Submitted URL: https://cutiesloveysluts.blogspot.com/
Effective URL: https://thelifeandmore.com/
Submission: On June 23 via manual from PE — Scanned from DE

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 88.211.205.212, located in Netherlands and belongs to SERVERS-COM, US. The main domain is thelifeandmore.com. The Cisco Umbrella rank of the primary domain is 86892.
TLS certificate: Issued by R3 on May 28th 2024. Valid for: 3 months.
This is the only time thelifeandmore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 66.29.132.136 22612 (NAMECHEAP...)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
4 212.117.190.201 7979 (SERVERS-COM)
12 88.211.205.212 7979 (SERVERS-COM)
9 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 151.101.66.166 54113 (FASTLY)
3 2a04:4e42:4d:... 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.192.239 54113 (FASTLY)
1 3.160.39.95 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
37 11
Apex Domain
Subdomains
Transfer
12 thelifeandmore.com
thelifeandmore.com — Cisco Umbrella Rank: 86892
312 KB
9 bbci.co.uk
ichef.bbci.co.uk — Cisco Umbrella Rank: 9163
2 MB
4 ddzk5l3bd.com
ddzk5l3bd.com — Cisco Umbrella Rank: 88204
31 KB
3 cnet.com
www.cnet.com — Cisco Umbrella Rank: 32148
232 KB
2 readwrite.com
readwrite.com — Cisco Umbrella Rank: 241888
531 KB
2 npr.org
media.npr.org — Cisco Umbrella Rank: 29144
2 MB
1 abcnewsfe.com
i.abcnewsfe.com — Cisco Umbrella Rank: 37969
38 KB
1 brightspotcdn.com
npr.brightspotcdn.com — Cisco Umbrella Rank: 27860
386 KB
1 wired.com
media.wired.com — Cisco Umbrella Rank: 66640
52 KB
1 kinja-img.com
i.kinja-img.com — Cisco Umbrella Rank: 38911
30 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 7210
301 B
1 colmekvideos.com
colmekvideos.com
222 B
1 blogspot.com
cutiesloveysluts.blogspot.com
14 KB
37 13
Domain Requested by
12 thelifeandmore.com ddzk5l3bd.com
thelifeandmore.com
9 ichef.bbci.co.uk
4 ddzk5l3bd.com cutiesloveysluts.blogspot.com
ddzk5l3bd.com
3 www.cnet.com
2 readwrite.com
2 media.npr.org
1 i.abcnewsfe.com
1 npr.brightspotcdn.com
1 media.wired.com
1 i.kinja-img.com
1 bit.ly 1 redirects
1 colmekvideos.com 1 redirects
1 cutiesloveysluts.blogspot.com
37 13

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh

Buypass Class 2 CA 5
2024-05-10 -
2024-11-05
6 months crt.sh
thelifeandmore.com
R3
2024-05-28 -
2024-08-26
3 months crt.sh
www.bbc.co.uk
GlobalSign ECC OV SSL CA 2018
2023-10-25 -
2024-11-25
a year crt.sh
www.npr.org
R3
2024-04-05 -
2024-07-04
3 months crt.sh
*.avclub.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-02 -
2024-09-02
a year crt.sh
*.cnet.com
R10
2024-06-18 -
2024-09-16
3 months crt.sh
readwrite.com
GTS CA 1P5
2024-05-23 -
2024-08-21
3 months crt.sh
condenast.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-08 -
2025-05-10
a year crt.sh
npr.brightspotcdn.com
Amazon RSA 2048 M02
2023-12-17 -
2025-01-14
a year crt.sh
i.marvelfe.com
R3
2024-06-05 -
2024-09-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://thelifeandmore.com/
Frame ID: 21DAB78800DFCDF23EDC7DD5ABC2FEBB
Requests: 37 HTTP requests in this frame

Screenshot

Page Title

Bigsport

Page URL History Show full URLs

  1. https://cutiesloveysluts.blogspot.com/ Page URL
  2. https://colmekvideos.com/A/new%2022-6.php HTTP 302
    https://bit.ly/Cutiesloveysluts HTTP 301
    https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1 Page URL
  3. https://ddzk5l3bd.com/r/dir?zoneid=2000220&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&... Page URL
  4. https://thelifeandmore.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Basket

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

37
Requests

100 %
HTTPS

46 %
IPv6

13
Domains

13
Subdomains

11
IPs

4
Countries

5324 kB
Transfer

5952 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutiesloveysluts.blogspot.com/ Page URL
  2. https://colmekvideos.com/A/new%2022-6.php HTTP 302
    https://bit.ly/Cutiesloveysluts HTTP 301
    https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1 Page URL
  3. https://ddzk5l3bd.com/r/dir?zoneid=2000220&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&psp=a8SKl1z_LfUXU3Pvaikaq5KrMvNWAaErr9xlEAA2GB79O7-DtN2bt8FArih2CH1T-bekfWr9-_yVBCoKjZ_p_byx7ABgw-ZIFD42aLCNrZ47duG40jLIsD3W0iSZW7zH_mJQAtv2ga-1s7Y98HavNW_z51Icv09QFtHXfudmU4e7MWI2rA7VKNjWX3mQhC0FxLMp3Qb2-LTPK4zJMkvGRlAPIRrm91gfPhjDTptWB1f5SBlFcz9aFFqX_yZ-WYOWgmyk2cahubOLuYXOrvmakNTuSEk8YDW8SFieVeueH8eeRYYqSeEWwN5BNyBGGobJPsSTGdrAOEE0YcfkSiHHBPgkYul3omhI6g==&fdl=1&nojs=0&abvar=0&febuild=1.0.270&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&pt=EFj3SzhTG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&psr=YUlmP2laHR0cHM6Ly9jdXRpZXNsb3ZleXNsdXRzLmJsb2dzcG90LmNvbS8&ix=0&x=1600&y=1200&md=0&psu=dAsCdMiaHR0cHM6Ly9kZHprNWwzYmQuY29tL1NSQy9TUkMucGhwP2M9MjAwMDIyMCZjMT1uZXcx&afid=2082992350288896&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.114%22,%20%22Google%20Chrome%22;v=%22126.0.6478.114%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=812&rlp=%5B0%2C0%2C26.899999618530273%2C14.699999809265137%2C3.5%2C78.59999942779541%2C34.79999923706055%2C21.59999942779541%5D Page URL
  4. https://thelifeandmore.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://colmekvideos.com/A/new%2022-6.php HTTP 302
  • https://bit.ly/Cutiesloveysluts HTTP 301
  • https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cutiesloveysluts.blogspot.com/
66 KB
14 KB
Document
General
Full URL
https://cutiesloveysluts.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
14341
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 19:10:18 GMT
etag
W/"376d572ecf73aff527f7bbd779eb8a0ce481c24e6fc051c3fa33e18d33c706c6"
expires
Sun, 23 Jun 2024 19:10:18 GMT
last-modified
Sat, 22 Jun 2024 08:22:13 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SRC.php
ddzk5l3bd.com/SRC/
Redirect Chain
  • https://colmekvideos.com/A/new%2022-6.php
  • https://bit.ly/Cutiesloveysluts
  • https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1
4 KB
2 KB
Document
General
Full URL
https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1
Requested by
Host: cutiesloveysluts.blogspot.com
URL: https://cutiesloveysluts.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4ca95cefb256d5f7620b84707b8c599c5fa512989598db7d65b3aca23d4f91

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://cutiesloveysluts.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 23 Jun 2024 19:10:18 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
142
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sun, 23 Jun 2024 19:10:18 GMT
location
https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1
referrer-policy
unsafe-url
server
nginx
via
1.1 google
submit.min.js
ddzk5l3bd.com/
60 KB
24 KB
Script
General
Full URL
https://ddzk5l3bd.com/submit.min.js?abvar=
Requested by
Host: ddzk5l3bd.com
URL: https://ddzk5l3bd.com/SRC/SRC.php?c=2000220&c1=new1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b5714de33be85e7d8c216f792c2d5eaff086861c4855057db6e1345576fe295f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-viewport-height
1200
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-ua-platform-version
"10.0.0"
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-prefers-reduced-motion
no-preference
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-prefers-color-scheme
light
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.114"
Referer
sec-ch-dpr
1

Response headers

date
Sun, 23 Jun 2024 19:10:18 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2024 14:43:16 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"66744004-f15a"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
dir
ddzk5l3bd.com/r/
8 KB
4 KB
Document
General
Full URL
https://ddzk5l3bd.com/r/dir?zoneid=2000220&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&psp=a8SKl1z_LfUXU3Pvaikaq5KrMvNWAaErr9xlEAA2GB79O7-DtN2bt8FArih2CH1T-bekfWr9-_yVBCoKjZ_p_byx7ABgw-ZIFD42aLCNrZ47duG40jLIsD3W0iSZW7zH_mJQAtv2ga-1s7Y98HavNW_z51Icv09QFtHXfudmU4e7MWI2rA7VKNjWX3mQhC0FxLMp3Qb2-LTPK4zJMkvGRlAPIRrm91gfPhjDTptWB1f5SBlFcz9aFFqX_yZ-WYOWgmyk2cahubOLuYXOrvmakNTuSEk8YDW8SFieVeueH8eeRYYqSeEWwN5BNyBGGobJPsSTGdrAOEE0YcfkSiHHBPgkYul3omhI6g==&fdl=1&nojs=0&abvar=0&febuild=1.0.270&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&pt=EFj3SzhTG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&psr=YUlmP2laHR0cHM6Ly9jdXRpZXNsb3ZleXNsdXRzLmJsb2dzcG90LmNvbS8&ix=0&x=1600&y=1200&md=0&psu=dAsCdMiaHR0cHM6Ly9kZHprNWwzYmQuY29tL1NSQy9TUkMucGhwP2M9MjAwMDIyMCZjMT1uZXcx&afid=2082992350288896&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.114%22,%20%22Google%20Chrome%22;v=%22126.0.6478.114%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=812&rlp=%5B0%2C0%2C26.899999618530273%2C14.699999809265137%2C3.5%2C78.59999942779541%2C34.79999923706055%2C21.59999942779541%5D
Requested by
Host: ddzk5l3bd.com
URL: https://ddzk5l3bd.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0
sec-ch-viewport-height
1200
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 23 Jun 2024 19:10:19 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
Primary Request /
thelifeandmore.com/
2 KB
1 KB
Document
General
Full URL
https://thelifeandmore.com/
Requested by
Host: ddzk5l3bd.com
URL: https://ddzk5l3bd.com/r/dir?zoneid=2000220&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&psp=a8SKl1z_LfUXU3Pvaikaq5KrMvNWAaErr9xlEAA2GB79O7-DtN2bt8FArih2CH1T-bekfWr9-_yVBCoKjZ_p_byx7ABgw-ZIFD42aLCNrZ47duG40jLIsD3W0iSZW7zH_mJQAtv2ga-1s7Y98HavNW_z51Icv09QFtHXfudmU4e7MWI2rA7VKNjWX3mQhC0FxLMp3Qb2-LTPK4zJMkvGRlAPIRrm91gfPhjDTptWB1f5SBlFcz9aFFqX_yZ-WYOWgmyk2cahubOLuYXOrvmakNTuSEk8YDW8SFieVeueH8eeRYYqSeEWwN5BNyBGGobJPsSTGdrAOEE0YcfkSiHHBPgkYul3omhI6g==&fdl=1&nojs=0&abvar=0&febuild=1.0.270&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&pt=EFj3SzhTG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&psr=YUlmP2laHR0cHM6Ly9jdXRpZXNsb3ZleXNsdXRzLmJsb2dzcG90LmNvbS8&ix=0&x=1600&y=1200&md=0&psu=dAsCdMiaHR0cHM6Ly9kZHprNWwzYmQuY29tL1NSQy9TUkMucGhwP2M9MjAwMDIyMCZjMT1uZXcx&afid=2082992350288896&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.114%22,%20%22Google%20Chrome%22;v=%22126.0.6478.114%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=812&rlp=%5B0%2C0%2C26.899999618530273%2C14.699999809265137%2C3.5%2C78.59999942779541%2C34.79999923706055%2C21.59999942779541%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
38f952d1b0f6046a2d701b27bb17d384a6c2f117540f482123d2754e8f4d6482

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 23 Jun 2024 19:10:19 GMT
etag
W/"6675358c-97d"
expires
Mon, 24 Jun 2024 19:10:19 GMT
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
vary
Accept-Encoding
dupa.gif
ddzk5l3bd.com/
43 B
482 B
Ping
General
Full URL
https://ddzk5l3bd.com/dupa.gif?z=2000220&febuild=1.0.270&wcks=1&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&nojs=0&abvar=0&md=0&psu=dAsCdMiaHR0cHM6Ly9kZHprNWwzYmQuY29tL1NSQy9TUkMucGhwP2M9MjAwMDIyMCZjMT1uZXcx&cha=x86&zoneid=2000220&vcv=Intel%20Inc.&y=1200&pload=812&ss=1&psr=YUlmP2laHR0cHM6Ly9jdXRpZXNsb3ZleXNsdXRzLmJsb2dzcG90LmNvbS8&eclog=0&tz=Europe/Berlin&cti=0&vcn=Intel%20Iris%20OpenGL%20Engine&chm=false&cnvs=1&pf=Win32&im=1&chb=64&ix=0&fdl=1&t=0&ls=1&fn=2&pt=EFj3SzhTG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&x=1600&chp=Win32&rlp=[0,0,26.899999618530273,14.699999809265137,3.5,78.59999942779541,34.79999923706055,21.59999942779541]&wgl=1&os=-120&bb=0&cd=24&afid=2082992350288896&chv=10.0.0&psp=Fv7ThbUOFokMudbYXY05j0jUeYTWzRcsRZCrZ7TLmWtDj44uzvRTPw3dndgCtCYpBVhzK37rF6GgAUBg8zYGayvmWr63kqyyjfU5Pg69Q6-JiyWpvFO6W6kFCutj4Pv1WAWSJ37cm_VLRTg4AtBadYGTnmmuGFukRWUkoDd2DjaL5cUU6zx3wvkwZWn9Z44K3I39J-ETdG9pwu8Ewmoq3qGMDdZ_3ksSQ5siQAPQSahALFfg_YwTR_O2CMU0eh-mQjAWpd9SQA5aDnccGD1OB8wx0VzAatr6OloS0FMi6Un0REKL8Q4OrfHsJHDjwjVd78yJx86W_QFruCl8rCkrzXl7jXGEUU0GRxP-cZARKq0cmm1MtdxlAgN6Cg8O5BivGRjm9U2jTL0KgW99cWZvQQU-lMZeTxamjYsCSP7cjNV9P3U64Zu1GSA4y1LF8Cs4i5WuiZMCJ29EOPVxqCBGs8vtRvC7Wkt5fYjrisF4--Y-tFX6sNmZPY0t0_woPHPQtQDx7ypafQmWBmwP5r-x3UWuin-pAmrcG5_91cgsZjqd4aY-Jy6u4CBDHOph0vcDtl_MK-FbocCZR63T5_fn4hiD2_HGl6Shvvfa29yOSMXwj6adcDlwHae5hkhXsivkJRaCfRLjOusaux0xmN_34Ji-inbTJwG9T39cpTR6VNFMPpJEE4bITeMoOE7WUXU8aopL09M6jAgngeM3u90TqBI=&pload=60&rlp=%5B0%2C0%2C0%2C0%2C-38.60000038146973%2C-3.8000001907348633%2C-17.40000057220459%2C0%5D&bb=0
Requested by
Host: ddzk5l3bd.com
URL: https://ddzk5l3bd.com/r/dir?zoneid=2000220&var=new1&pb=cc5cba7331d4fab8e07384b568f40a0b1719177018&psp=a8SKl1z_LfUXU3Pvaikaq5KrMvNWAaErr9xlEAA2GB79O7-DtN2bt8FArih2CH1T-bekfWr9-_yVBCoKjZ_p_byx7ABgw-ZIFD42aLCNrZ47duG40jLIsD3W0iSZW7zH_mJQAtv2ga-1s7Y98HavNW_z51Icv09QFtHXfudmU4e7MWI2rA7VKNjWX3mQhC0FxLMp3Qb2-LTPK4zJMkvGRlAPIRrm91gfPhjDTptWB1f5SBlFcz9aFFqX_yZ-WYOWgmyk2cahubOLuYXOrvmakNTuSEk8YDW8SFieVeueH8eeRYYqSeEWwN5BNyBGGobJPsSTGdrAOEE0YcfkSiHHBPgkYul3omhI6g==&fdl=1&nojs=0&abvar=0&febuild=1.0.270&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&pt=EFj3SzhTG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&psr=YUlmP2laHR0cHM6Ly9jdXRpZXNsb3ZleXNsdXRzLmJsb2dzcG90LmNvbS8&ix=0&x=1600&y=1200&md=0&psu=dAsCdMiaHR0cHM6Ly9kZHprNWwzYmQuY29tL1NSQy9TUkMucGhwP2M9MjAwMDIyMCZjMT1uZXcx&afid=2082992350288896&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.114%22,%20%22Google%20Chrome%22;v=%22126.0.6478.114%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=812&rlp=%5B0%2C0%2C26.899999618530273%2C14.699999809265137%2C3.5%2C78.59999942779541%2C34.79999923706055%2C21.59999942779541%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-viewport-height
1200
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-ua-platform-version
"10.0.0"
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-prefers-reduced-motion
no-preference
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-prefers-color-scheme
light
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.114"
Referer
sec-ch-dpr
1

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
runtime.js
thelifeandmore.com/
904 B
750 B
Script
General
Full URL
https://thelifeandmore.com/runtime.js
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
4f38d5b4f52e6a15805de197a22438dd2f0d1bd199879e1bb5f490a0681fbf83

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Origin
https://thelifeandmore.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-388"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
polyfills.js
thelifeandmore.com/
33 KB
13 KB
Script
General
Full URL
https://thelifeandmore.com/polyfills.js
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ba22b300d0ae17e1343d8e030ef3f075fc86f6da26c50dad69872fcc680ea3c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Origin
https://thelifeandmore.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-8583"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
main.js
thelifeandmore.com/
315 KB
114 KB
Script
General
Full URL
https://thelifeandmore.com/main.js
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8be49cb504ed161ef097ca2538ed0d8eb05c81a6f704e018ac954943149ea055

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Origin
https://thelifeandmore.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-4ec80"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
styles.css
thelifeandmore.com/
17 KB
5 KB
Stylesheet
General
Full URL
https://thelifeandmore.com/styles.css
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
6847fec5ba1689a21c2de71f8a55a92ae4fbabf024fc7087dab8c55b92c752dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-4253"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
football.json
thelifeandmore.com/assets/data/
76 KB
28 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/football.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8a57c87eeca886ec41014e07637a0a350af65168025cd631542a9e90fc6324e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-1317e"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
basketball.json
thelifeandmore.com/assets/data/
82 KB
30 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/basketball.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
19f6844e5248cf3612878cddf32649f2e501052cf9e680ae229f6a6075027cf8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-14820"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
hockey.json
thelifeandmore.com/assets/data/
81 KB
30 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/hockey.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
696943c53bede1f779a56b2e92e6c2430ce8a6e7f404a9dab761521bf727c1ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-144b9"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
tennis.json
thelifeandmore.com/assets/data/
84 KB
31 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/tennis.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f819af27dc346b59c892f891e1bba5fe79e0a12894b0a52050eb72868a6dcbe0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-14f3e"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
NFL.json
thelifeandmore.com/assets/data/
80 KB
28 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/NFL.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1abb51606c1fcbb814becdea7ae37625710944b942b7b962bdd28f3614f687ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-14093"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
baseball.json
thelifeandmore.com/assets/data/
80 KB
28 KB
XHR
General
Full URL
https://thelifeandmore.com/assets/data/baseball.json?pageSize=8
Requested by
Host: thelifeandmore.com
URL: https://thelifeandmore.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
42dea3a71136ff7ed09dfcc71d09c9a839d0127473de52bb3de2222123dcb8e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
W/"6675358c-140bc"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400
expires
Mon, 24 Jun 2024 19:10:19 GMT
favicon.ico
thelifeandmore.com/assets/
4 KB
4 KB
Other
General
Full URL
https://thelifeandmore.com/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.211.205.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
425e9f6d1a818e6fd3fc804570a610d05e266048a1a24a1abcdcac52cc0bf99d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
last-modified
Fri, 21 Jun 2024 08:10:52 GMT
server
nginx
etag
"6675358c-10be"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
content-length
4286
expires
Mon, 24 Jun 2024 19:10:19 GMT
p0cr8v8d.jpg
ichef.bbci.co.uk/images/ic/1200x675/
92 KB
92 KB
Image
General
Full URL
https://ichef.bbci.co.uk/images/ic/1200x675/p0cr8v8d.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91f0b6e9f70cf987a1fbe69feb7d3060bda51b56715da7ab2328baab4041f0fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
last-modified
Fri, 05 Aug 2022 08:40:43 GMT
server
AmazonS3
etag
"d1a918c0da749d7d73eba6e2608ba163"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
content-length
94320
expires
Tue, 28 May 2024 18:05:01 GMT
p0gglv9k.jpg
ichef.bbci.co.uk/images/ic/1200x675/
130 KB
130 KB
Image
General
Full URL
https://ichef.bbci.co.uk/images/ic/1200x675/p0gglv9k.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
799b27002c2ed1cf1a1425be7907020c05e3aed0528ce3f168a10df843ed96a2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
132687
last-modified
Mon, 25 Sep 2023 14:14:31 GMT
server
AmazonS3
etag
"c2664a626c3bfafcba328f50c2fb16e7"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Tue, 23 Apr 2024 19:44:57 GMT
_133256808_mediaitem133256807.jpg
ichef.bbci.co.uk/news/1024/branded_news/13BE1/production/
91 KB
91 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/13BE1/production/_133256808_mediaitem133256807.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
546df35b603e5895835533940d1adca26de8731d58ebb50f63fc785f215fb8be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
93030
last-modified
Fri, 03 May 2024 02:22:14 GMT
server
AmazonS3
etag
"c54b170cc313248ce3e730d78f65810d"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Sat, 03 May 2025 02:34:54 GMT
_133301656_52d79edc4c5b8a94ed2a7851c7b948f51206f951.jpg
ichef.bbci.co.uk/news/1024/branded_news/1004A/production/
102 KB
102 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/1004A/production/_133301656_52d79edc4c5b8a94ed2a7851c7b948f51206f951.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b7c0c1ca653427965c86b02d0604d3ec224842ceeadb4dc21a580d6808ced34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
104012
last-modified
Sun, 12 May 2024 14:33:54 GMT
server
AmazonS3
etag
"45434e23d8c9e02a6de6616ff87177ee"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Mon, 12 May 2025 14:34:21 GMT
gettyimages-1510385360_wide-dd001837ba4f2212ff67def85d2f4bc092fd833a-s1400-c100.jpg
media.npr.org/assets/img/2024/04/28/
892 KB
893 KB
Image
General
Full URL
https://media.npr.org/assets/img/2024/04/28/gettyimages-1510385360_wide-dd001837ba4f2212ff67def85d2f4bc092fd833a-s1400-c100.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2498 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
978d8854af283a98bbe2392b06335ba01e943156c273f39872cd7de4ff21a29d
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
prod-web-20
strict-transport-security
max-age=604800; includeSubDomains
date
Sun, 23 Jun 2024 19:10:19 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
913113
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2024 19:10:19 GMT
gettyimages-2151504738_wide-8ccc7324225c745125e6c30b3e1c91cd56ce5baf.jpg
media.npr.org/assets/img/2024/05/14/
1 MB
1 MB
Image
General
Full URL
https://media.npr.org/assets/img/2024/05/14/gettyimages-2151504738_wide-8ccc7324225c745125e6c30b3e1c91cd56ce5baf.jpg?s=1400&c=100&f=jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2498 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
1ad7ced8aff845fa5ea610d8b993ed78a554fbf9ab80c89bef212ed94d3604ad
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
prod-web-13
strict-transport-security
max-age=604800; includeSubDomains
date
Sun, 23 Jun 2024 19:10:19 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
1092030
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2024 19:10:19 GMT
525c45d0-1166-11ef-9602-b7eb005626eb.jpg
ichef.bbci.co.uk/news/1024/branded_sport/9d50/live/
82 KB
82 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_sport/9d50/live/525c45d0-1166-11ef-9602-b7eb005626eb.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5138728670021a8849107891c1b2f1e620be48269c331accd9698c2cdb27aad0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
83745
last-modified
Tue, 14 May 2024 05:18:33 GMT
server
AmazonS3
etag
"0ac5261f40a0d7b2a0d85ee064a68622"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Wed, 14 May 2025 05:34:29 GMT
ac815a416f39f03c5f75d6b81262dc77.jpg
i.kinja-img.com/image/upload/c_fill,h_675,pg_1,q_80,w_1200/
29 KB
30 KB
Image
General
Full URL
https://i.kinja-img.com/image/upload/c_fill,h_675,pg_1,q_80,w_1200/ac815a416f39f03c5f75d6b81262dc77.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4073f4a07b53e6c4bdff703fc5677d5afee79688e1904e1d10b75a7fa73697b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TES3Qt7KTKG5HVX9unczle1s8XW48EWR
via
1.1 varnish, 1.1 varnish
date
Sun, 23 Jun 2024 19:10:19 GMT
fastly-io-served-by
vpop-kiad7010216
x-amz-request-id
MXZY2XNKM4HQZ18B
x-amz-server-side-encryption
AES256
age
2949987
x-cache
HIT, HIT
fastly-io-info
ifsz=73293 idim=1920x1080 ifmt=jpeg ofsz=29696 odim=1200x675 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
29696
x-amz-id-2
NHSxTrRpR6nQ+li0Cj2rsTH3BDP0S5NaQ3D6/vSoATTiwA4wBnvE31DU51XhiQQRbe9KX1BCcEo=
x-served-by
cache-iad-kiad7000081-IAD, cache-fra-eddf8230082-FRA
server
AmazonS3
x-timer
S1719169819.362884,VS0,VE0
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=675&quality=80&width=1200
etag
"iS8vi9kLAj+ScO4cGDSoGL0UqXLskPehMUKYXuxzjZw"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
10, 10489
_133288470_gettyimages-2149712745.jpg
ichef.bbci.co.uk/news/1024/branded_news/1D40/production/
90 KB
90 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/1D40/production/_133288470_gettyimages-2149712745.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f04800c1bb951da3df96111c61be7152dbadd063ecad9a91a3f429b9dabc53a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
92132
last-modified
Mon, 13 May 2024 00:47:56 GMT
server
AmazonS3
etag
"5152175b52b4d39c49ef1cc968846340"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Tue, 13 May 2025 00:53:04 GMT
de55f2f0-0808-11ef-a7c7-4314f4d51784.jpg
ichef.bbci.co.uk/news/1024/branded_sport/c1f6/live/
73 KB
73 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_sport/c1f6/live/de55f2f0-0808-11ef-a7c7-4314f4d51784.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
4f6bfd005afa01bd3dd6d8201f5e7253459a115970db60a6dd6ed42e420a2a13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
74512
last-modified
Wed, 08 May 2024 05:48:57 GMT
server
Apache
etag
"7a1f7858ae844c4d6c6bcb6da80a525f"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Thu, 08 May 2025 05:50:05 GMT
8e5675d0-1443-11ef-9b12-1ba8f95c4917.png
ichef.bbci.co.uk/news/1024/branded_news/06a8/live/
944 KB
944 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/06a8/live/8e5675d0-1443-11ef-9b12-1ba8f95c4917.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a792eb4a2ef90caf3bca0d43d403a023688830e8a536af161a708edb349d88e0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
966179
last-modified
Fri, 17 May 2024 16:12:15 GMT
server
AmazonS3
etag
"61986c9f64410a995ae3dd42bbef4369"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Sat, 17 May 2025 16:14:54 GMT
gettyimages-1410301424.jpg
www.cnet.com/a/img/resize/d1a78ebd05cba00b8d19a8e2ad8297b3712e5216/hub/2024/05/23/7ebca20d-0b93-43bb-8f0c-84361e967152/
51 KB
52 KB
Image
General
Full URL
https://www.cnet.com/a/img/resize/d1a78ebd05cba00b8d19a8e2ad8297b3712e5216/hub/2024/05/23/7ebca20d-0b93-43bb-8f0c-84361e967152/gettyimages-1410301424.jpg?auto=webp&fit=crop&height=675&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a92311e8926f22e2df26116ab13bf08b3bffc54419e9d56ca565b755143007a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
fastly-io-served-by
vpop-kiad7010227
etag
"uMSD+fa9AcQzmfGwuWxD9sYiZcX5zzA/hQaPirgxnkU"
vary
Accept-Encoding, Accept
content-type
image/webp
fastly-io-info
ifsz=100649 idim=1024x683 ifmt=jpeg ofsz=52512 odim=1200x675 ofmt=webp
cache-control
max-age=31536000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
52512
expires
Thu, 20 Jun 2024 06:49:38 GMT
787c30e0-062b-11ef-b365-6f5a913deacf.jpg
ichef.bbci.co.uk/news/1024/branded_sport/8355/live/
132 KB
132 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_sport/8355/live/787c30e0-062b-11ef-b365-6f5a913deacf.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:780::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64718370fd0fc16789a588e0520ae1a4be897d4e3eeeda76ece91e43d9396623

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
x-amz-server-side-encryption
AES256
content-length
134965
last-modified
Thu, 02 May 2024 06:50:51 GMT
server
AmazonS3
etag
"23f213d1582407e0dcaea430dfb10a8c"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Fri, 02 May 2025 06:54:03 GMT
gettyimages-1675414592.jpg
www.cnet.com/a/img/resize/bc819a90c7d6505e9755a176a1f5665b13dce13a/hub/2024/05/16/02c4f226-6e0e-428a-850e-958cde0bf67d/
55 KB
55 KB
Image
General
Full URL
https://www.cnet.com/a/img/resize/bc819a90c7d6505e9755a176a1f5665b13dce13a/hub/2024/05/16/02c4f226-6e0e-428a-850e-958cde0bf67d/gettyimages-1675414592.jpg?auto=webp&fit=crop&height=675&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbcf551b26ef6b52899ad363931399fb28f9066072f3165419c1c9ee28a85428
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
fastly-io-served-by
vpop-kiad7010228
etag
"+x6stQnkmODw7vvY877J2U4OZaEwmhQ4EN1mZtsr+EM"
vary
Accept-Encoding, Accept
content-type
image/webp
fastly-io-info
ifsz=114582 idim=1024x683 ifmt=jpeg ofsz=56040 odim=1200x675 ofmt=webp
cache-control
max-age=31536000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
56040
expires
Thu, 16 May 2024 02:25:19 GMT
gettyimages-2007535888.jpg
www.cnet.com/a/img/resize/2547095a6e71c6ab51b01ee7a5127b0d3db3b3ad/hub/2024/05/15/0a4def91-5724-44e6-8afa-ac065c7d9118/
125 KB
125 KB
Image
General
Full URL
https://www.cnet.com/a/img/resize/2547095a6e71c6ab51b01ee7a5127b0d3db3b3ad/hub/2024/05/15/0a4def91-5724-44e6-8afa-ac065c7d9118/gettyimages-2007535888.jpg?auto=webp&fit=crop&height=675&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8e8fd078569d4e4326b362fc2270493f36de6985692855fb67359b393b09128
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
fastly-io-served-by
vpop-kiad7010217
etag
"Hao4IMtOG7oTIICzOlx8Ny+tRjG73+TV47vUgBK7BVo"
vary
Accept-Encoding, Accept
content-type
image/webp
fastly-io-info
ifsz=185328 idim=1024x683 ifmt=jpeg ofsz=127956 odim=1200x675 ofmt=webp
cache-control
max-age=31536000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
127956
expires
Mon, 03 Jun 2024 06:00:41 GMT
Nintendo-scaled.jpg
readwrite.com/wp-content/uploads/2024/05/
426 KB
426 KB
Image
General
Full URL
https://readwrite.com/wp-content/uploads/2024/05/Nintendo-scaled.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:14c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831b8bc26c7b967b3977157556fa88c5c0708e1dcafe88a901a20bd20055b6d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
referrer-policy
unsafe-url
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 15 May 2024 11:40:31 GMT
server
cloudflare
age
10649
etag
"66449f2f-6a6df"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8986c70b3b239b67-FRA
content-length
435935
expires
Thu, 31 Dec 2037 23:55:55 GMT
Gadget-Lab-Hybrid-Cars-Gear-GettyImages-1455331348.jpg
media.wired.com/photos/6632b681e9233bc4899295a1/191:100/w_1280,c_limit/
51 KB
52 KB
Image
General
Full URL
https://media.wired.com/photos/6632b681e9233bc4899295a1/191:100/w_1280,c_limit/Gadget-Lab-Hybrid-Cars-Gear-GettyImages-1455331348.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a4703b25d9331d3824c8dbd6003738bb5f8571bb713954bc2086cff5cb9285bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 19:10:19 GMT
Fastly-Io-Served-By
img01-us-east4
Age
4570115
X-Amz-Server-Side-Encryption
AES256
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=2348852 idim=2400x1800 ifmt=jpeg ofsz=52204 odim=1280x670 ofmt=webp
Connection
keep-alive
Fastly-Stats
io=1
server-timing
geo;desc="continent=EU;country=DE;pop=FRA"
Content-Length
52204
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000049-IAD, cache-fra-eddf8230092-FRA
experience
katra
X-Timer
S1719169819.395164,VS0,VE1
Etag
"H51+d4wL6Yx17wOcB7T2TUmb2x278Eefqs761+WVOR8"
vary
accept
Content-Type
image/webp
cache-control
max-age=3600, must-revalidate, public
Accept-Ranges
bytes
timing-allow-origin
*
X-Cache-Hits
5, 44718
/
npr.brightspotcdn.com/dims3/default/strip/false/crop/7979x4488+0+415/resize/1400/quality/100/format/jpeg/
386 KB
386 KB
Image
General
Full URL
https://npr.brightspotcdn.com/dims3/default/strip/false/crop/7979x4488+0+415/resize/1400/quality/100/format/jpeg/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F50%2Fdc%2Fdcfbc7eb440ca02d8c11b55da8f8%2Fap22155792914757.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.39.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-39-95.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
19e00d296c2c2459f310b537e61565031be70d5e5c68e736de59e90e340b512d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 23:01:33 GMT
via
1.1 4b91a22b9a9bf030c7f53f4c5ac8b36c.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
TXL50-P6
age
2405325
etag
887b0aad4bafbe9099773999a934b1b5
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-robots-tag
nofollow
content-length
394814
x-amz-cf-id
HPwV85Eumj6LMv3Wrr9q8E95lmTCXCITFXNeMM9mQh4m7LDIrijX_Q==
expires
Mon, 26 May 2025 23:01:34 GMT
240501_gma_playoftheday_bees3_749_hpMain_16x9.jpg
i.abcnewsfe.com/a/6a62cbfd-4ecf-4f3d-adde-90210cc429a1/
38 KB
38 KB
Image
General
Full URL
https://i.abcnewsfe.com/a/6a62cbfd-4ecf-4f3d-adde-90210cc429a1/240501_gma_playoftheday_bees3_749_hpMain_16x9.jpg?w=992
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1497 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e1c9b5b7227fd73d8554b6ac9cd0963fbebf5e380a634c44449c1fa6d3133c6c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
last-modified
Wed, 01 May 2024 13:06:42 GMT
x-serial
1431
server
Akamai Image Manager
etag
"93dc028a2381e66bc4e0f174b3ce129e"
content-type
image/avif
cache-control
private, no-transform, max-age=43200
content-length
38864
expires
Mon, 24 Jun 2024 07:10:19 GMT
download-100.jpeg
readwrite.com/wp-content/uploads/2024/05/
104 KB
105 KB
Image
General
Full URL
https://readwrite.com/wp-content/uploads/2024/05/download-100.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:14c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8332fc8c4a6d25300901280a9cfcda49d5ba8fc622d202579a77ae636c346643

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thelifeandmore.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 19:10:19 GMT
referrer-policy
unsafe-url
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 03 May 2024 10:16:19 GMT
server
cloudflare
age
10590
etag
"6634b973-1a1dc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8986c70b3b279b67-FRA
content-length
106972
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunkclickadu_news function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask object| __zone_symbol__scrollfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

6 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o5njai-64e8a31f792a6e0ed3-00Q
ddzk5l3bd.com/ Name: CHCK
Value: 1
ddzk5l3bd.com/ Name: UID
Value: 240623141018a316b223a54f5f954a6a6e78
ddzk5l3bd.com/ Name: OXCCLK
Value: ACj70wAAAAAAAAAB
ddzk5l3bd.com/ Name: OXPCLK
Value: AAJl9AAAAAAAAAAB
ddzk5l3bd.com/ Name: ppucnt
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
colmekvideos.com
cutiesloveysluts.blogspot.com
ddzk5l3bd.com
i.abcnewsfe.com
i.kinja-img.com
ichef.bbci.co.uk
media.npr.org
media.wired.com
npr.brightspotcdn.com
readwrite.com
thelifeandmore.com
www.cnet.com
151.101.192.239
151.101.66.166
212.117.190.201
2606:4700:10::6816:14c1
2a00:1450:4001:813::2001
2a02:26f0:3500:16::215:1497
2a02:26f0:7100:780::f33
2a02:26f0:7100::687e:2498
2a04:4e42:4d::666
3.160.39.95
66.29.132.136
67.199.248.11
88.211.205.212
19e00d296c2c2459f310b537e61565031be70d5e5c68e736de59e90e340b512d
19f6844e5248cf3612878cddf32649f2e501052cf9e680ae229f6a6075027cf8
1abb51606c1fcbb814becdea7ae37625710944b942b7b962bdd28f3614f687ea
1ad7ced8aff845fa5ea610d8b993ed78a554fbf9ab80c89bef212ed94d3604ad
38f952d1b0f6046a2d701b27bb17d384a6c2f117540f482123d2754e8f4d6482
3a92311e8926f22e2df26116ab13bf08b3bffc54419e9d56ca565b755143007a
3f04800c1bb951da3df96111c61be7152dbadd063ecad9a91a3f429b9dabc53a
425e9f6d1a818e6fd3fc804570a610d05e266048a1a24a1abcdcac52cc0bf99d
42dea3a71136ff7ed09dfcc71d09c9a839d0127473de52bb3de2222123dcb8e6
4f38d5b4f52e6a15805de197a22438dd2f0d1bd199879e1bb5f490a0681fbf83
4f6bfd005afa01bd3dd6d8201f5e7253459a115970db60a6dd6ed42e420a2a13
5138728670021a8849107891c1b2f1e620be48269c331accd9698c2cdb27aad0
546df35b603e5895835533940d1adca26de8731d58ebb50f63fc785f215fb8be
64718370fd0fc16789a588e0520ae1a4be897d4e3eeeda76ece91e43d9396623
6847fec5ba1689a21c2de71f8a55a92ae4fbabf024fc7087dab8c55b92c752dd
696943c53bede1f779a56b2e92e6c2430ce8a6e7f404a9dab761521bf727c1ab
799b27002c2ed1cf1a1425be7907020c05e3aed0528ce3f168a10df843ed96a2
7b7c0c1ca653427965c86b02d0604d3ec224842ceeadb4dc21a580d6808ced34
831b8bc26c7b967b3977157556fa88c5c0708e1dcafe88a901a20bd20055b6d0
8332fc8c4a6d25300901280a9cfcda49d5ba8fc622d202579a77ae636c346643
8a57c87eeca886ec41014e07637a0a350af65168025cd631542a9e90fc6324e3
8be49cb504ed161ef097ca2538ed0d8eb05c81a6f704e018ac954943149ea055
91f0b6e9f70cf987a1fbe69feb7d3060bda51b56715da7ab2328baab4041f0fb
978d8854af283a98bbe2392b06335ba01e943156c273f39872cd7de4ff21a29d
a4703b25d9331d3824c8dbd6003738bb5f8571bb713954bc2086cff5cb9285bc
a792eb4a2ef90caf3bca0d43d403a023688830e8a536af161a708edb349d88e0
b5714de33be85e7d8c216f792c2d5eaff086861c4855057db6e1345576fe295f
b8e8fd078569d4e4326b362fc2270493f36de6985692855fb67359b393b09128
ba22b300d0ae17e1343d8e030ef3f075fc86f6da26c50dad69872fcc680ea3c5
c4073f4a07b53e6c4bdff703fc5677d5afee79688e1904e1d10b75a7fa73697b
cf4ca95cefb256d5f7620b84707b8c599c5fa512989598db7d65b3aca23d4f91
dbcf551b26ef6b52899ad363931399fb28f9066072f3165419c1c9ee28a85428
e1c9b5b7227fd73d8554b6ac9cd0963fbebf5e380a634c44449c1fa6d3133c6c
f819af27dc346b59c892f891e1bba5fe79e0a12894b0a52050eb72868a6dcbe0