urlscan.io logo urlscan.io
SecurityTrails logo

jwbvdz.giripleasure.com Open in urlscan Pro
2a05:d018:244:5200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/createnister/overse.html#DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcb...
Effective URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e...
Submission: On February 12 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 14 domains to perform 34 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is jwbvdz.giripleasure.com. The Cisco Umbrella rank of the primary domain is 734385.
TLS certificate: Issued by R3 on January 25th 2022. Valid for: 3 months.
This is the only time jwbvdz.giripleasure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 51.161.144.124 16276 (OVH)
1 1 34.90.165.178 396982 (GOOGLE-PR...)
1 1 34.91.19.56 396982 (GOOGLE-PR...)
3 143.204.98.118 16509 (AMAZON-02)
3 205.185.216.10 20446 (HIGHWINDS3)
3 3 18.192.108.151 16509 (AMAZON-02)
3 2a05:d018:244... 16509 (AMAZON-02)
19 2.16.186.80 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 8
1    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    51.161.144.124 (Canada)

ASN16276 (OVH, FR)
PTR: overseaapp.com
overseaapp.com
1    34.90.165.178 (Groningen, Netherlands)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 178.165.90.34.bc.googleusercontent.com
blanctest.com
1    34.91.19.56 (Groningen, Netherlands)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 56.19.91.34.bc.googleusercontent.com
whitedong.com
3    143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net
t.adating.link
s.aslnk.link
s.slext.link
3    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
ckstatic.com
3    18.192.108.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
a.vfgtg.com
a.vfghd.com
3    2a05:d018:244:5200::ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
jwbvdz.giripleasure.com
19    2.16.186.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
19 akamaized.net
cdn-bimi.akamaized.net — Cisco Umbrella Rank: 58125
859 KB
3 giripleasure.com
jwbvdz.giripleasure.com — Cisco Umbrella Rank: 734385
12 KB
3 ckstatic.com
ckstatic.com — Cisco Umbrella Rank: 292070
21 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 411
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
2 gstatic.com
www.gstatic.com
19 KB
2 vfgtg.com
a.vfgtg.com — Cisco Umbrella Rank: 321272
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
31 KB
1 slext.link
s.slext.link
2 KB
1 vfghd.com
a.vfghd.com
660 B
1 aslnk.link
s.aslnk.link — Cisco Umbrella Rank: 439950
2 KB
1 adating.link
t.adating.link — Cisco Umbrella Rank: 336954
2 KB
1 whitedong.com
whitedong.com
758 B
1 blanctest.com
blanctest.com
314 B
1 overseaapp.com
overseaapp.com
278 B
34 14
Domain Requested by
19 cdn-bimi.akamaized.net jwbvdz.giripleasure.com
cdn-bimi.akamaized.net
3 jwbvdz.giripleasure.com s.slext.link
jwbvdz.giripleasure.com
3 ckstatic.com t.adating.link
s.aslnk.link
s.slext.link
2 www.gstatic.com jwbvdz.giripleasure.com
2 fonts.googleapis.com cdn-bimi.akamaized.net
2 a.vfgtg.com 2 redirects
1 www.googletagmanager.com jwbvdz.giripleasure.com
1 s.slext.link s.aslnk.link
1 a.vfghd.com 1 redirects
1 s.aslnk.link t.adating.link
1 t.adating.link storage.googleapis.com
1 whitedong.com 1 redirects
1 blanctest.com 1 redirects
1 overseaapp.com 1 redirects
1 storage.googleapis.com
34 15

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ajrkm.link
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh
ckstatic.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.giripleasure.com
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Frame ID: D3CBA66F7090EBBCB724593C9EA1B859
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/createnister/overse.html Page URL
  2. http://overseaapp.com/DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcbbb2W HTTP 302
    https://blanctest.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_... HTTP 302
    https://whitedong.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_... HTTP 302
    https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125 Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=237989397;2125&affiliateID=44542... HTTP 302
    https://a.vfgtg.com/9de233c7-2228-49fb-89be-0bba8ad1dc47?subID1=237989397%3B2125&affiliateID=170... HTTP 302
    https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_s... Page URL
  4. https://a.vfghd.com/ecee340a-86c6-4b7a-9351-b0ae04a70035?subID1=237989397%3B2125&affiliateID=133... HTTP 302
    https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1pln... Page URL
  5. https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

91 %
HTTPS

42 %
IPv6

14
Domains

15
Subdomains

8
IPs

5
Countries

951 kB
Transfer

1246 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/createnister/overse.html Page URL
  2. http://overseaapp.com/DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcbbb2W HTTP 302
    https://blanctest.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573 HTTP 302
    https://whitedong.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573&ckmguid=3e87f907-8992-49d1-99e8-7f670a6a0fa1 HTTP 302
    https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125 Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=237989397;2125&affiliateID=44542&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&s2=102c5ff92f349d7bb76af6224ab30f&s3=237989397;2125&s4=182119&url=1&target=Emails&affsub=237989397&affsource=2125 HTTP 302
    https://a.vfgtg.com/9de233c7-2228-49fb-89be-0bba8ad1dc47?subID1=237989397%3B2125&affiliateID=170910&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&target=Emails&Site=&Bnr=&cid=wj1l3o3o2u29ua1eiolfha8k&affsource=2125 HTTP 302
    https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125 Page URL
  4. https://a.vfghd.com/ecee340a-86c6-4b7a-9351-b0ae04a70035?subID1=237989397%3B2125&affiliateID=133505&source=102fbff05aeba6d108dcc2cbcba5d2&subID2=170910&s2=102fbff05aeba6d108dcc2cbcba5d2&s3=237989397%3B2125&s4=170910&url=1&Site=&Target= HTTP 302
    https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756 Page URL
  5. https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://overseaapp.com/DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcbbb2W HTTP 302
  • https://blanctest.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573 HTTP 302
  • https://whitedong.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573&ckmguid=3e87f907-8992-49d1-99e8-7f670a6a0fa1 HTTP 302
  • https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
Request Chain 3
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=237989397;2125&affiliateID=44542&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&s2=102c5ff92f349d7bb76af6224ab30f&s3=237989397;2125&s4=182119&url=1&target=Emails&affsub=237989397&affsource=2125 HTTP 302
  • https://a.vfgtg.com/9de233c7-2228-49fb-89be-0bba8ad1dc47?subID1=237989397%3B2125&affiliateID=170910&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&target=Emails&Site=&Bnr=&cid=wj1l3o3o2u29ua1eiolfha8k&affsource=2125 HTTP 302
  • https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125
Request Chain 5
  • https://a.vfghd.com/ecee340a-86c6-4b7a-9351-b0ae04a70035?subID1=237989397%3B2125&affiliateID=133505&source=102fbff05aeba6d108dcc2cbcba5d2&subID2=170910&s2=102fbff05aeba6d108dcc2cbcba5d2&s3=237989397%3B2125&s4=170910&url=1&Site=&Target= HTTP 302
  • https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
overse.html
storage.googleapis.com/createnister/ 		630 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/createnister/overse.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dda1cb1019868d24c890fb538f832afb07a0f9d50e098ec68016ab4a86b16339

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdv12HZjMQg-gaCvGYhwOeoMgPNEnxhjbhuJGZOBE_g3ANLWnR8s2YYUraBTyCby3kPpGq_ZQFWIQmAq-6RaYWY
x-goog-generation
1626543230094236
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
630
x-goog-hash
crc32c=U5/YRA== md5=yKqw4aqL1SI5zOWPuAHgig==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
630
server
UploadServer
date
Sat, 12 Feb 2022 18:00:43 GMT
expires
Sat, 12 Feb 2022 19:00:43 GMT
cache-control
public, max-age=3600
age
2755
last-modified
Sat, 17 Jul 2021 17:33:50 GMT
etag
"c8aab0e1aa8bd52239cce58fb801e08a"
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
22386
t.adating.link/182119/3785/
Redirect Chain
  • http://overseaapp.com/DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcbbb2W
  • https://blanctest.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573
  • https://whitedong.com/?a=2125&oc=14191&c=40051&p=r&m=3&s1=2_138283_2580739&s2=1986_128770_2873471_53&s3=519684573&ckmguid=3e87f907-8992-49d1-99e8-7f670a6a0fa1
  • https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/createnister/overse.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-118.fra50.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
ce7079edcce2345ecef2ac969c1eaa9af6b7ff026f39c53e09a382b5c9652417
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/createnister/overse.html#DAeqzrtKp16.ZlQbcOERzRDfGSzDfGycUWP?dyfZdhccbVCxcxx0BcdcKndccz1GfcZktcbbb2W

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Sat, 12 Feb 2022 18:46:41 GMT
vary
Accept-Encoding
tracking_id
102c5ff92f349d7bb76af6224ab30f
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ch3EPG9fd6R8D-qJyua-FnGwtLreXbKWTjVWV0iNYKjuqH0qlsa70w==

Redirect headers

date
Sat, 12 Feb 2022 18:46:40 GMT
content-type
text/html; charset=utf-8
content-length
230
cache-control
private
location
https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.adating.link
URL: https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.adating.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1644691601.dop017.fr8.t,1644691601.cds201.fr8.shn,1644691601.cds201.fr8.c
Content-Type
text/javascript
Cache-Control
public, max-age=3211
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
/
s.aslnk.link/5wszez6v7k/170910/8161/28074/
Redirect Chain
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=237989397;2125&affiliateID=44542&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&s2=102c5ff92f349d7bb76af6224ab30f&s3=237989397;2...
  • https://a.vfgtg.com/9de233c7-2228-49fb-89be-0bba8ad1dc47?subID1=237989397%3B2125&affiliateID=170910&source=102c5ff92f349d7bb76af6224ab30f&subID2=182119&target=Emails&Site=&Bnr=&cid=wj1l3o3o2u29ua1e...
  • https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125
Requested by
Host: t.adating.link
URL: https://t.adating.link/182119/3785/22386?bo=2753,2754,2755,2756&po=6456&aff_sub=237989397&source=2125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-118.fra50.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
0b2f02cfc875a35a28410b0a7160807853a7b3a8668ebd1faa13570dad586351
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.adating.link/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Sat, 12 Feb 2022 18:46:41 GMT
vary
Accept-Encoding
tracking_id
102fbff05aeba6d108dcc2cbcba5d2
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QtfauwTtZs8pdi6Fzj9LhNaXOziHDKcpkhukhodb1VfuGLsn3D8Qog==

Redirect headers

server
nginx
date
Sat, 12 Feb 2022 18:46:41 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125
pragma
no-cache
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.aslnk.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1644691601.dop017.fr8.t,1644691602.cds201.fr8.shn,1644691602.cds201.fr8.c
Content-Type
text/javascript
Cache-Control
public, max-age=3210
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
0
s.slext.link/133505/3458/
Redirect Chain
  • https://a.vfghd.com/ecee340a-86c6-4b7a-9351-b0ae04a70035?subID1=237989397%3B2125&affiliateID=133505&source=102fbff05aeba6d108dcc2cbcba5d2&subID2=170910&s2=102fbff05aeba6d108dcc2cbcba5d2&s3=23798939...
  • https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/170910/8161/28074/?aff_sub=237989397%3B2125&aff_sub2=182119&aff_sub3=wtvq76h77k4oca1eiaf1or0g&source=102c5ff92f349d7bb76af6224ab30f&bo=2753,2754,2755,2756&aff_sub5=_2125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-118.fra50.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
66695d11df943e7e8b4a528041ae8f6f2a4630e65e485af726781be8c11eb181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.aslnk.link/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Sat, 12 Feb 2022 18:46:42 GMT
vary
Accept-Encoding
tracking_id
10290f361be75215d94abde3f5e77b
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lNlccxqGzyvTfAHlVWnnIGdkyybNaMXh9_HK0VEf18wyY4snpI3O7g==

Redirect headers

server
nginx
date
Sat, 12 Feb 2022 18:46:42 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756
pragma
no-cache
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.slext.link
URL: https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.slext.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1644691601.dop017.fr8.t,1644691602.cds201.fr8.shn,1644691602.cds201.fr8.c
Content-Type
text/javascript
Cache-Control
public, max-age=3210
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
Primary Request 1e3a4e532f1c7040
jwbvdz.giripleasure.com/c/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Requested by
Host: s.slext.link
URL: https://s.slext.link/133505/3458/0?aff_sub=237989397%3B2125&aff_sub2=170910&aff_sub3=wgalqugk1plnia1eiije0r9s&source=102fbff05aeba6d108dcc2cbcba5d2&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2bc191071b41d63cf8de41d99420a3f9470214352a99437f5dce421ed0bbf18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.slext.link/

Response headers

server
nginx
date
Sat, 12 Feb 2022 18:46:42 GMT
content-type
text/html; charset=utf-8
content-encoding
gzip
style.css
cdn-bimi.akamaized.net/landings/268846/1642164873/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/style.css?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
caafe53da43bfa13fc5579a21d6b9db73ba7c77692f0e8abe7eb0bfd39ed54f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
GNPFYPJQTCM803MK
ETag
"61ae9d318848cb2ac35afcb9cb1ca7f5"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1862
x-amz-id-2
a9kXFmI8V4BPzs2gurvxYwWUEbEzTvMaeojylSwx0iHdpoFCqH60iJfVvOdj+tWgONT3yXdz1sQ=
popup.css
cdn-bimi.akamaized.net/landings/268846/1642164873/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/popup.css?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
66ce533ef03a35ee098b15264795981232cc1215ffc563202c698efdff7125cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
S0Q26M43AYKSM0YW
ETag
"b47a3a5faf928711066b6f0deb015420"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
619
x-amz-id-2
M66k6/7d84iWfshR6JoYTId1J6MHF3SQQ91G8FhVUUQs5bKIaJaX8w7Frdcw+yCFbs6tOcoyelg=
jquery-2.2.4.min.js
cdn-bimi.akamaized.net/landings/268846/1642164873/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/js/jquery-2.2.4.min.js?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:06 GMT
Server
AmazonS3
x-amz-request-id
GNPBX8ZF88YMZS43
ETag
"2f6b11a7e914718e0290410e85366fe9"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
x-amz-id-2
ql/MO0ghjExl9a1ERZuJF+CeFzKZQ8Aw+mAb85qXHE3vMKO0X+HvdXE5B66+L9tJrkmgZOmBiDI=
jquery.validate.min.js
cdn-bimi.akamaized.net/landings/268846/1642164873/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/js/jquery.validate.min.js?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:06 GMT
Server
AmazonS3
x-amz-request-id
S0Q8GZHDKNE612KK
ETag
"23d73c6bd6cbea8f06d0cc227896a827"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
7815
x-amz-id-2
ci9lNriHlnOUGfngdB2X/RQshjXMrNVxsWbHP4P/d2niKaQQ5m9XXpMC27NVID/94gUWjcx/s+4=
translates.js
cdn-bimi.akamaized.net/landings/268846/1642164873/js/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/js/translates.js?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f0b3f71660c873439bd6aa70dd3da3e0b91e3d458b37f27d71784be07691d09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:06 GMT
Server
AmazonS3
x-amz-request-id
GNP6QTX37XD1VAGR
ETag
"ead2374c504347afa9de2a66980ec264"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
25796
x-amz-id-2
tqXpzS8RAQ3rPygd+MiIxmToq1JDbsqvZYSqG9d7C2u45PBXHUb3d9t0Sibls+BB6+9xGi9oFJo=
captcha_v4.js
cdn-bimi.akamaized.net/landings/268846/1642164873/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/js/captcha_v4.js?1642164874
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d10091e3050038233762ce50369c081b933e50d6763ae48cfd301a3cb674ff54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jan 2022 13:41:06 GMT
Server
AmazonS3
x-amz-request-id
S0QAFK0ARSJP0Z9H
ETag
"cd4807c69be8ae620830a57782bfd1f5"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1733
x-amz-id-2
3r0iDN1hjhZTjR/GSLtT8v6cpjz5wtK9HHiUrb+7fAHmRd+dmNx/Ry/Cl/0BugU7paXcYKbRvW8=
blocked-icon.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images/ 		502 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images/blocked-icon.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
CDQ7RRPG17PHNW5J
ETag
"87487ad255dde0624f59abb85602defc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
502
x-amz-id-2
Z+RAXcsf5lic6FG6CJSufDriCwIZvfwfk4CRGXGmvx8hYqlnT7d9GkJhSLXmd9wD811Q5SKWVZo=
css2
fonts.googleapis.com/ 		1 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/style.css?1642164874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68610eacecab7029c157b36bba4b41c2fe92e8501829a7a22352ff38a6087a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn-bimi.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 18:46:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 18:46:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 18:46:43 GMT
css2
fonts.googleapis.com/ 		4 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/popup.css?1642164874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59a1647e78fad9f003b625e650527cdbfc0bc50375e164c6f98e50a1c078d870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn-bimi.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 17:14:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 18:46:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 18:46:43 GMT
gtm.js
www.googletagmanager.com/ 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d034864822e525bfa9afe826934922c914e8628b5408d70d2d0ec120d26236c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31300
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 18:46:43 GMT
49.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images/49.png
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/style.css?1642164874
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn-bimi.akamaized.net/landings/268846/1642164873/css/style.css?1642164874
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:02 GMT
Server
AmazonS3
x-amz-request-id
5512HBYRWVC3DJ2Z
ETag
"372e58a66b7d92e1dd903f32fb308d1e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4510
x-amz-id-2
8SjySCknJmSQm0NcOTWve51QBkuh9RYr6kDrG/KNRz6p7J7Es0qMTApFg14hA8AejmffHQturIs=
1.mp4
cdn-bimi.akamaized.net/landings/268846/1642164873/images/ 		685 KB
686 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images/1.mp4
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1fa65d93cc279688d3b820a140c282187be86f7ec71af7773351864d18d374a9

Request headers

Referer
https://jwbvdz.giripleasure.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:02 GMT
Server
AmazonS3
x-amz-request-id
JRV7DTF2E59N54TQ
ETag
"a2ab7424af10cdd179a2fbde711b20b3"
Content-Type
video/mp4
Content-Range
bytes 0-701777/701778
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
701778
x-amz-id-2
s2zFZd8zIWclizsQ1vZTedP2CAFupuPWyvf96ryLAPpSwbuucKusvQsDkDWp79RxarAAC07EGCw=
subscriber.js
jwbvdz.giripleasure.com/js/pushjs/1.0.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jwbvdz.giripleasure.com/js/pushjs/1.0.0/subscriber.js
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
content-encoding
gzip
expires
Sat, 19 Feb 2022 18:46:43 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript
8_01.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_01.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8f3e3786220eccbe4e24e0497626f51418019df2fc91aa28fafd9f966301f39f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
RXN5TT0X38BQ96YB
ETag
"d7be0478a9513b1370b94120d82baa73"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9405
x-amz-id-2
okqZaQ3pvYoEv4Z5expf8PqtXm9Qyd9M1eMR1YvesHuZFad9UqIqKAT3jL0dHIq6gCVhQkA6kyk=
blocked-icon.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		502 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//blocked-icon.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
CDQ7RRPG17PHNW5J
ETag
"87487ad255dde0624f59abb85602defc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
502
x-amz-id-2
Z+RAXcsf5lic6FG6CJSufDriCwIZvfwfk4CRGXGmvx8hYqlnT7d9GkJhSLXmd9wD811Q5SKWVZo=
8_02.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_02.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4af17395350b4f94a8172f8bd711d9d832d84532c5330b8e6f08e12edbcf0b74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
RXN56HQYKTNEDENP
ETag
"5c72cc1fb1cb3a95492de249b8892546"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14148
x-amz-id-2
4igAuwyu/XG9SvYQu0UoNElwu7LFtvURRH1SV5jzS3GWU1Qauqlm/RiWV/pxGeohgrK2cf2F210=
8_03.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_03.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2c74a86fbab25f15ed5a5c4b7bbd913e464dbaf20e96eab0adebc0e704cf960b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
RXNF7YH63HC53ADM
ETag
"85bdc7ef27129b12e1b77dbacfb26006"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13460
x-amz-id-2
Bc4BVo3ZihOCs9FG8QW0trIR41FrrSojyrp6boEOrsOjuN2YNljaTxdaGMxV9kFnJ1dpyWKdEA4=
8_04.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_04.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
79f0f89d4e46ba9529442aaca5a2d9f92090931ff71448134cf88760630dbc19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 18:46:43 GMT
Last-Modified
Fri, 14 Jan 2022 13:41:05 GMT
Server
AmazonS3
x-amz-request-id
RXN7PGWC31TV4DJH
ETag
"660735a40bece9ffddab17d711ed1246"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9761
x-amz-id-2
vVCiwn+WaHnpupkMpN7sDhS2GEEUK4lbvFsghaXjlKlGrEQLReX8DtznFzKfSIMTUXg3Rjiiozw=
8_05.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_05.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
69062a301ec3c0d7e71f61ad34ccb067aa39cafcc4d9321f3eb2abd360d0174f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
last-modified
Fri, 14 Jan 2022 13:41:05 GMT
server
AmazonS3
x-amz-request-id
RXN7PPN0M5FF22S2
etag
"ef76f23033c6d005c067ed6b86f29829"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
12050
x-amz-id-2
oBsRQjOgo4eD8eqljA34NbmdJTVkLwpYsxYK8YIYQnQLTFML6Dxb0vWZWUfCwgMbG4Z09lMtbnM=
quic-version
Q050
8_06.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_06.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3506f023c47dd68749642107c8b4f6f6ccf9a9b42817225e640f8e586b56f52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
last-modified
Fri, 14 Jan 2022 13:41:05 GMT
server
AmazonS3
x-amz-request-id
RXN3N74PS7SXVW0N
etag
"b696028727f2a0bf4e27d27cf18dee8c"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
13251
x-amz-id-2
+JfEfwiJbgBiy+BKnUnegs419H6omEqvFhMU3tjjuPH/mdO3ki7HqNYqZq8Ljk7IPunQvK4hkE4=
quic-version
Q050
8_07.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_07.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c338897481379314e94e7c2acee7c3d94e440d0c8e3e91a8ceb7b5c9d0d47244

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
last-modified
Fri, 14 Jan 2022 13:41:05 GMT
server
AmazonS3
x-amz-request-id
Y5EKTT4C1DR291GQ
etag
"f09bc77e78216b1c5ed4d5583880ed81"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8502
x-amz-id-2
GziVHtM9dhmTvmUh4NjTSWe4nAt6+vuOM/RrGisw2pLnW4c0sdnvx08jhShFVvzYdDWRdRGPgFg=
quic-version
Q050
8_08.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_08.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3b74f4cb4c5f0912b1c1475b0dee0ca5f35bd5ace3f06ef7d17be1a8d3361c70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
last-modified
Fri, 14 Jan 2022 13:41:05 GMT
server
AmazonS3
x-amz-request-id
Y5EMXA7B157QQE35
etag
"94c0eaef6ecf9ec8328a9c11c56e1696"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9240
x-amz-id-2
bPgPDp/Ak4ycrDvVAE8eUm2HxE40hTwGDQlEXmDA1z5Iysq++Onq6LBNqoiARgM4Kka7iOJCWjk=
quic-version
Q050
8_09.png
cdn-bimi.akamaized.net/landings/268846/1642164873/images// 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/268846/1642164873/images//8_09.png
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4f9952eca3266fdbfcb98690c55e4951146060cfb55c32a34daa4f39dde4e5d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
last-modified
Fri, 14 Jan 2022 13:41:05 GMT
server
AmazonS3
x-amz-request-id
Y5ESX5F9C4TQVE8B
etag
"ad17f97645e6d9a5e2c2837198a4eb9b"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8134
x-amz-id-2
dLqIgeoLhvjFsNrylOfxZzBMIfnDQtw9TLhD1a5VO4liVkcONfILzxbOn6WD8xeHPqTLIpN1V8A=
quic-version
Q050
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Thu, 09 Feb 2023 15:59:18 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10017
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Wed, 08 Feb 2023 20:00:56 GMT
utils.js
jwbvdz.giripleasure.com/js/pushjs/1.0.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jwbvdz.giripleasure.com/js/pushjs/1.0.0/utils.js
Requested by
Host: jwbvdz.giripleasure.com
URL: https://jwbvdz.giripleasure.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 18:46:43 GMT
content-encoding
gzip
expires
Sat, 19 Feb 2022 18:46:43 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| imibb number| chromeVersion boolean| pushFinalClick object| _push function| sclk function| repplace function| imosbn function| rtbCall object| _rup function| $ function| jQuery object| langs object| dataLayer boolean| exit object| _pcq boolean| showDebug string| partyId string| uiServerUrl string| apiServerUrl string| swScope string| customWorkerJS object| pushConfig object| messaging object| indexedDBConfig object| indexedDBFCMConfig object| pushLoopDomains object| messageBody function| logger function| loadScriptAsync object| scriptLoaded function| defaultIfEmpty function| notBlank object| google_tag_manager number| th_bridge_jump_step function| resolveCid function| parseURL function| getSubdomain function| setCookie function| getCookie function| replaceUrl function| generateUUID function| getUrlParams function| getBrowserInfo function| getLanguage function| getResolution function| getDeviceType function| getSystemInfo function| sendConversion function| isWrongBrowser function| closePopup object| core object| __core-js_shared__ object| firebase

20 Cookies

Domain/Path Name / Value
.whitedong.com/ Name: som
Value: pUJ+Swd+NFcfikIOzlS/CVDMKHFUbrTmuHEsbYXAFJcvajjiD4ixwQ==
.whitedong.com/ Name: tm
Value: Gm8GkpsMj64fikIOzlS/CVDMKHFUbrTmuHEsbYXAFJcvajjiD4ixwQ==
.whitedong.com/ Name: c14142
Value: pUJ+Swd+NFcJiEMK+0ubEWzMBgcyxuIYaT4JmmoaRLfHqJKK4SLCHA==
t.adating.link/ Name: aff_ran_url_3785
Value: 22386
t.adating.link/ Name: enc_aff_session_3785
Value: ENC03059d35b64b9cc8b47ac049026a64fa11ecad9ac0ba57eb48a5058b969bfd4b5916fdb3a6e302bd0e532aa34fbb32f376ae9147764e5c580ab3f89a305bcedfb981756a5e922830836c26fb9eae2127fb2525a1b3fdc721bc50bd391be12954f884478a9120e507ae72f8cfe9cbafa99d23499a9ae78b6c1f2551ef37734ad2a42e1de39f
t.adating.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5OC4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
.a.vfgtg.com/ Name: ab267e05-23a0-430a-bac4-772f7f629740-v4
Value: 0ImDukRTZNDiFL1WMvYQNDCLxj2S0fq-OjBSkmO60Ek
.a.vfgtg.com/ Name: 9de233c7-2228-49fb-89be-0bba8ad1dc47-v4
Value: ASlwd1QSZI7ewpOLQg7VD5Pxzvql5TOOHsUi_pGZ4s0
.a.vfgtg.com/ Name: cc-v4
Value: NAMNs8WT1rvFZGJNqrEYXHZk1Unau3l6p7nO3tvbnFx55KpNL2taTugimUDyGTEmS21iHiU%2F%2BiNH9C%2Fj9d0R1Mwv4ia8IA%2BkOrsrElqV2i3BKkvW9eNQSQsbI1p2kEKaRnvJn25AbGAYecHV6o6YXQ%3D%3D
s.aslnk.link/ Name: enc_aff_session_7177
Value: ENC03faca27d28e91db52216205bdf823cd9688472ccc148e23b61fed007a34e194b5fdf26280816bc73b8b7f0e9bf1703f8d87445bb83fce2e9efd62d24e2e23de354b168201525a2ccda403fbd9631d0fef8564321286e7c3e7c35b6b0f98e1d702880a524098bae06f79483bba77e41d9073ce77b48b1bed0f9ed47c82186309f9a7ea8650dc636f62a029500b6ebd869a4314fecf6a10855d913750b66a629ff4aaee90c10df6330bdb8f99f22f7b8fc64eb70506d01648f6bacdac3b8ded9b0532f042cf0715be14072ccc808b7d5e73156399af6ed5af568806481482f9427babcb522062715dcb1f9d44d71c68573afb151c99f2d19de78147ee3033ddeaf1d0b316b91114f1c74de32e32dce7dc1a6bd4e83ec9f6ee20132c54095efc5537bf71d96b6cee316b8bcb85b0483123426038bf7de13fb9be8b8c442a32397b2876471841c0e9c3eec610c856f1ac8ba2b926ba7e690ab5d1dd0b77b9c9b983cb12ebed3e
s.aslnk.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5OC4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
.a.vfghd.com/ Name: ecee340a-86c6-4b7a-9351-b0ae04a70035-v4
Value: PSlLUBBKGnulOyY8P0oCB1snM07T3QyiHTGB_EwdepM
.a.vfghd.com/ Name: cc-v4
Value: buN16hT91LmUghI9xLnWR6xnoTCKadsWRq1Q0w68lx%2FWS61SuteL3V5yCRrhVX6elqJw0sJPeAEt94o%2BWkx3MU7%2B3DN86KBVXizid69EW6yTYgATwKIYG0vvkAAuLXnmmdXVjm2ln0b9alLQlRXzRw%3D%3D
s.slext.link/ Name: enc_aff_session_3458
Value: ENC03469ebba4d87124f28f552262039980b5516a7512f901375659ed6ed464c7e0bc9ab1c1c537a9751796e1d26ad42af17c053114fbccef33fc10985d4edf5e89ac039f76024df4adee53769a741a8cd7adb8c2ad275be5b3a94fc34b25e53a3c0739161c172fc1ae575b5eef3b7a0cf5f70530e3a23418a88a65bb7712dd3d885320c8f08d4286563bc9d8ac9d0302c03a83521f4cfee572f3d26837b4bb7f968e6d9e4703777de789ebcae4f103377eb16abfbebc138099f5f79b0ec4a019bdda52bfcb66e15d203a7b0caec0e9ffd2662350218aba466541bfc8a3291c976d1e17c5d9c8
s.slext.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5OC4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
jwbvdz.giripleasure.com/ Name: unique_id
Value: 620800920004a1d1
jwbvdz.giripleasure.com/ Name: unique_id2
Value: 6207cb10000dd987
jwbvdz.giripleasure.com/ Name: 6207cb10000dd987_c
Value: 1
jwbvdz.giripleasure.com/ Name: ref_token
Value: 120749
jwbvdz.giripleasure.com/ Name: 6207cb10000dd987_sl
Value: [268846]

1 Console Messages

Source Level URL
Text
rendering warning URL: https://jwbvdz.giripleasure.com/c/1e3a4e532f1c7040?s1=120749&s2=1256528&s3=133505&s5=170910&click_id=10290f361be75215d94abde3f5e77b&j1=1&j3=1(Line 253)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfghd.com
a.vfgtg.com
blanctest.com
cdn-bimi.akamaized.net
ckstatic.com
fonts.googleapis.com
jwbvdz.giripleasure.com
overseaapp.com
s.aslnk.link
s.slext.link
storage.googleapis.com
t.adating.link
whitedong.com
www.googletagmanager.com
www.gstatic.com
143.204.98.118
18.192.108.151
2.16.186.80
205.185.216.10
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::2010
2a05:d018:244:5200::ab
34.90.165.178
34.91.19.56
51.161.144.124
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b2f02cfc875a35a28410b0a7160807853a7b3a8668ebd1faa13570dad586351
0f0b3f71660c873439bd6aa70dd3da3e0b91e3d458b37f27d71784be07691d09
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
1fa65d93cc279688d3b820a140c282187be86f7ec71af7773351864d18d374a9
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
2c74a86fbab25f15ed5a5c4b7bbd913e464dbaf20e96eab0adebc0e704cf960b
3506f023c47dd68749642107c8b4f6f6ccf9a9b42817225e640f8e586b56f52e
3b74f4cb4c5f0912b1c1475b0dee0ca5f35bd5ace3f06ef7d17be1a8d3361c70
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
4af17395350b4f94a8172f8bd711d9d832d84532c5330b8e6f08e12edbcf0b74
4f9952eca3266fdbfcb98690c55e4951146060cfb55c32a34daa4f39dde4e5d7
59a1647e78fad9f003b625e650527cdbfc0bc50375e164c6f98e50a1c078d870
66695d11df943e7e8b4a528041ae8f6f2a4630e65e485af726781be8c11eb181
66ce533ef03a35ee098b15264795981232cc1215ffc563202c698efdff7125cf
68610eacecab7029c157b36bba4b41c2fe92e8501829a7a22352ff38a6087a22
69062a301ec3c0d7e71f61ad34ccb067aa39cafcc4d9321f3eb2abd360d0174f
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
79f0f89d4e46ba9529442aaca5a2d9f92090931ff71448134cf88760630dbc19
82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793
8f3e3786220eccbe4e24e0497626f51418019df2fc91aa28fafd9f966301f39f
c338897481379314e94e7c2acee7c3d94e440d0c8e3e91a8ceb7b5c9d0d47244
caafe53da43bfa13fc5579a21d6b9db73ba7c77692f0e8abe7eb0bfd39ed54f2
ce7079edcce2345ecef2ac969c1eaa9af6b7ff026f39c53e09a382b5c9652417
d034864822e525bfa9afe826934922c914e8628b5408d70d2d0ec120d26236c0
d10091e3050038233762ce50369c081b933e50d6763ae48cfd301a3cb674ff54
dda1cb1019868d24c890fb538f832afb07a0f9d50e098ec68016ab4a86b16339
f2bc191071b41d63cf8de41d99420a3f9470214352a99437f5dce421ed0bbf18
f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d