urlscan.io logo urlscan.io
SecurityTrails logo

grandprizeslot.com Open in urlscan Pro
172.67.156.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cbsspots.co/
Effective URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Submission: On October 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 48 HTTP transactions. The main IP is 172.67.156.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is grandprizeslot.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 15th 2021. Valid for: a year.
This is the only time grandprizeslot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.33.2.79 63949 (LINODE-AP...)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 2 213.174.155.140 39572 (ADVANCEDH...)
3 172.67.156.36 13335 (CLOUDFLAR...)
20 104.21.94.103 13335 (CLOUDFLAR...)
1 142.250.185.170 15169 (GOOGLE)
2 104.16.18.94 13335 (CLOUDFLAR...)
1 172.67.146.112 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 172.217.16.136 15169 (GOOGLE)
4 142.250.74.206 15169 (GOOGLE)
1 66.102.1.154 15169 (GOOGLE)
2 142.250.185.163 15169 (GOOGLE)
1 142.250.184.196 15169 (GOOGLE)
48 16
2    45.33.2.79 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li956-79.members.linode.com
cbsspots.co
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
2    213.174.155.140 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
rqentry.com
3    172.67.156.36 (United States)

ASN13335 (CLOUDFLARENET, US)
grandprizeslot.com
20    104.21.94.103 (None, )

ASN13335 (CLOUDFLARENET, US)
www.p7campaign.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
2    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.67.146.112 (United States)

ASN13335 (CLOUDFLARENET, US)
www.help4casino.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net
www.googletagmanager.com
4    142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
1    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
1    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
Domain Requested by
20 www.p7campaign.com grandprizeslot.com
www.p7campaign.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 grandprizeslot.com rqentry.com
grandprizeslot.com
cdnjs.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com grandprizeslot.com
2 rqentry.com cbsspots.co
2 cbsspots.co cbsspots.co
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com grandprizeslot.com
1 stackpath.bootstrapcdn.com grandprizeslot.com
1 www.help4casino.com grandprizeslot.com
1 fonts.googleapis.com grandprizeslot.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com cbsspots.co
0 dev.visualwebsiteoptimizer.com Failed grandprizeslot.com
48 16

This site contains links to these domains. Also see Links.

Domain
www.planet7casino.com
Subject Issuer Validity Valid
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-15 -
2022-09-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Frame ID: 02C641C95BD78836038541A8C2B4AC12
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Planet 7 - Big wins are waiting

Page URL History Show full URLs

  1. http://cbsspots.co/ Page URL
  2. http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h Page URL
  3. http://rqentry.com/api/v1/pxcheck?impId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&minfo=eyJjb29r... HTTP 302
    https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

48
Requests

81 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

16
IPs

2
Countries

3341 kB
Transfer

3940 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cbsspots.co/ Page URL
  2. http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h Page URL
  3. http://rqentry.com/api/v1/pxcheck?impId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHA6Ly9ycWVudHJ5LmNvbS9hcGkvdjEvcHg/eG1saWQ9NkYwcmJsSGY3YlJMT0NqREFvR0JTREplMlB1cjNEbWtza3hMa1UzaCIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2V9 HTTP 302
    https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cbsspots.co/ 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cbsspots.co/
Protocol
HTTP/1.1
Server
45.33.2.79 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li956-79.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
f3d9aa27846f3a65a627110f1d74c78a3eb5dedbdcce8097c3d7782e09b075fb

Request headers

Host
cbsspots.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
openresty/1.13.6.1
Date
Fri, 08 Oct 2021 17:33:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Language
Content-Language
de
Content-Encoding
gzip
Cookie set 1
cbsspots.co/mtm/async/.eJxdjMsOwiAURP-FZcVi4kZt-i3mgrdAwku4VhLjv0utLnR35mRmHuyWLTsxwTiDrEvDRhknzJjXYGKhcwCPLSpZSopUehWXgVKYqGnCSsKQdxxSclYB2RhEXcym_lvvhuu464_cetAoYLbTB-8o09emoHknunf18HNQrA542WJVBo... 		75 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://cbsspots.co/mtm/async/.eJxdjMsOwiAURP-FZcVi4kZt-i3mgrdAwku4VhLjv0utLnR35mRmHuyWLTsxwTiDrEvDRhknzJjXYGKhcwCPLSpZSopUehWXgVKYqGnCSsKQdxxSclYB2RhEXcym_lvvhuu464_cetAoYLbTB-8o09emoHknunf18HNQrA542WJVBoLGYR7lfn1kzxcH8kZI:1mYtk5:_ff5W0xKHfF0FAWjwqXzbX-Xfb4/1
Requested by
Host: cbsspots.co
URL: http://cbsspots.co/
Protocol
HTTP/1.1
Server
45.33.2.79 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li956-79.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
fc4a370b288cd361d4b08e724b47677aaee5217c012e0d35d4f4bf83b0ef6678

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cbsspots.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://cbsspots.co/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://cbsspots.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 17:33:11 GMT
Server
openresty/1.13.6.1
Vary
Accept-Language
Content-Language
de
Set-Cookie
mtm_delivered=""; expires=Fri, 08-Oct-2021 18:33:11 GMT; Max-Age=3600; Path=/
Connection
close
Content-Type
text/html; charset=utf-8
Content-Length
75
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: cbsspots.co
URL: http://cbsspots.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cbsspots.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
3700EJ4ZWWQ4P78Z
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by
cache-hhn4070-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1633714390.111079,VS0,VE0
date
Fri, 08 Oct 2021 17:33:10 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13909
0d385ba8a0
bam-cell.nr-data.net/1/ 		49 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/0d385ba8a0?a=31561968&v=1210.e2a3f80&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=328&ck=0&ref=http://cbsspots.co/&ap=2&be=293&fe=299&dc=298&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1633714389792,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:8,%22c%22:8,%22ce%22:136,%22rq%22:136,%22rp%22:272,%22rpe%22:273,%22dl%22:275,%22di%22:299,%22ds%22:299,%22de%22:299,%22dc%22:299,%22l%22:299,%22le%22:299%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cbsspots.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 17:33:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVRDwAIXFBUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoKClEOVnRMB05WAhtDBQUIAwgHUAZRBgMCUgVXBEBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
69b11cda6950691f-FRA
px
rqentry.com/api/v1/ 		0
0
px
rqentry.com/api/v1/ 		1 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Requested by
Host: cbsspots.co
URL: http://cbsspots.co/
Protocol
HTTP/1.1
Server
213.174.155.140 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
489e91240d490d1a5ecdf3a4722f98fd119524a5c6cd79a2841eca7b2ae0e707

Request headers

Host
rqentry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://cbsspots.co/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cbsspots.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 08 Oct 2021 17:33:11 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
ETag
W/"499-C24TsSuF7pVNYyPd/r32FBElW9g"
Content-Encoding
gzip
0d385ba8a0
bam-cell.nr-data.net/events/1/ 		0
0
0d385ba8a0
bam-cell.nr-data.net/jserrors/1/ 		0
0
Primary Request /
grandprizeslot.com/
Redirect Chain
  • http://rqentry.com/api/v1/pxcheck?impId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaX...
  • https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Requested by
Host: rqentry.com
URL: http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.156.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26

Request headers

:method
GET
:authority
grandprizeslot.com
:scheme
https
:path
/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://rqentry.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h

Response headers

date
Fri, 08 Oct 2021 17:33:11 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4OC6WK%2BFi%2BfMN4T7vLxyiBIhXUC3wwPJFE77oz02M2cXNixh1rPUxtSTldcD2aulbnctxBWMa45aAizKDCJo8mVYXfmR5JR5fq%2FwE3QacIMwloMUrxA3qTfH9ogRVudPE5VQmM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69b11ce3b8702774-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 08 Oct 2021 17:33:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
252
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Vary
Accept
jquery-latest.min.js
www.p7campaign.com/landing/50promos/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/js/jquery-latest.min.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"1762a-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNq9Okqf9OD%2FCIRC95LAUF5ub2kpQphnEVN9oWAES7T%2BQDKmCCW5o%2B8OhKWyw8%2FFgluBnmotUVhSVcyKpXi%2BNyMdCnGjJFPBHyPrIpzs29socd1J%2BgJud2FGSppvqNoIPNC6880%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69b11ce7195d2798-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
slick.css
www.p7campaign.com/landing/50promos/slick/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick.css
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"6f0-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO7z9L3Ic3osz8e6GJGR9YaEoIXbgrab6LIbwNqqEi8tOgu6HybqlBqyboJB5rGBRd26Av7fxK2Ulwa6G2q%2BPylQLJtxw0oqSo5x1huRQM9T5pQS306bUmuNlVkYdu2TGbhHakc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69b11ce719572798-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
slick-theme.css
www.p7campaign.com/landing/50promos/slick/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick-theme.css
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"c49-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e%2B%2B2%2FsjCZGVFD8bIQTexFb3Vr9%2BeNmcEW1%2B760ArTngqaTpqXMhkNAWR704vvzd1zKrpAHUK6NatmIo861czaQm%2BqJr2yxdLgl8U%2BwOa1FxIChmVpzmZp%2FM5LI9kexBf5R8zMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69b11ce719582798-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
master.css
www.p7campaign.com/landing/50promos/css/ 		136 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/css/master.css
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16d4a7b00597e66d9cdadf2ab472889d5bf3feb5650d92e7d60f17faa853c8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"2216f-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpYbgsiyGHan1V3pxaF9E9wiARRQtMFhDHixlDIe2F8PlwaZXLD8eJfZh%2BcIrNTac4DdxETYWn7KLjXyqsPTEtCCYWvLpmDWQWovc7J%2B2rPheZ06GaOAFaGag0eVVSgT%2B%2FTBAsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69b11ce7195b2798-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
dc86da900c519b90310711875db25146c89c19d2a0cce51f94127298e485a9e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 17:33:12 GMT
server
ESF
date
Fri, 08 Oct 2021 17:33:12 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 08 Oct 2021 17:33:12 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2214759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27277
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89zO9m%2FX8ozFKAdYP6ix31pYNK%2BnztVD2aY%2BQ6yDF8RXeqiDdkl1UC36yDSr0SqG339f6WMI5qLd%2F3naxRXh%2FZ00YXXU63n%2F86W7wWLpyEJkxA3Vjoyh92AGZKuYfYaEaU1n5rpq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69b11ce6ebc54a85-FRA
expires
Wed, 28 Sep 2022 17:33:12 GMT
jstz.min.js
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/jstz.min.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
770285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3385
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ece-2f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAEK2Z2fN9zo42Xd8WMKoycsRS%2B9nosQYC0uw5aOpmZFKCPmXkTiLGScHzVEk%2F%2BAtaOV53ZeA%2Brqx08YjYvdYhDAZzRxfZ2cHNpgYUbRVPoJL01rXE7Ge0fD2rd2OEXkoL9zaJMs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69b11ce6ebc74a85-FRA
expires
Wed, 28 Sep 2022 17:33:12 GMT
logo.svg
www.p7campaign.com/landing/50promos/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/logo.svg
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0581ef33673de56f695a329b338c18d854cfbdae351d3e3d5ef089e3d419eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"20bf-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDjOPmr7FzncDf1DtQyfaBSGT%2Ffepe30kPUF4hFnYA7OGWdgiG0PbK7wx9x%2FaW2l6ex%2FylZhOYdFEc%2FHyrMi%2Fplc%2BYz%2FgcU2GF6VhlFhz2jIprKFrfjZrO5V%2BCZnc85145aBb6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69b11ce779ac2798-PRG
expires
Sat, 09 Oct 2021 16:00:15 GMT
cash-bandits-3.png
www.p7campaign.com/landing/50promos/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cash-bandits-3.png
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0acc00c676455118b2ceb6f77db9b66785951c549b9f0866f507a657e8390be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40512
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"9e40-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDMjCMviEJurJLKuiBysoMkjn4qedbKAIzrB7aPfWzu%2FyagIji1fKvuFz4akYr3%2FYjdW%2BJvO%2BXAGqnIg7L7sYrGHiGcLgn%2FxWy%2FZwGAJ1pAi32bclILDSuiClMdpzG71d8dUolk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce779ad2798-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
cashbandits3.gif
www.p7campaign.com/landing/50promos/images/ 		915 KB
917 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cashbandits3.gif
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968482c9b036325cbac386e91aa57146245de6aeb1b3adcb4d693c043f99326d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
937222
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"e4d06-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWqejbth3iw1ofoiDQb6gd0lOqMGADNCFyCXVvyFi2VGKT88k8c%2F%2FoX3BdgTsuOcLpshESQ1%2Bu%2BfoIyCntSfRrrJ9A9%2BUAzdjQ4H%2Fvtl7MZbstcSxMT9ZkJD9mTbHiVr7eQF%2Bx8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce779ae2798-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamond-fiesta.png
www.p7campaign.com/landing/50promos/images/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamond-fiesta.png
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb9e9b6bcb1fa0273607ab85fa5c4819f5eb87895c656f1d08fd1a5171a31b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56655
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"dd4f-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckR9Cv5ak%2BwfRBn8fw0A0ARM8ZUhnjwudEGgVQGvbns0dD6Lh4PqJklvtPClt8gz%2BVhHlcc%2FpKbmDDa%2BOU11MD6ogC1IHrtsHkPTwJt2baEhNHt3dTRne5PO%2B3WhgHrPjVmhRI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc3278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamondfiesta.gif
www.p7campaign.com/landing/50promos/images/ 		893 KB
894 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamondfiesta.gif
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14bc852ac34d2384221813cd5facff7b97dfe25581186fde7d0537084508b641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
914792
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"df568-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqjFs3M2nCmGss2pPmASAGD0S%2By3p46FAzpsVD%2FWld2FeEBfJOV0AzapDVPYWw0y57PDKIi%2Fgeerg7oWB5YOnzGVb6%2Bo2jQnjpuoJFsuSODza2zUcw5Jyz%2FnPs4xg5yrySDFj8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc4278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
ic-wins.png
www.p7campaign.com/landing/50promos/images/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/ic-wins.png
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993866005050291730122ad1c8d4439b48e1923eac017e3ab2539020be9d91d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38024
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"9488-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnBrbtCuhQiYAFvCS3IZiJW8ooC9TmKkFPLsafWliphURYgevSyILeVGyMOPO5ZB1PHG1TrNfpD0Q07bIN6hhtk7OWQwMYoKcycn2AZmSgGX10KLAqkYKSR2iVuALkNYbrnMBjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc5278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
icwins.gif
www.p7campaign.com/landing/50promos/images/ 		738 KB
738 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/icwins.gif
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d696bf8a573805ae4fa078055fb8f7369fd2a132ab6f51792f585522115782

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
755336
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"b8688-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTizV39w5en8UETHW9aREZdQMGyh0OM1%2FUWJ0OJNMPpHiWFw4f9AWFIajqqZlX31Px36ILDJVi%2Br0qjVpIC3DVewEdH3DUdQksbk%2B0mNxSKkHYJ8IGry8vDyVLlQ4usVNFBv%2Bg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc6278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
cash-bandits-3.jpg
www.p7campaign.com/landing/50promos/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cash-bandits-3.jpg
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e1c0db50c75d197012de74fd3fcd517b1f706bfd3160e7cda13227a690dbb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18119
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"46c7-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGh%2FhZ3RuSWrM8YbJx5F63TcxIWqZmphc7%2Btx6e6BCNtoYBZdYwhTMpwq3XfVYrMamrdEhnJkDh5D%2B9NuA4cE1EpQh8KJug3o7Ixu32OJFeOLFTmWt0IY0JMiFc6YONcrthNq%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc7278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamond-fiesta.jpg
www.p7campaign.com/landing/50promos/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamond-fiesta.jpg
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0da5a734710c3fd1d63d3a6efcbbef73d8318e96a1700c4b7cc75718fe04c18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24484
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"5fa4-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOPfZmSpqowok%2Fp%2FXr8x8%2BX9zbivtK%2FLRVOKyL9hQp4oWjlRQ43WTQsiFRAEFaZk2IREqL%2FUojxeOyGr9%2F9lO2PmMImZBGpEObNxOg3blE3PKOAk7JYq2UaGBB9hCFZxWXv020M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc8278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
ic-wins.jpg
www.p7campaign.com/landing/50promos/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/ic-wins.jpg
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06784c975d99d8278a47b1b312ea757ba52496dc8cef9034f134ffbaa95b834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19329
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"4b81-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MP7ScQEkfXAo%2FtNCuej8A9vf8xnWYMC%2BBIm9I08PyEnwEWKsNUIOhgzTwbLSfoI2RiUmb1zuqOGJWnCBSLDVdb17m1H2WEnM0ikCSxbnzwz3ikF2p8rA2jsMxYFEoV1tXrG6UUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dc9278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
payment-methods-us.svg
www.help4casino.com/payment-methods/ 		39 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.help4casino.com/payment-methods/payment-methods-us.svg
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24199
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 08 Oct 2021 10:36:02 GMT
server
cloudflare
etag
W/"9a2f-5cdd4f2186880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TK7mZBXajiFTjTcERamZ9UotFmIw2w1saYgjdVTwwkUJRAD71yAAUgmko2l7lDVQJqmAZQzpW30bMIeSXPeVFXuhsVVnnEm2IoatslipHlo0jXFAMEZnI%2BR%2FlnSwGTWoWKqRIedY"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69b11ce939f74131-PRG
expires
Sat, 09 Oct 2021 10:49:53 GMT
close.png
www.p7campaign.com/landing/50promos/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/close.png
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7da654e8fe1bf6902c450e284df241a067416530ba83d1ee6d1e712010133d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1952
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"7a0-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzcpZ7bl32fcTx0IEdv82WPBDPruKHSTLDwA9Axg7pkvy5WIEwP%2F18haG6o446%2FKiJaJUZkreVGyD%2FCfrkmxl2vjSxT%2FKwOGxKnga6ScaSSQojjyzXp%2FeKjrEGfykQLwYXO5JmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ce77dca278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grandprizeslot.com/
Origin
https://grandprizeslot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
181624
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7e7a0b8d92041b2fd6a3c2a83f273a82
cf-ray
69b11ce7595a68fb-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
slick.min.js
www.p7campaign.com/landing/50promos/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick.min.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"a76f-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO8ZD8AHn7Wh%2Fwc%2BO%2Ff45Ls8cK2YeNH2LhBrc2a%2F1OKvzhOResxdhNGm7sgTylGSNj2K%2BHENlb760ANDOjZWF%2BwvWNbhHWNbEbf9ZAm9C%2FhcXmb%2FuUYDx2yOl63OpDPgzJzWkHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69b11ce759992798-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
master.js
www.p7campaign.com/landing/50promos/js/ 		2 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/js/master.js
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fc6e799796018389da15bcc8a166a94ef615890a0bb8e611694629331fef2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"797-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fzi3mUJMn%2BmU%2BZuEAq1Bd36F4zluQqUq1JDw8decv4t2Nqv12Ar30vW82sCcskhm1DWOV1tTIq3rkITNTRxmVfTkhLaLeL4dK2NA6yp6%2B9bNd1%2FEP%2BAcmyzbMwX1MBIyTLYTgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69b11ce779ab2798-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNNC8T8
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
12a3fdd4af0f8705cfb110f750b912890074dd35f684894d83eed9008b3d7af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43499
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 15:49:29 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Oct 2021 17:33:12 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		0
0
/
grandprizeslot.com/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Requested by
Host: grandprizeslot.com
URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26

Request headers

:path
/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
grandprizeslot.com
referer
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSKxSz09rpIP0OmNFMvpgx4abFs2VluLN4NCSUO%2FTn8uLGJUm0r5Ektvw6HACYSOJv6baIdRgp7Fn5IfhKUPtZf%2FJC2xxPbs9kgJIgQEh39OX%2Fcm9rzL3wGE1N1oqrJ%2BAAS5Fmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
69b11ce948634125-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
grandprizeslot.com/ 		46 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2685c17872b8a11ee5aec1963c73d3ae94c3d8714a3a2bba4d2c4bf390b77f0

Request headers

sec-fetch-mode
cors
origin
https://grandprizeslot.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
content-length
49
:path
/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
grandprizeslot.com
referer
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89E0N4I5aXLCUKGGHFGzV7pKz2Kv03ZdY67ySfZm4mbjaFPN69901trM8PV9EzdmvdWDgTT7GFUJHYCV8Wxfiroo9rmCEoS%2BrG6TLXea1Ur1GR3Aie3t39%2BbS3GASGyeepMyLOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
69b11ce948624125-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNNC8T8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5526
date
Fri, 08 Oct 2021 16:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 08 Oct 2021 18:01:06 GMT
js
www.google-analytics.com/gtm/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-T6PKRG2&t=gtm4&cid=1787647728.1633714393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
ff6440caf8af7c0f2e505f050eb05248bfb920a82b34b31c69d25afe15320421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39638
x-xss-protection
0
expires
Fri, 08 Oct 2021 17:33:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=815541017&t=pageview&_s=1&dl=https%3A%2F%2Fgrandprizeslot.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26clickId%3D6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&dr=http%3A%2F%2Frqentry.com%2F&ul=en-us&de=UTF-8&dt=Planet%207%20-%20Big%20wins%20are%20waiting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=244400367&gjid=382749155&cid=1787647728.1633714393&tid=UA-16512093-3&_gid=1449972907.1633714393&_r=1&gtm=2wga60NNNC8T8&z=810204339
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grandprizeslot.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://grandprizeslot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNNC8T8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5526
date
Fri, 08 Oct 2021 16:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 08 Oct 2021 18:01:06 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16512093-3&cid=1787647728.1633714393&jid=244400367&gjid=382749155&_gid=1449972907.1633714393&_u=aGDACEACRAAAAC~&z=998335303
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grandprizeslot.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 08 Oct 2021 17:33:12 GMT
content-type
text/plain
access-control-allow-origin
https://grandprizeslot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg.jpg
www.p7campaign.com/landing/50promos/images/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/bg.jpg
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa31ade1cee68723f8ce07569d4f18653c93fd96b473f62d46e7613e2f5b30eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
177004
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"2b36c-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sqgw5u5t5%2BXhrbaVgNH703bZUg427Mmad8UmvLheTklv%2BzXYQW8Ev5EgOnAcK3bSkdM7nS4h43n8uFvIPmFoZUNY0UwQyotEA5UAuaHSpy2uZyLVAl7izUsux9e0DcyO154Yiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ceac847278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
jackpot.png
www.p7campaign.com/landing/50promos/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/jackpot.png
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4672303954bbb49c9b9602045a711184abc2062387dc6e1a3c854f969003f04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
92689
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"16a11-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7lQG6GI8MKGaKfN4bwG4WCguulSXecq54ElKoPuHbWdx82zhdx3XRk%2Bal86cBdjzPOndrFaQvEhVwg84QZilJ0kDktH2ugFUwbTdSj4iucbklekVJTP1BwFZNjjpkHkLIowVFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69b11ceac84b278c-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
dollar.svg
www.p7campaign.com/landing/50promos/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/dollar.svg
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8c7437e3f2f2dea0f45b53835d0cdf3c0450e6ef6944b4310b3e02d22a60ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:33:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"e88-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpXU0snXzsVgkrZBlKwHDgUgvpRJ71KIppXojXF5QXDJemEwZ%2BrUIgk3%2B6mOzkaD07coEQFG74VwRBqwDbqcxMftbNWz%2FPPsRfaH7YzySxFQE9H7Vzh3d02BHc6wyiz9d33ByZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69b11ceac84c278c-PRG
expires
Sat, 09 Oct 2021 16:00:15 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grandprizeslot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:06:08 GMT
x-content-type-options
nosniff
age
307624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:06:08 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grandprizeslot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 03:54:04 GMT
x-content-type-options
nosniff
age
308348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 03:54:04 GMT
marcopolo.woff
www.p7campaign.com/landing/50promos/fonts/ 		0
0
marcopolo.woff2
www.p7campaign.com/landing/50promos/fonts/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16512093-3&cid=1787647728.1633714393&jid=244400367&_u=aGDACEACRAAAAC~&z=405287275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandprizeslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:33:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rqentry.com
URL
http://rqentry.com/api/v1/px?xmlid=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1210.e2a3f80&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1675&ck=0&ref=http://cbsspots.co/
Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/jserrors/1/0d385ba8a0?a=31561968&v=1210.e2a3f80&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1676&ck=0&ref=http://cbsspots.co/
Domain
dev.visualwebsiteoptimizer.com
URL
http://dev.visualwebsiteoptimizer.com/j.php?a=278486&u=https%3A%2F%2Fgrandprizeslot.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26clickId%3D6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&r=0.4094282981105235
Domain
www.p7campaign.com
URL
https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff
Domain
www.p7campaign.com
URL
https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| _vwo_code number| settings_timer number| _vwo_settings_timer object| jstz object| bootstrap function| copyToClipboard number| ValueJackpot object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize object| x string| x1 string| x2

4 Cookies

Domain/Path Name / Value
cbsspots.co/ Name: mtm_delivered
Value: ""
.grandprizeslot.com/ Name: _ga
Value: GA1.2.1787647728.1633714393
.grandprizeslot.com/ Name: _gid
Value: GA1.2.1449972907.1633714393
.grandprizeslot.com/ Name: _gat_UA-16512093-3
Value: 1

5 Console Messages

Source Level URL
Text
security error URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h(Line 34)
Message:
Mixed Content: The page at 'https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h' was loaded over HTTPS, but requested an insecure script 'http://dev.visualwebsiteoptimizer.com/j.php?a=278486&u=https%3A%2F%2Fgrandprizeslot.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26clickId%3D6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h&r=0.4094282981105235'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Message:
Access to font at 'https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff' from origin 'https://grandprizeslot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://grandprizeslot.com/?cid=%7B%7BclickId%7D%7D&clickId=6F0rblHf7bRLOCjDAoGBSDJe2Pur3DmkskxLkU3h
Message:
Access to font at 'https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2' from origin 'https://grandprizeslot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cbsspots.co
cdnjs.cloudflare.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
grandprizeslot.com
js-agent.newrelic.com
rqentry.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.help4casino.com
www.p7campaign.com
bam-cell.nr-data.net
dev.visualwebsiteoptimizer.com
rqentry.com
www.p7campaign.com
104.16.18.94
104.18.11.207
104.21.94.103
142.250.184.196
142.250.185.163
142.250.185.170
142.250.74.206
151.101.130.137
162.247.243.147
172.217.16.136
172.67.146.112
172.67.156.36
213.174.155.140
45.33.2.79
66.102.1.154
01d696bf8a573805ae4fa078055fb8f7369fd2a132ab6f51792f585522115782
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
12a3fdd4af0f8705cfb110f750b912890074dd35f684894d83eed9008b3d7af8
14bc852ac34d2384221813cd5facff7b97dfe25581186fde7d0537084508b641
489e91240d490d1a5ecdf3a4722f98fd119524a5c6cd79a2841eca7b2ae0e707
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26
4fb9e9b6bcb1fa0273607ab85fa5c4819f5eb87895c656f1d08fd1a5171a31b2
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
968482c9b036325cbac386e91aa57146245de6aeb1b3adcb4d693c043f99326d
993866005050291730122ad1c8d4439b48e1923eac017e3ab2539020be9d91d7
aa31ade1cee68723f8ce07569d4f18653c93fd96b473f62d46e7613e2f5b30eb
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54
c0581ef33673de56f695a329b338c18d854cfbdae351d3e3d5ef089e3d419eb8
c0acc00c676455118b2ceb6f77db9b66785951c549b9f0866f507a657e8390be
c2685c17872b8a11ee5aec1963c73d3ae94c3d8714a3a2bba4d2c4bf390b77f0
c4672303954bbb49c9b9602045a711184abc2062387dc6e1a3c854f969003f04
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ce8c7437e3f2f2dea0f45b53835d0cdf3c0450e6ef6944b4310b3e02d22a60ae
d0da5a734710c3fd1d63d3a6efcbbef73d8318e96a1700c4b7cc75718fe04c18
d7da654e8fe1bf6902c450e284df241a067416530ba83d1ee6d1e712010133d3
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc86da900c519b90310711875db25146c89c19d2a0cce51f94127298e485a9e6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e9fc6e799796018389da15bcc8a166a94ef615890a0bb8e611694629331fef2b
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06784c975d99d8278a47b1b312ea757ba52496dc8cef9034f134ffbaa95b834
f16d4a7b00597e66d9cdadf2ab472889d5bf3feb5650d92e7d60f17faa853c8b
f3d9aa27846f3a65a627110f1d74c78a3eb5dedbdcce8097c3d7782e09b075fb
f6e1c0db50c75d197012de74fd3fcd517b1f706bfd3160e7cda13227a690dbb5
fc4a370b288cd361d4b08e724b47677aaee5217c012e0d35d4f4bf83b0ef6678
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff6440caf8af7c0f2e505f050eb05248bfb920a82b34b31c69d25afe15320421