urlscan.io logo urlscan.io
SecurityTrails logo

bg.servicelands.com Open in urlscan Pro
2606:4700:3031::ac43:9d9c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b&COST_CPC=&PLACEMENT...
Effective URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cp...
Submission: On June 26 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:9d9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.servicelands.com.
TLS certificate: Issued by WE1 on June 15th 2024. Valid for: 3 months.
This is the only time bg.servicelands.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 2a03:2880:f08... 32934 (FACEBOOK)
22 3
1    2606:4700:3032::ac43:af77 (United States)

ASN13335 (CLOUDFLARENET, US)
pontixy.store
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
wabotot.com
1    2606:4700:3030::ac43:ca57 (United States)

ASN13335 (CLOUDFLARENET, US)
trankingo.com
20    2606:4700:3031::ac43:9d9c (United States)

ASN13335 (CLOUDFLARENET, US)
bg.servicelands.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
20 servicelands.com
bg.servicelands.com
497 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
59 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 trankingo.com
trankingo.com
587 B
1 wabotot.com
wabotot.com
788 B
1 pontixy.store
pontixy.store
771 B
22 6
Domain Requested by
20 bg.servicelands.com bg.servicelands.com
code.jquery.com
1 connect.facebook.net bg.servicelands.com
1 code.jquery.com bg.servicelands.com
1 trankingo.com 1 redirects
1 wabotot.com 1 redirects
1 pontixy.store 1 redirects
22 6

This site contains no links.

Subject Issuer Validity Valid
servicelands.com
WE1		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-03 -
2024-07-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Frame ID: 2EB8422D868694F5CB80E5CEB94511F1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Funbox

Page URL History Show full URLs

  1. http://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b... HTTP 307
    https://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b... HTTP 307
    https://wabotot.com/click?key=640066962cb3e1b9df72&partnerid=3&clickid=cptmq8dabvlc73fq28n0&pubi... HTTP 307
    https://trankingo.com/?utm_campaign=711&bclickid=cptmngqvrftc73e9jlh0&pclickid=cptmq8dabvlc73fq28n... HTTP 302
    https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

586 kB
Transfer

820 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b&COST_CPC=&PLACEMENT_ID=21753702&CAMPAIGN_ID=1060842&DEVICE_BRAND=Unknown&BROWSER_NAME=ChromeMobile&USER_OS=Android&USER_CARRIER=A1Bulgaria&USERAGENT=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)Chrome/126.0.0.0MobileSafari/537.36&REMOTE_LANGUAGE=11&BANNER_ID=2975750 HTTP 307
    https://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b&COST_CPC=&PLACEMENT_ID=21753702&CAMPAIGN_ID=1060842&DEVICE_BRAND=Unknown&BROWSER_NAME=ChromeMobile&USER_OS=Android&USER_CARRIER=A1Bulgaria&USERAGENT=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)Chrome/126.0.0.0MobileSafari/537.36&REMOTE_LANGUAGE=11&BANNER_ID=2975750 HTTP 307
    https://wabotot.com/click?key=640066962cb3e1b9df72&partnerid=3&clickid=cptmq8dabvlc73fq28n0&pubid=1&sourceid=80&sub1=21753702&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6} HTTP 307
    https://trankingo.com/?utm_campaign=711&bclickid=cptmngqvrftc73e9jlh0&pclickid=cptmq8dabvlc73fq28n0&partnerid=3&pubid=1&sourceid=80&sub1=21753702&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6} HTTP 302
    https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/
Redirect Chain
  • http://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b&COST_CPC=&PLACEMENT_ID=21753702&CAMPAIGN_ID=1060842&DEVICE_BRAND=Unknown&BROWSER_NAME=ChromeMobile&...
  • https://pontixy.store/click?key=dbab644a35447fa6fdf2&SUB_ID_SHORT=3c5f0d6e7c61a10e7da7d866baf8803b&COST_CPC=&PLACEMENT_ID=21753702&CAMPAIGN_ID=1060842&DEVICE_BRAND=Unknown&BROWSER_NAME=ChromeMobile...
  • https://wabotot.com/click?key=640066962cb3e1b9df72&partnerid=3&clickid=cptmq8dabvlc73fq28n0&pubid=1&sourceid=80&sub1=21753702&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}
  • https://trankingo.com/?utm_campaign=711&bclickid=cptmngqvrftc73e9jlh0&pclickid=cptmq8dabvlc73fq28n0&partnerid=3&pubid=1&sourceid=80&sub1=21753702&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}...
  • https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ea0a5780e06d45ba9045eab973a6f92ea693c65bdaa425651f68cc9cc3f506

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899961b97e1d23ee-LHR
content-encoding
br
content-type
text/html
date
Wed, 26 Jun 2024 01:21:38 GMT
last-modified
Tue, 28 May 2024 09:12:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6x%2Fgr8Rb8xKmb6Lj5r60LUypllO1QQvLkN9OuqNXumtPRm8nbtDMM9WjRmmTruaUTp3ffwcRNc7RSMbtac15J12viPRv4wBJDnt%2BuBHlYGJuPyoYNKaH44qjokGixMO9Y62Q%2BZG4GytS0dxfvTH2okm"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899961b6b89479ad-LHR
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 01:21:38 GMT
location
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4Brfm37szCtOwrcy0%2FmqrNLlLS5i1BKQvC9a3BHPGZKyK5FN1fkzpe5cE12eyCTUwksobk6lI8E6W8zt5ZD7UPmtzKt%2BYTSdyjvM6xv0f6TmvaSKaEK51ycse5Efg1OYU83JrEgVMRCPrI2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
roboto400.woff2
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/fonts/roboto400.woff2
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a47-f904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMKDO2G8ME3ctjSTqBPzqAt4qLb8rygv8CwabC2SaHVt%2B8lSxsCXKYSHJ4D5NlBeV0npGhW13czaUl61nw6UcTJjhmRAivCXfdFRk3nab%2FupgHTMbLn2Q8WSAYlA83qc84nJpd58vF7ci8gX8PTvVFli"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961ba0eb123ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
63748
roboto500.woff2
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/fonts/roboto500.woff2
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a48-fcdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w716FXBjDVIQX5VaWWYSUSu6aDzDEzUYKIaj%2F3GJFHQ5K5LMStAFk5BEX2hWEpKuN%2FnzNldMo83iiIRB5wrxsZfgNwVohgEmHkVXO2j9D67%2B4j0nj9749%2BulusSJdQiBNmbep7K8fNaV3dVnU5hySiYa"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961ba0eb223ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
64732
main.min.css
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/main.min.css
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41eb97717341a65b2d3097dd1e2d1ef3f2856a4f48d6ad4912a3a869f9fea43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 28 May 2024 09:12:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6655a002-442d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGy%2FXgJ7%2Fzcv76PwgqOVGHrpZ81d32%2FK9KmrWgQjvXtPD8MT0x1EALj%2BIEy%2BNDg8vFSPQRUdqRYfWP3i6hqrHg2zj3Cw9x33u7%2BqvyVKxgXhjLikeiyvoxL9%2B5msemI2gQJwrL4%2BL5E6O3%2Bfv8L0n2uf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
899961ba0eb323ee-LHR
alt-svc
h3=":443"; ma=86400
getUrlParams.js
bg.servicelands.com/scripts/ 		114 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/scripts/getUrlParams.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fb96177ee088392cab75ef7ba649d282266e571cca87b7d52151839cb99129

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 13:30:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66436773-72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iebOaBX3pUqLorxv8OxdhwtuIsF702mGqX6V783a92KgPo7H2KpwpYlyHo7bUkimlt%2BALumzYzXPPUCyR9tDNN0X7KxH5gUdoFTyism2LxuCmKdowF1yNe9HEZgR0%2F1%2Bccu%2Fjm6AT5tvqXp0nzw0a23"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961ba0eb723ee-LHR
alt-svc
h3=":443"; ma=86400
pazzle.png
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/pazzle.png
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a662346e6f99fd175951ba92e13720d19dd4792f64b14a9f89b228a6b37d6a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a4a-3e62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMQdfnVwJ%2F5R0XYE%2B3CwRmOOo%2FRmhniEEnllzy74jk15g0XiTG24Xks%2FSRal%2BnCrsF1Oq3aVnJ%2FCRq62eRDbwz8WBvy0qkTRKAgz5cPBLDUdkOWkJ%2Bhf3u11JziwFv%2FgLCnpneLlCUzBEhMf3bFqrKTm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961ba0eb823ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
15970
hole.png
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/hole.png
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a83e4fb6e5a3b4ab8d9ed467b351de1433b8809b6902a9745d666a7d745c13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a49-7ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=La3QM7BnF1TCSXkpQ7MX8ICsTKhPiVWuc7FUrAQeTbsnEUCZPEV6NYP19xRMNiOTycnNbR3kR%2BLdLkY6WJks3iCSt5DfZ4vKDNoReIWWNMkQ0A6C6RCF6npXXf4fm58jfdQKh9U6Xe7EEuiwPXCviZM6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961ba0eb923ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
1998
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5222695
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-lhr-egll1980034-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719364899.092833,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
154816, 132204
script.min.js
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ 		2 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/script.min.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f3295e3099dd3a6f706866df3724b3fed0d9800c60cb04e691c7ce0cfbf5bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 16 May 2024 14:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66461786-75c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bos7xqKv0GmOnsKAg1ji2zFOxVRXkXaYkGCotePzhcY1SIbFuWxK6oYynPtVbttIl2Sc8a1CSpZ8SQCXlMedJksLmR4KcnCS6JlO2bg%2FYfBReR8HnUNSnG46hCrSCjcH4P4sxpRMFgzMAJUj2FvTgA3z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bb4f9f23ee-LHR
alt-svc
h3=":443"; ma=86400
ajax-support.min.js
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ 		270 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ajax-support.min.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3fe1752c9466dca70d32612b1a9c2b8d5e0cd93c4d2800e3e7907be0c152a4b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 28 May 2024 09:17:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6655a13d-10e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ar9W%2FGyFZNKvzaoVcSQqzPjELVljbzkKiTXOwvSVuEAyzUyVIIZSuJlQHblu9cY14mzPNbtpc94qzmVNppYeqFlnRlfatniGRhBxvr%2BYZ2DzBaY1k4q641ymjvLnz%2BDrpXqfSK4HhhBczM5uoV7MYmM5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961ba0ebc23ee-LHR
alt-svc
h3=":443"; ma=86400
ajax.min.js
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ 		601 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ajax.min.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c01a270dabace5e99103589437481a14a9b86cd02d181f6388b70a78f2fd5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 28 May 2024 09:20:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6655a1f6-259"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUbrQjMXcgBLoWctZwXYYoigMJhpzL8hs0ZUpFt%2Fw3OhJVXahvfBaRo98AimX7ASGWd8s%2BUkBMNu63aKzaUgHjmhSCTYa8Vnu6t9dgNnu9aCbJnQ4685%2FlpfHPeeU5MOciOsP9zZrYB2tb1DxAs%2F5cNF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961ba0ebd23ee-LHR
alt-svc
h3=":443"; ma=86400
events-psms.js
bg.servicelands.com/scripts/events/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/scripts/events/events-psms.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cb671d1a2af7c95cc5549bb3d844dea82634738ce4f12b1e98cb0ef2c47073

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 14:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664f55a3-7a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nYMnufRGsbM8ro9qQgYRnhc0zEWk0RnR5U6OXgncX97tGUNTUFrPXT%2FgR7lLkokpaBHp8YjNyrpjKPdp9MC3CRS7aPSxtWKChpMgqLa3aAbJ4DNxft0OgwlGUDD6sTQU4WSmIltp%2BcMAlZ%2BGbuu0eDe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bb4fa023ee-LHR
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b8c7febaf54f30ae57d0a2a05d0e36e103eb0b6a3d7816bc5e4c81411911206
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Jun 2024 01:21:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58025
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=14, mss=1392, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
q9MjvMMEDVN5PI9GuBzub0elfrvtaAqopicUtjo36K2DEn0XLqiFbtTvSLLjVopdCFho3CWTtiFanylEENzGAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
kit.png
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/ 		335 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/kit.png
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/main.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2072228454cef25fa5ef1e98b7a9d0b303a81eb2876a02886dab32941e6cce31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/main.min.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a49-53bb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yw1xBPltysuayweEvyYd048%2Bbv6zltG33%2FhxkqBzO91sPYg6BhD2UnmDlu9uy5Kvl7uZJ6Law8pRqvQBjdBvC2fOCvkExxQ0zqrKDzXd9aSx0kTu6aXJb6XlaJEqNqdM8JPFiw5ZIvsPk5Nyc61TnFHu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961bb4fa323ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
342963
icon_chevron_right.svg
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/ 		257 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/icon_chevron_right.svg
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/main.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad08d07bb6e76fff5fdd147a8bf5b3460ee4f2bed23cc4823c20a0dcfafb131c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/css/main.min.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66435a49-101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raDjggl1aAWx30oLPexZ6EBR%2FCD66NoDMjDq0ItD0VUOI3mSD4nRlBPB2skKLPWy5JnBvdb4Ps4uuZTh1q9YP6AwZwMIU%2FflOdS0O%2Bo7CBBaCO1l925NY%2FnXnoSVsbRHLv3tjIOmqiuTT9uof1uMWRKb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
899961bb4fa523ee-LHR
alt-svc
h3=":443"; ma=86400
additional-functions.js
bg.servicelands.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/scripts/additional-functions.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8de98f4fd049b72f102c654d8fbbf32bda96eeb59e32ecc10ac572582c8cc7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ajax-support.min.js
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 14:42:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664f55cd-627"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnFvuW6L7aV6GhExiBoKoc6wX0WwkQOLCmsdGhSrzua6PoKN7yZFi0i1KtCDka6p%2BPlTjLv17Uj6m5SrRj0K90z%2FHdeS%2FeHG5Ef%2FRST8zv8iv8Ksa0c2hVTAhHPyLnM%2FywvVsTS8%2B4d%2BwNmL19v3R%2Bjx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bbd80f23ee-LHR
alt-svc
h3=":443"; ma=86400
fingerprint.min.js
bg.servicelands.com/edc/fun/script/ 		510 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/script/fingerprint.min.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb3405f2993e6923ed2f72192d7fb34dd95649e048657e7cd6d95765e4f1c9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ajax.min.js
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 09:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664f0ddb-1fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQFHbbMqFedtadoGZ6eJcHNr4YZyJVxiW3TywOmXjuPZz2DdpF6ZG9ix%2FRCCpL6rTUdaSBCc5pZbocxIa%2FZcs%2B38o2GF8ntsoOzcZ3FXb1dJqPiDaIKrxnUG%2B9mlzFi6ewf%2BX9xGNBKCRTBR87H7fxNC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bbd81123ee-LHR
alt-svc
h3=":443"; ma=86400
ajax-psms.js
bg.servicelands.com/scripts/ajax-flow/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/scripts/ajax-flow/ajax-psms.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4cc66aa0cce201447cd19a2e7fa33c2d4d68f6434eb9c8cb572aefaf1d4e15

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/js/ajax.min.js
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 22 May 2024 13:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664df213-143a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SAjyD6VOs6H5dOO2f8oK8oN%2BQBaWohiv1Kc%2BFHHRgKZF4HhAN77bAgLffcwWxBWSCqiRaYHmXsHrnVBxMu%2FlLF8qdBMceYGEz0K7SAJerV2xXSWVjifMS1nWAE769Ktu%2BVu%2Fya6VYvH9iJLe7xT3Qaj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bbd81323ee-LHR
alt-svc
h3=":443"; ma=86400
api.php
bg.servicelands.com/lp-logs/analytics/ 		90 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/lp-logs/analytics/api.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9afb1cee40d3decef3ddfdfd64da32b91e505381ababb5813121b76f91945bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wARbuxGIB6OAemTu3n%2F3%2FtlgcwO3ITn7em94KIFehA0talJ60zBFoLWusPBkYalfkPpZxE4DxP8sHSQY%2FoE88yBiQggpjC51IwoiIUhG5TtoPsmIkZMN%2FeQDhy8InPCwAK6%2ByE0R9g9Z6jLdoD%2BUk8yV"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
899961bc587b23ee-LHR
alt-svc
h3=":443"; ma=86400
config.js
bg.servicelands.com/edc/fun/script/ 		132 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/script/config.js
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0096a451602bbee7d7f580095be67b61a525f571d204a6f200a8c6d3a47fe9a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/script/fingerprint.min.js
Origin
https://bg.servicelands.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 11:17:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664f25e3-84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhEYobY5YqzXN65vfrkkjah15uDoEtVu1GFuvqSj9%2BqvAo%2B%2Bx%2FRPj3v11mWPsyCb8ZbP%2BvPD2c%2Fbs2ijaMVjqGbPI0X0DcbHoUek1AT5MPDRzwNwW8GnXgHmL8H5BlBpdwBR6pKJlNoBcsj0Hannz3Ey"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
899961bc587d23ee-LHR
alt-svc
h3=":443"; ma=86400
footer-bg.html
bg.servicelands.com/edc/fun/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/footer-bg.html
Requested by
Host: bg.servicelands.com
URL: https://bg.servicelands.com/scripts/additional-functions.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4970755688e63621cdef9a16e0792725a455375ff155c38407d5dc64759ce84b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 07:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTsmifs8vbOZT%2ByDMSgQ2XO%2FQvIILWqOVSGyl9PKRPIagm4GNuBWTh5CVedrzNm75bZFSu3YLCGJKAYTohxMOjAtU%2Bflk3tpYkIRN8tQpVB3DmHWY8ImsPJ19AoD4LXGNT4ITlQLbRKtcyk%2FRUxsmVTq"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
899961bc688823ee-LHR
alt-svc
h3=":443"; ma=86400
favicon.png
bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/ 		216 B
688 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840a16673ce705a953c5076af762a6c9639334e589f0395a8219adce830f84d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bg.servicelands.com/edc/fun/general/qwe/lp27_tr_ypdvgf/?clickid=uzmwg8&trackingid=cptmngqvrftc73e9jlh0&affclickid=cptmq8dabvlc73fq28n0&sub1=1&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:21:39 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2024 12:34:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66435a49-d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWhS7P5kbYtOoc%2BLlFcXSMF2vns%2FPUSBLgs6MKWQhAKbZcGLmSjM5qccce7MPD%2F4Obonlftx1mrLBHJCW9iGvqFfAfuZL8ti%2B8%2Bz7JDCFJ5JXjbhUZ1Ew2f1xdDzbCAGjZCOLdXBiJr1DXfQR1w4JoV%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
899961bcf90523ee-LHR
alt-svc
h3=":443"; ma=86400
content-length
216

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| sub5 function| fbq function| _fbq function| $ function| jQuery function| sendEvents function| handleEvents

6 Cookies

Domain/Path Name / Value
pontixy.store/ Name: uclick
Value: nbXYxlwJbY411+vxYWCYtfT/hqhUZ/M44Lr1/H1UCwJ5KCSGYWlisR5c+i37wUwrW7AsYkDx
pontixy.store/ Name: bcid
Value: cptmq8dabvlc73fq28n0
pontixy.store/ Name: cid
Value: cptmq8dabvlc73fq28n0
wabotot.com/ Name: uclick
Value: nbvbnVlYbNI10bH3amCY5cPmEdjc9YJPggstMnGwipz7dGDJuWN1yEZxhYXGydFd4T7900E=
wabotot.com/ Name: bcid
Value: cptmngqvrftc73e9jlh0
wabotot.com/ Name: cid
Value: cptmngqvrftc73e9jlh0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bg.servicelands.com
code.jquery.com
connect.facebook.net
pontixy.store
trankingo.com
wabotot.com
2606:4700:3030::ac43:ca57
2606:4700:3031::ac43:9d9c
2606:4700:3032::ac43:af77
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42::649
2a06:98c1:3120::3
0096a451602bbee7d7f580095be67b61a525f571d204a6f200a8c6d3a47fe9a8
06cb671d1a2af7c95cc5549bb3d844dea82634738ce4f12b1e98cb0ef2c47073
0a4cc66aa0cce201447cd19a2e7fa33c2d4d68f6434eb9c8cb572aefaf1d4e15
14f3295e3099dd3a6f706866df3724b3fed0d9800c60cb04e691c7ce0cfbf5bb
2072228454cef25fa5ef1e98b7a9d0b303a81eb2876a02886dab32941e6cce31
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
47c01a270dabace5e99103589437481a14a9b86cd02d181f6388b70a78f2fd5b
4970755688e63621cdef9a16e0792725a455375ff155c38407d5dc64759ce84b
53ea0a5780e06d45ba9045eab973a6f92ea693c65bdaa425651f68cc9cc3f506
5b8c7febaf54f30ae57d0a2a05d0e36e103eb0b6a3d7816bc5e4c81411911206
840a16673ce705a953c5076af762a6c9639334e589f0395a8219adce830f84d2
a7fb96177ee088392cab75ef7ba649d282266e571cca87b7d52151839cb99129
ad08d07bb6e76fff5fdd147a8bf5b3460ee4f2bed23cc4823c20a0dcfafb131c
b8a662346e6f99fd175951ba92e13720d19dd4792f64b14a9f89b228a6b37d6a
ce8de98f4fd049b72f102c654d8fbbf32bda96eeb59e32ecc10ac572582c8cc7
d2a83e4fb6e5a3b4ab8d9ed467b351de1433b8809b6902a9745d666a7d745c13
d3fe1752c9466dca70d32612b1a9c2b8d5e0cd93c4d2800e3e7907be0c152a4b
d41eb97717341a65b2d3097dd1e2d1ef3f2856a4f48d6ad4912a3a869f9fea43
dcb3405f2993e6923ed2f72192d7fb34dd95649e048657e7cd6d95765e4f1c9b
e9afb1cee40d3decef3ddfdfd64da32b91e505381ababb5813121b76f91945bb
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a