urlscan.io logo urlscan.io
SecurityTrails logo

world-wide-new.com Open in urlscan Pro
2606:4700:30::6812:3efb  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/m7dfjf7
Effective URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&place...
Submission: On November 26 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2606:4700:30::6812:3efb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is world-wide-new.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 11th 2019. Valid for: a year.
This is the only time world-wide-new.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 5.149.248.70 59711 (HZ-NL-AS)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 78.140.165.10 35415 (WEBZILLA)
2 2 52.22.78.155 14618 (AMAZON-AES)
2 104.18.11.222 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 52.29.130.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
39 2606:4700:20:... 13335 (CLOUDFLAR...)
54 8
1    2606:4700:10::6814:da2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
1    5.149.248.70 (Netherlands)

ASN59711 (HZ-NL-AS, GB)
dawnloadonline.com
1    2606:4700:30::6812:28d8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
motorsmails.com
1    78.140.165.10 (Netherlands)

ASN35415 (WEBZILLA, NL)
mob1ledev1ces.com
2    52.22.78.155 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-78-155.compute-1.amazonaws.com
reroplittrewheck.pro
2    104.18.11.222 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urityofferencem.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2606:4700:30::6812:3efb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.world-wide-new.com
world-wide-new.com
1    52.29.130.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-130-114.eu-central-1.compute.amazonaws.com
autqxwl.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
39    2606:4700:20::681a:cc4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tamashy.com
Domain Requested by
39 tamashy.com world-wide-new.com
2 urityofferencem.com mob1ledev1ces.com
urityofferencem.com
2 reroplittrewheck.pro 2 redirects
1 ajax.googleapis.com world-wide-new.com
1 fonts.gstatic.com
1 world-wide-new.com urityofferencem.com
1 autqxwl.com 1 redirects
1 www.world-wide-new.com 1 redirects
1 fonts.googleapis.com urityofferencem.com
1 mob1ledev1ces.com
1 motorsmails.com 1 redirects
1 dawnloadonline.com 1 redirects
1 tinyurl.com 1 redirects
54 13

This site contains links to these domains. Also see Links.

Domain
autqxwl.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-17 -
2020-10-09		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Frame ID: 30F63D68DCBD8AD5677168814DE126E3
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tinyurl.com/m7dfjf7 HTTP 301
    http://dawnloadonline.com/gfeed/link/qc5MjE3fHwxMzk3MDgxMzAzfHwyMDU2fHwoRU5HSU5FKSBGb3J1bW90aW9uIFsyIF... HTTP 301
    https://motorsmails.com/smac.php?q=Sans+For508.pdf HTTP 302
    http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A Page URL
  2. https://reroplittrewheck.pro/redirect?tid=754576&subid=32169&puid=AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A HTTP 302
    https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36... Page URL
  3. https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=32169 HTTP 302
    http://www.world-wide-new.com/p-ads/admaven-pop1.php?&placement={pubfeed}&campaignid={campaign}&subid=8017... HTTP 301
    http://autqxwl.com/path/lp.php?trvid=10008&trvx=c1808050&&placement={pubfeed}&campaignid={campa... HTTP 302
    https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

83 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

8
IPs

3
Countries

3658 kB
Transfer

4769 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinyurl.com/m7dfjf7 HTTP 301
    http://dawnloadonline.com/gfeed/link/qc5MjE3fHwxMzk3MDgxMzAzfHwyMDU2fHwoRU5HSU5FKSBGb3J1bW90aW9uIFsyIFBvc3QgQUNDXSB7fQ==/sans_for508_pdflkjh/yuki.forumotion.com.percnatasll11l/1_fm.html HTTP 301
    https://motorsmails.com/smac.php?q=Sans+For508.pdf HTTP 302
    http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A Page URL
  2. https://reroplittrewheck.pro/redirect?tid=754576&subid=32169&puid=AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A HTTP 302
    https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE Page URL
  3. https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=32169 HTTP 302
    http://www.world-wide-new.com/p-ads/admaven-pop1.php?&placement={pubfeed}&campaignid={campaign}&subid=801790&campname=pop-cpl&extcid=7130509194925837236 HTTP 301
    http://autqxwl.com/path/lp.php?trvid=10008&trvx=c1808050&&placement={pubfeed}&campaignid={campaign}&subid=801790&campname=pop-cpl&extcid=7130509194925837236 HTTP 302
    https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tinyurl.com/m7dfjf7 HTTP 301
  • http://dawnloadonline.com/gfeed/link/qc5MjE3fHwxMzk3MDgxMzAzfHwyMDU2fHwoRU5HSU5FKSBGb3J1bW90aW9uIFsyIFBvc3QgQUNDXSB7fQ==/sans_for508_pdflkjh/yuki.forumotion.com.percnatasll11l/1_fm.html HTTP 301
  • https://motorsmails.com/smac.php?q=Sans+For508.pdf HTTP 302
  • http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
Request Chain 1
  • https://reroplittrewheck.pro/redirect?tid=754576&subid=32169&puid=AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A HTTP 302
  • https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
mob1ledev1ces.com/rtb/s/
Redirect Chain
  • http://tinyurl.com/m7dfjf7
  • http://dawnloadonline.com/gfeed/link/qc5MjE3fHwxMzk3MDgxMzAzfHwyMDU2fHwoRU5HSU5FKSBGb3J1bW90aW9uIFsyIFBvc3QgQUNDXSB7fQ==/sans_for508_pdflkjh/yuki.forumotion.com.percnatasll11l/1_fm.html
  • https://motorsmails.com/smac.php?q=Sans+For508.pdf
  • http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
Protocol
HTTP/1.1
Server
78.140.165.10 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
ba489671d68313025d302e2cdf0d80c7c11715fd8f2f2e7907098633f6330c00

Request headers

Host
mob1ledev1ces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Tue, 26 Nov 2019 21:23:45 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=qkHqwrvvaSSuZMlPQz90oGhThsR8TrslRUOKLg7ZASAR1GSxbXkeX8KzqAkmVBJhIuguUi4hJA1xUfhI71wcWed2s7FbkskN9gQA15ZHJ6PjPRAXfkhOsxmqHmalRBtbuarsy5MtA55M3NRCwX0FEA+ff/o8rek2wXyIxecvu90LOlBhBOMKUsdZHw1Libjn5d+aEcavcnjDcEUDJ3siPMWzv7Q0lamkyiRDG6ugEALQGDQkjpUWUgIc476bENikCBsvNdoVAQGZD6K10CKO1TarGb+9+dg+EdXCvS1VVzLg0yMF1Y2CBR5V5/gG2eU=; Expires=Thu, 26 Nov 2020 21:23:45 GMT

Redirect headers

status
302
date
Tue, 26 Nov 2019 21:23:45 GMT
content-type
text/html
set-cookie
__cfduid=d8588e94c0ee0f91189f1b9b3f5a002311574803424; expires=Thu, 26-Dec-19 21:23:44 GMT; path=/; domain=.motorsmails.com; HttpOnly
x-powered-by
PHP/5.2.17
expires
Tue, 03 Jul 2001 06:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
last-modified
Tue, 26 Nov 2019 22:21:09 GMT
location
http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53beecdb3aa08cc2-VIE
RHNTJ
urityofferencem.com/
Redirect Chain
  • https://reroplittrewheck.pro/redirect?tid=754576&subid=32169&puid=AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
  • https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&t...
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
Requested by
Host: mob1ledev1ces.com
URL: http://mob1ledev1ces.com/rtb/s/AOCX3V2pfQAAV-cBAERFNAASAHSSg_0A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
24bcbb9cdc486ad4837730fca5b8bedfafc971e332f8f8cb96d43f89d8b30801

Request headers

:method
GET
:authority
urityofferencem.com
:scheme
https
:path
/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://mob1ledev1ces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://mob1ledev1ces.com/

Response headers

status
200
date
Tue, 26 Nov 2019 21:23:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d01955154647b1f47bec82dec821f25ae1574803425; expires=Thu, 26-Dec-19 21:23:45 GMT; path=/; domain=.urityofferencem.com; HttpOnly; Secure
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53beece2ca8ec2e0-FRA
content-encoding
br

Redirect headers

status
302
date
Tue, 26 Nov 2019 21:23:45 GMT
content-type
text/plain
content-length
0
location
https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
server
openresty/1.15.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=4e36538e-c166-4ab4-bdce-3d06c3970fb6 fv=rjk6qdYErHnGqiEFqjC9pdaHqds8vdw=; Expires=Wed, 25 Nov 2020 21:23:45 GMT; Max-Age=31536000; Domain=.reroplittrewheck.pro; Path=/; Version=1
dlp
urityofferencem.com/ 		61 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://urityofferencem.com/dlp?st=1&lp=stanley&geo=DE
Requested by
Host: urityofferencem.com
URL: https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e04770b164d859009f000b2bca5c6f2e490c5f01382d637181e48a5a8dd99624

Request headers

Referer
https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
53beece3fe21c2e0-FRA
access-control-allow-headers
X-Requested-With,content-type
css
fonts.googleapis.com/ 		2 KB
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: urityofferencem.com
URL: https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 26 Nov 2019 21:23:46 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 26 Nov 2019 21:23:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 26 Nov 2019 21:23:46 GMT
Primary Request /
world-wide-new.com/winners/klatten/
Redirect Chain
  • https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=32169
  • http://www.world-wide-new.com/p-ads/admaven-pop1.php?&placement={pubfeed}&campaignid={campaign}&subid=801790&campname=pop-cpl&extcid=7130509194925837236
  • http://autqxwl.com/path/lp.php?trvid=10008&trvx=c1808050&&placement={pubfeed}&campaignid={campaign}&subid=801790&campname=pop-cpl&extcid=7130509194925837236
  • https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl...
85 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Requested by
Host: urityofferencem.com
URL: https://urityofferencem.com/RHNTJ?tag_id=754576&sub_id1=32169&sub_id2=5750613206598533149&cookie_id=4e36538e-c166-4ab4-bdce-3d06c3970fb6&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D32169&hop=7&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3efb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.23
Resource Hash
64b8fac29d53517d5b35b57dd2432f428e52da27ef6eb245b5e02754c16dd093

Request headers

:method
GET
:authority
world-wide-new.com
:scheme
https
:path
/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=df6e6961e10266c094c64e6d4734e9f151574803426
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 Nov 2019 21:23:47 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.23
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53beeceac95bcbc8-VIE
content-encoding
br

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Cache-control
no-cache="set-cookie"
Content-Type
text/html
Date
Tue, 26 Nov 2019 21:23:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Pragma
no-cache
Server
Thrive-0e302966bc49e5221-eu-central-1
Set-Cookie
THRIVE_SESS=o3mjcq13rfcln8gj7oobh7kln1; expires=Wed, 27-Nov-2019 21:23:46 GMT; Max-Age=86400; path=/; domain=.autqxwl.com ClickId=bjhlo7j10drd; expires=Thu, 26-Dec-2019 21:23:46 GMT; Max-Age=2592000; path=/; domain=.autqxwl.com OfferPage=http%3A%2F%2Fho.theclickpros.com%2Faff_c%3Foffer_id%3D559%26aff_id%3D1185%26aff_sub%3Dbjhlo7j10drd%26aff_sub2%3D10008; expires=Thu, 26-Dec-2019 21:23:46 GMT; Max-Age=2592000; path=/; domain=.autqxwl.com OfferID=1021; expires=Thu, 26-Dec-2019 21:23:46 GMT; Max-Age=2592000; path=/; domain=.autqxwl.com LandingId=1024; expires=Thu, 26-Dec-2019 21:23:46 GMT; Max-Age=2592000; path=/; domain=.autqxwl.com clickData_bjhlo7j10drd=eJx1VG1v2zYQ%2FiuCPhgJ5sikRL15MIqtGZagTVssy7YPBgKKOltqaJKlKDdu4P%2B%2Bo%2BQYwex90vHhvTx3z4kvYddXt3U4D6uvjdT5V0pqW4fTUPCN8TglhBTTsNO9FeCBfBpKrupWrcfrmB2Ba%2B4AoTRnBUlYnE1DvVqBPfjRw%2FHBSizXOGfmy9ly1ujINSBkK56M1V0k9GY546vVo3g3uD%2B29SJNy4mH0KS0SAcbeS%2Fecn4F48VAOTxUGzmRaWj4TvduMEVvLSixQxoP99e%2BWa224XzFZQfj4RjlLFfdbd2hK%2FpZ2A7otu1ap204fwlbg1eUsSjPIkrKKCHox9eg3L1Dh%2FBO%2F2il5MtZGpHg4o6LVjndNT8Ht8qBDBAIPt8H%2FwSUPFL2mF4Gvxgj4W%2BoPrQOg5I8SrLg4sPNn3cfp4FsnyD4HcSTvgzeN1ZvYDnLWUSiJI%2FLiGZlcM9X3LavgeEgzbpHPmMDUgsuDzZsufwIW5CDpm5nPF5D9%2BS08dPzPSM9NLdgu1Yr3yiJKEOksvp7B76%2FkcYA4RKMmTe69lm9WcO2FfCJbw5F287P6wbcDwU2%2BKxkq7CjTXUzqqBAuLHSe22NtijDcvbF6ufdcvbXl0%2FeqXW7VzHWo%2BsQWkOC5vVvD8MNCj%2Bww0NvWzSWM8Nds5xJE5nGvHN263fJL8oE7eeFoAUpSEomEyO5gA3qt3gxfbUCqPcT%2FzPwdq0w5uXV3k9w2RAoCM1LMrgobHNhtLkSRk7g2Qm8zmmCaUtasjJOC9QJVdnjHFB9q7j0KyR0N%2B4lhgzg7WGOW4LfIwsPUA8cGXgkRmSk4E9%2BBgcC%2Fsjw%2BD8ENP50wwLXUPVrb9hewq8W%2BJMX%2FgJ%2FXzaPr4TulbO7x2HAlxd5HpNTNM2K9BSN8zQ5RTNCzvgWCc1O0SRldP7Tf4vl9AyxLDuXoEzzMxTyIjuDsqQ8k4Fix2fo5qQ403BKzuSNi7I8QYclrVuL6%2F6HRvFDrWBo99Jr0wwLEfLefXv%2BLv2LiP5dJ49PlAWD7yVXbniB%2FLYQSEhcZlklWAlpHNO3Pwj0VwIX2nJ5RcP9%2Fvh%2B3fCuweu4quqKcZpWggJlcVmVFa%2BSVQUx5TFjiWBFzfLqDek7cI3GuqqXcv8vq93wzg%3D%3D; expires=Tue, 26-Nov-2019 21:53:46 GMT; Max-Age=1800; path=/ clickData=eJx1VG1v2zYQ%2FiuCPhgJ5sikRL15MIqtGZagTVssy7YPBgKKOltqaJKlKDdu4P%2B%2Bo%2BQYwex90vHhvTx3z4kvYddXt3U4D6uvjdT5V0pqW4fTUPCN8TglhBTTsNO9FeCBfBpKrupWrcfrmB2Ba%2B4AoTRnBUlYnE1DvVqBPfjRw%2FHBSizXOGfmy9ly1ujINSBkK56M1V0k9GY546vVo3g3uD%2B29SJNy4mH0KS0SAcbeS%2Fecn4F48VAOTxUGzmRaWj4TvduMEVvLSixQxoP99e%2BWa224XzFZQfj4RjlLFfdbd2hK%2FpZ2A7otu1ap204fwlbg1eUsSjPIkrKKCHox9eg3L1Dh%2FBO%2F2il5MtZGpHg4o6LVjndNT8Ht8qBDBAIPt8H%2FwSUPFL2mF4Gvxgj4W%2BoPrQOg5I8SrLg4sPNn3cfp4FsnyD4HcSTvgzeN1ZvYDnLWUSiJI%2FLiGZlcM9X3LavgeEgzbpHPmMDUgsuDzZsufwIW5CDpm5nPF5D9%2BS08dPzPSM9NLdgu1Yr3yiJKEOksvp7B76%2FkcYA4RKMmTe69lm9WcO2FfCJbw5F287P6wbcDwU2%2BKxkq7CjTXUzqqBAuLHSe22NtijDcvbF6ufdcvbXl0%2FeqXW7VzHWo%2BsQWkOC5vVvD8MNCj%2Bww0NvWzSWM8Nds5xJE5nGvHN263fJL8oE7eeFoAUpSEomEyO5gA3qt3gxfbUCqPcT%2FzPwdq0w5uXV3k9w2RAoCM1LMrgobHNhtLkSRk7g2Qm8zmmCaUtasjJOC9QJVdnjHFB9q7j0KyR0N%2B4lhgzg7WGOW4LfIwsPUA8cGXgkRmSk4E9%2BBgcC%2Fsjw%2BD8ENP50wwLXUPVrb9hewq8W%2BJMX%2FgJ%2FXzaPr4TulbO7x2HAlxd5HpNTNM2K9BSN8zQ5RTNCzvgWCc1O0SRldP7Tf4vl9AyxLDuXoEzzMxTyIjuDsqQ8k4Fix2fo5qQ403BKzuSNi7I8QYclrVuL6%2F6HRvFDrWBo99Jr0wwLEfLefXv%2BLv2LiP5dJ49PlAWD7yVXbniB%2FLYQSEhcZlklWAlpHNO3Pwj0VwIX2nJ5RcP9%2Fvh%2B3fCuweu4quqKcZpWggJlcVmVFa%2BSVQUx5TFjiWBFzfLqDek7cI3GuqqXcv8vq93wzg%3D%3D; expires=Thu, 26-Dec-2019 21:23:46 GMT; Max-Age=2592000; path=/ AWSELB=314FB50304860902C1BD54F7D6171F4DC20D81303E445A64C82E58283A60D4FC5AD58C1E133925E52EBBBD36030952AB249A31D8404237B501783A059FC13FBD11006EC423;PATH=/
Content-Length
0
Connection
keep-alive
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
https://urityofferencem.com

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
452845
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
678023
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Nov 2020 01:03:24 GMT
bootstrap.min.css
tamashy.com/southwind/btc/de/susanne/ 		100 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/bootstrap.min.css
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b05336944dc8257502af3b9d063bd66295c799afe9ae1368eddfb4db6e250

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:09 GMT
server
cloudflare
age
6266
etag
W/"7a15dc-191f1-59207eea513ec-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
53beeceecd01cbb0-VIE
all.css
tamashy.com/southwind/btc/de/susanne/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/all.css
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:14 GMT
server
cloudflare
age
6266
etag
W/"7a15de-d747-59207eef487e3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
53beeceecd06cbb0-VIE
styles.min.css
tamashy.com/southwind/btc/de/susanne/ 		842 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde2ee4081a1d54ae30c15a82d14363748a00297cdec91d10223442ca711983c

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:24 GMT
server
cloudflare
age
6266
etag
W/"7a1592-d2960-59207b9e86746-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
53beeceecd0bcbb0-VIE
jquery.js
tamashy.com/southwind/btc/de/susanne/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/jquery.js
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:19 GMT
server
cloudflare
age
6266
etag
W/"7a1589-176de-59207b99691ef-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
53beeceecd10cbb0-VIE
ouibounce.css
tamashy.com/southwind/btc/de/susanne/exit-popup/popup-assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/exit-popup/popup-assets/css/ouibounce.css
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbd1f2736070fa06246acd09fc84050eee5a14ad1e2de107cc8379422f1ea3c

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:01:31 GMT
server
cloudflare
age
3762
etag
W/"7a15cb-141b-59207c1754e7f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
53beeceecd0ecbb0-VIE
ouibounce.js
tamashy.com/southwind/btc/de/susanne/exit-popup/popup-assets/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/exit-popup/popup-assets/js/ouibounce.js
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
007673099a51d59c18449878bc6661fdf46b75cc2d43e45791205166637edc31

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:01:35 GMT
server
cloudflare
age
3762
etag
W/"7a15d2-132b-59207c1afcf25-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
53beeceecd12cbb0-VIE
logo2.png
tamashy.com/southwind/btc/de/susanne/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/logo2.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fff99ae13a43da8bd719d49491517551f618f2e542d53a0822500ed18a8b83

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:52:59 GMT
server
cloudflare
age
6266
etag
"7a158a-ae4-592087984ec24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beeceeed7dcbb0-VIE
content-length
2788
Schmandkuchen.jpg
tamashy.com/southwind/btc/de/susanne/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/Schmandkuchen.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b436c6f59b05c9493d99a1a39337085d290b346949fe1f7c7ced5d7120e2114f

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:21 GMT
server
cloudflare
age
6266
etag
"7a1590-33a4-59207b9aeb990"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beeceeed80cbb0-VIE
content-length
13220
Penne-Alfredo.jpg
tamashy.com/southwind/btc/de/susanne/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/Penne-Alfredo.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b51d9dd522a8eb4666e339bb0c9d04faf4c86085e9338f0b439e92ec042d23

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:20 GMT
server
cloudflare
age
6266
etag
"7a158e-573d-59207b9a829de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef0e05cbb0-VIE
content-length
22333
top1.jpg
tamashy.com/southwind/btc/de/susanne/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/top1.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa1faef1ad967eb5ce3c4c63df5545fe51c8fec2ce3a055aa6b123ac2fcef89

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 12:02:20 GMT
server
cloudflare
age
6266
etag
"7a15f0-40b5f-59209718d0a30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef2e70cbb0-VIE
content-length
265055
susanne1.jpg
tamashy.com/southwind/btc/de/susanne/bitcoin-profit/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/bitcoin-profit/susanne1.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5044f15709ed60171ba35c2eb5e2ed4c88fad7c705db2ebfa625c5731b725b9

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 19:14:58 GMT
server
cloudflare
age
6266
etag
"7a15f6-4040a-5920f7cc481b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef2e73cbb0-VIE
content-length
263178
susanne2.jpg
tamashy.com/southwind/btc/de/susanne/ 		474 KB
474 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/susanne2.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a48e4345c45bd8b580ea3dffb9118b35a87835f420c4489f07a3d6284d9573

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 12:29:02 GMT
server
cloudflare
age
6266
etag
"7a1339-7672a-59209d0fd6b8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3e9acbb0-VIE
content-length
485162
muskbranson.jpg
tamashy.com/southwind/btc/de/susanne/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/muskbranson.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:03 GMT
server
cloudflare
age
6266
etag
"7a15e8-27ea3-59207ee47e838"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3e9bcbb0-VIE
content-length
163491
dreamcar.jpg
tamashy.com/southwind/btc/de/susanne/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/dreamcar.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:06 GMT
server
cloudflare
age
6266
etag
"7a15ec-27eee-59207ee72e819"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3e9ccbb0-VIE
content-length
163566
tisdale.jpg
tamashy.com/southwind/btc/de/susanne/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/tisdale.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:50 GMT
server
cloudflare
age
6266
etag
"7a15df-43a38-59207ed817b0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3e9ecbb0-VIE
content-length
277048
everydayprofit_euro.gif
tamashy.com/southwind/btc/de/susanne/ 		571 KB
572 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/everydayprofit_euro.gif
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4cd3aafbcd39299de3a7b2fbf85d8bffdc035eb40a4f27228ed2166aee4b324

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:07 GMT
server
cloudflare
age
6266
etag
"7a15eb-8ed97-59207ee80b35e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3e9fcbb0-VIE
content-length
585111
cheque.jpg
tamashy.com/southwind/btc/de/susanne/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/cheque.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
beefcea5f7dc1a37b1ce8ec60f5ee6d7a009abb1c73708e56a3c53143a996e33

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:15:48 GMT
server
cloudflare
age
6266
etag
"7a15ea-4dc02-59207f48a2e51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3ea0cbb0-VIE
content-length
318466
step4-german.jpg
tamashy.com/southwind/btc/de/susanne/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/step4-german.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4037bbf27025cc8c2d9fcb8ce541da87ed10952c094583232c95c9c1a827635e

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 11:07:27 GMT
server
cloudflare
age
6266
etag
"7a15d5-10cfd-59208ad3f6ab1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3ea3cbb0-VIE
content-length
68861
step2-german.jpg
tamashy.com/southwind/btc/de/susanne/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/step2-german.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fd3050bdb8816268559385b44589785a05d866b865463a6e9f4517ae23a0d4

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:55 GMT
server
cloudflare
age
6266
etag
"7a15d4-1e5a5-59207edc926cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3ea6cbb0-VIE
content-length
124325
step3-german.jpg
tamashy.com/southwind/btc/de/susanne/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/step3-german.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf37b91d225ab9e135d65a0a6c70ddc08973e372b86c5701f7167d053042bfd5

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:54 GMT
server
cloudflare
age
3558
etag
"7a15d3-1ee08-59207edb669e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef3ea7cbb0-VIE
content-length
126472
top.png
tamashy.com/southwind/btc/de/susanne/ 		630 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/top.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
276ff208d4d9d9a24fcbfe8823f554322f7c2fbb5f5b243c1a4761c1daeafc18

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:23 GMT
server
cloudflare
age
3070
etag
"7a1594-276-59207b9d1f526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef6f33cbb0-VIE
content-length
630
home.svg
tamashy.com/southwind/btc/de/susanne/img/icons_menu/ 		1 KB
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/icons_menu/home.svg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc6b914954175d0d7aaca2a3de756a112a229947b87c1e41ed7a3d2389b7e69

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:36 GMT
server
cloudflare
age
2806
etag
W/"7a15ad-4cb-59207ba9d389c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
53beecef6f37cbb0-VIE
Lato-Regular.woff
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular/ 		0
0
Vollkorn-Italic.woff
tamashy.com/southwind/btc/de/susanne/fonts/vollkorn/ 		0
0
facebook.png
tamashy.com/southwind/btc/de/susanne/img/article-socialbar/ 		770 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/article-socialbar/facebook.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd052ca4cc7a11451668e8ca89ae857734064f2a6e990a22c280f51a04cceb23

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:34 GMT
server
cloudflare
age
3659
etag
"7a15a5-302-59207ba7476f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef7f8dcbb0-VIE
content-length
770
pinterest.png
tamashy.com/southwind/btc/de/susanne/img/article-socialbar/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/article-socialbar/pinterest.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4840d55d7b3f883241249b3ed2adacc0ffb687af5812960949b8af91e0793f

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:34 GMT
server
cloudflare
age
6266
etag
"7a15a7-11b1-59207ba7c3b3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef7f8ecbb0-VIE
content-length
4529
twitter.png
tamashy.com/southwind/btc/de/susanne/img/article-socialbar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/article-socialbar/twitter.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced2e6be429b52552fd9f0764a624127ae604c4a8fd4d4efc54aa226ed951f35

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:35 GMT
server
cloudflare
age
2806
etag
"7a15a9-988-59207ba83efea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef7f90cbb0-VIE
content-length
2440
email.png
tamashy.com/southwind/btc/de/susanne/img/article-socialbar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/article-socialbar/email.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c6873da51669d806f0fb0d7a44c8a3b9aef2376c269aeaff4ba594e27a74f3

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:33 GMT
server
cloudflare
age
6266
etag
"7a15a3-bd4-59207ba6cb691"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef7f93cbb0-VIE
content-length
3028
print.png
tamashy.com/southwind/btc/de/susanne/img/article-socialbar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/img/article-socialbar/print.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f7b5ca02ba9f0a71cca4c6de5c7dba58d8632cba7667c39bbb3d9419f60edf

Request headers

Referer
https://tamashy.com/southwind/btc/de/susanne/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:34 GMT
server
cloudflare
age
2806
etag
"7a15a8-4d2-59207ba7cdf50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecef7f96cbb0-VIE
content-length
1234
Lato-BoldItalic.woff
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-bold-italic/ 		0
0
Vollkorn-Italic.ttf
tamashy.com/southwind/btc/de/susanne/fonts/vollkorn/ 		0
0
Lato-BoldItalic.ttf
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-bold-italic/ 		0
0
Lato-Regular.ttf
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular/ 		0
0
scandi-male(1).jpg
tamashy.com/southwind/btc/de/susanne/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/scandi-male(1).jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b869885b1049f575842e45bb2b3e6efdca2b9d364f07640ef9615c2a22c353e

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:57 GMT
server
cloudflare
age
6266
etag
"7a15e5-9022-59207edec2f9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00980cbb0-VIE
content-length
36898
scandi-male(2).jpg
tamashy.com/southwind/btc/de/susanne/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/scandi-male(2).jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1677d5e7ce20df25d6a1069757f4cfcc8a40fd1c250daf028c68f54fa83d06e8

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:57 GMT
server
cloudflare
age
6266
etag
"7a15e4-a820-59207ede4482a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00989cbb0-VIE
content-length
43040
side3.png
tamashy.com/southwind/btc/de/susanne/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/side3.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:57 GMT
server
cloudflare
age
6266
etag
"7a15e3-97f6-59207ede36982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf0098bcbb0-VIE
content-length
38902
side4.png
tamashy.com/southwind/btc/de/susanne/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/side4.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:56 GMT
server
cloudflare
age
6266
etag
"7a15e2-6476-59207eddb10c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf0098dcbb0-VIE
content-length
25718
scandi-female(4).jpg
tamashy.com/southwind/btc/de/susanne/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/scandi-female(4).jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e8ce172a07e372edae6f120e0d6141112d0f44cec5eaad1685a50e03117518

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:57 GMT
server
cloudflare
age
6266
etag
"7a15e6-861c-59207edecfea5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf0098fcbb0-VIE
content-length
34332
side6.png
tamashy.com/southwind/btc/de/susanne/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/side6.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:56 GMT
server
cloudflare
age
6266
etag
"7a15e1-88a3-59207eddaddfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00991cbb0-VIE
content-length
34979
side7.png
tamashy.com/southwind/btc/de/susanne/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/side7.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:55 GMT
server
cloudflare
age
6266
etag
"7a15e0-79a4-59207edd2239b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00992cbb0-VIE
content-length
31140
checkmark.png
tamashy.com/southwind/btc/de/susanne/ 		341 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/checkmark.png
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:06 GMT
server
cloudflare
age
6266
etag
"7a15ed-155-59207ee79c203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00995cbb0-VIE
content-length
341
s4.jpg
tamashy.com/southwind/btc/de/susanne/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/s4.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d36b6e6da45d37d41f41c7b94b85691380fba3d8b9d455c3bde5ebe487ad823

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 11:05:15 GMT
server
cloudflare
age
6266
etag
"7a15d8-17754-59208a55caeae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00996cbb0-VIE
content-length
96084
s2.jpg
tamashy.com/southwind/btc/de/susanne/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/s2.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02c86d015fe07811b3c247c1fc8934a1ab62ad74817084ce9dc5ba340907eca

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:14:02 GMT
server
cloudflare
age
6266
etag
"7a15d7-25063-59207ee304567"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf00999cbb0-VIE
content-length
151651
s3.jpg
tamashy.com/southwind/btc/de/susanne/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamashy.com/southwind/btc/de/susanne/s3.jpg
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d0cf39229e9768c529651a007a807990761a96524028eb24227c69350bc37c

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 10:13:59 GMT
server
cloudflare
age
6266
etag
"7a15d6-16519-59207ee0a8931"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
53beecf0099bcbb0-VIE
content-length
91417
ouibounce.js
tamashy.com/southwind/btc/de/susanne/ 		2 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tamashy.com/southwind/btc/de/susanne/ouibounce.js
Requested by
Host: world-wide-new.com
URL: https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cc4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Request headers

Referer
https://world-wide-new.com/winners/klatten/?country=Germany&region=&city=&campid=10008&offerid=1021&sxid=bjhlo7j10drd&placement=%7Bpubfeed%7D&campaignid=%7Bcampaign%7D&subid=801790&campname=pop-cpl&extcid=7130509194925837236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 21:23:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 09:59:20 GMT
server
cloudflare
age
6266
etag
W/"7a158d-658-59207b9a11943-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
53beecf00988cbb0-VIE
LatoIta.woff
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular-italic/ 		0
0
LatoIta.ttf
tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular-italic/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular/Lato-Regular.woff
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/vollkorn/Vollkorn-Italic.woff
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-bold-italic/Lato-BoldItalic.woff
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/vollkorn/Vollkorn-Italic.ttf
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-bold-italic/Lato-BoldItalic.ttf
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular/Lato-Regular.ttf
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular-italic/LatoIta.woff
Domain
tamashy.com
URL
https://tamashy.com/southwind/btc/de/susanne/fonts/lato/lato-regular-italic/LatoIta.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| ouibounce object| _ouibounce function| getHeaderHeight function| setHeaderSimulationHeight object| dayNames object| monthNames object| now number| dayOfTheWeek

1 Cookies

Domain/Path Name / Value
.world-wide-new.com/ Name: __cfduid
Value: df6e6961e10266c094c64e6d4734e9f151574803426

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
autqxwl.com
dawnloadonline.com
fonts.googleapis.com
fonts.gstatic.com
mob1ledev1ces.com
motorsmails.com
reroplittrewheck.pro
tamashy.com
tinyurl.com
urityofferencem.com
world-wide-new.com
www.world-wide-new.com
tamashy.com
104.18.11.222
2606:4700:10::6814:da2a
2606:4700:20::681a:cc4
2606:4700:30::6812:28d8
2606:4700:30::6812:3efb
2a00:1450:4001:809::2003
2a00:1450:4001:824::200a
2a00:1450:4001:825::200a
5.149.248.70
52.22.78.155
52.29.130.114
78.140.165.10
007673099a51d59c18449878bc6661fdf46b75cc2d43e45791205166637edc31
0fa1faef1ad967eb5ce3c4c63df5545fe51c8fec2ce3a055aa6b123ac2fcef89
0fbd1f2736070fa06246acd09fc84050eee5a14ad1e2de107cc8379422f1ea3c
1677d5e7ce20df25d6a1069757f4cfcc8a40fd1c250daf028c68f54fa83d06e8
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1b869885b1049f575842e45bb2b3e6efdca2b9d364f07640ef9615c2a22c353e
1d36b6e6da45d37d41f41c7b94b85691380fba3d8b9d455c3bde5ebe487ad823
1e3b05336944dc8257502af3b9d063bd66295c799afe9ae1368eddfb4db6e250
22d0cf39229e9768c529651a007a807990761a96524028eb24227c69350bc37c
24bcbb9cdc486ad4837730fca5b8bedfafc971e332f8f8cb96d43f89d8b30801
25fd3050bdb8816268559385b44589785a05d866b865463a6e9f4517ae23a0d4
276ff208d4d9d9a24fcbfe8823f554322f7c2fbb5f5b243c1a4761c1daeafc18
27f7b5ca02ba9f0a71cca4c6de5c7dba58d8632cba7667c39bbb3d9419f60edf
4037bbf27025cc8c2d9fcb8ce541da87ed10952c094583232c95c9c1a827635e
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
54b51d9dd522a8eb4666e339bb0c9d04faf4c86085e9338f0b439e92ec042d23
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
64b8fac29d53517d5b35b57dd2432f428e52da27ef6eb245b5e02754c16dd093
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66a48e4345c45bd8b580ea3dffb9118b35a87835f420c4489f07a3d6284d9573
8bc6b914954175d0d7aaca2a3de756a112a229947b87c1e41ed7a3d2389b7e69
97e8ce172a07e372edae6f120e0d6141112d0f44cec5eaad1685a50e03117518
a02c86d015fe07811b3c247c1fc8934a1ab62ad74817084ce9dc5ba340907eca
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
b0c6873da51669d806f0fb0d7a44c8a3b9aef2376c269aeaff4ba594e27a74f3
b436c6f59b05c9493d99a1a39337085d290b346949fe1f7c7ced5d7120e2114f
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
ba489671d68313025d302e2cdf0d80c7c11715fd8f2f2e7907098633f6330c00
beefcea5f7dc1a37b1ce8ec60f5ee6d7a009abb1c73708e56a3c53143a996e33
c8fff99ae13a43da8bd719d49491517551f618f2e542d53a0822500ed18a8b83
ced2e6be429b52552fd9f0764a624127ae604c4a8fd4d4efc54aa226ed951f35
cf37b91d225ab9e135d65a0a6c70ddc08973e372b86c5701f7167d053042bfd5
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
dde2ee4081a1d54ae30c15a82d14363748a00297cdec91d10223442ca711983c
e04770b164d859009f000b2bca5c6f2e490c5f01382d637181e48a5a8dd99624
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f4cd3aafbcd39299de3a7b2fbf85d8bffdc035eb40a4f27228ed2166aee4b324
f5044f15709ed60171ba35c2eb5e2ed4c88fad7c705db2ebfa625c5731b725b9
fd052ca4cc7a11451668e8ca89ae857734064f2a6e990a22c280f51a04cceb23
fd4840d55d7b3f883241249b3ed2adacc0ffb687af5812960949b8af91e0793f