUe1cL5Tv0fWUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://sprmrkt.happy-nachrichten.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4uqDxMcponXKpJ4TkoNXqOAYAaCvao%2FSR0QZezX8o91psMlH1abhRDaV1WmicGTJ5MK3Z1gCSuV1dkdgKixavtEuC3hhblbYQPTpBaGU188o70%2FhixJGX8NbFeXUCS%2B39cTCHkB7TDmEd%2FiWGCEAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
87935fcfec1278e2-EWR
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sprmrkt.happy-nachrichten.de/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:33:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4EYS3NWJ5F4QFVCG
age
305743
alt-svc
h3=":443"; ma=86400
content-length
732
x-amz-id-2
wFuNdVHfUifNvEV1RoR6E2wMSIWhk44mYk70Xy48hwH3mjLHpZ5KIcaSrzAvLDOeMjn1SJd36F4=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ftl5G1I%2BKEuv6uEbHGCr6AZ3UnG3CN%2FaknTXFZvzEktGNzHjJqVMxI4MJGv4zUhrA%2FjJuxgwach%2FKjUIag5Hip0B0740wx30BhFdEY6ZTcqFBiBPK2bKOJEP9QiNLCbXL5EH%2FxCPhyS7D2K%2F%2FfmeVnBg7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
87935fcecac5c340-EWR

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| optinBoxActive function| fbq function| _fbq object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush function| pixelweiche object| pw

2 Cookies

Domain/Path Name / Value
sprmrkt.happy-nachrichten.de/ Name: PHPSESSID
Value: 83jnmvpcb94mhhbtrslc328emk
sprmrkt.happy-nachrichten.de/ Name: coyoteDevMode
Value: cpaMarketing

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
fonts.googleapis.com
lv1.mycleverpush.com
meine.pixelweiche.de
sprmrkt.happy-nachrichten.de
static.cleverpush.com
use.fontawesome.com
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2606:4700:3037::ac43:8ef5
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1b::5f
2a03:2880:f003:c0e:face:b00c:0:3
35.158.79.89
45.156.91.33
78.46.198.121
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
07f25ac7abe8c42ae0f5e5c85baa169b73ee0ec5cc77de894a2afa0a78577394
0c87eadf110ad5a705bc26da26d70075a1896cb9642b47823bca2ead2b47f3c5
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
39834622177e86b208b91235e95fae55ee87d21ce9280eada75d4b4323474029
3fdcf90c7e14bc33b9e979ccc5d19c74c991ae35cd871e8bf86737f9818d14ec
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
58b8396eec1cca248b68750047aab897d87dfbd24a88f3641966445596e2f29d
61442389f2ded8fd67a1629061e1b92d2ef09894b07b733f271267f8dd4374bb
62abe92176c8621d0af7896f9c788f66aff713218aeb7962f26d454c19440a51
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73043ea26e864ed3b3618d20d8f874d097e6af39ed233278b5dae169b5d9cfac
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
8cec1854c6b8ea6682d7244def0b34b5206c98f71790818da2458c0dbe64e426
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5
b97ef6f3b2702c954145e9b6e69bd60ef430fdbf8e4c8da55fc94a3db05ab870
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
db88d8acfc46eacf5ebc5a2b46ddef64c4d84cbd09234ad6bfd7d73d466d9e05
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb24e0f489c76dd4aad3d4d719112925d71de42d152e07a191667622b4885568
f3da607dc4e6637a6eb1c83aad352e1b934bf4cc8bb5420e0962e6f20336dc8a