urlscan.io logo urlscan.io
SecurityTrails logo

landing-hg-vitt.com Open in urlscan Pro
2a07:180::32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fortuneadvert.com/go3429/?123.php
Effective URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&cli...
Submission: On September 03 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2a07:180::32, located in Belize and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is landing-hg-vitt.com.
TLS certificate: Issued by WE1 on July 26th 2024. Valid for: 3 months.
This is the only time landing-hg-vitt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.45.70.170 58061 (SCALAXY-AS)
1 1 2a07:180::362 209242 (CLOUDFLAR...)
36 2a07:180::32 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
38 3
1    5.45.70.170 (Netherlands)

ASN58061 (SCALAXY-AS, LV)
fortuneadvert.com
1    2a07:180::362 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
chufgtds.com
36    2a07:180::32 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
landing-hg-vitt.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
36 landing-hg-vitt.com
landing-hg-vitt.com
491 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 chufgtds.com
chufgtds.com — Cisco Umbrella Rank: 435184
626 B
1 fortuneadvert.com
fortuneadvert.com
232 B
38 5
Domain Requested by
36 landing-hg-vitt.com landing-hg-vitt.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com landing-hg-vitt.com
1 chufgtds.com 1 redirects
1 fortuneadvert.com 1 redirects
38 5

This site contains no links.

Subject Issuer Validity Valid
landing-hg-vitt.com
WE1		 2024-07-26 -
2024-10-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Frame ID: F9C4F3E793B2D31861629618594E8491
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vulkan Vegas

Page URL History Show full URLs

  1. http://fortuneadvert.com/go3429/?123.php HTTP 307
    https://fortuneadvert.com/go3429/?123.php HTTP 302
    https://chufgtds.com/12128/26806?param=68_3429_&click_id=10931587&lp=86 HTTP 302
    https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

512 kB
Transfer

714 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fortuneadvert.com/go3429/?123.php HTTP 307
    https://fortuneadvert.com/go3429/?123.php HTTP 302
    https://chufgtds.com/12128/26806?param=68_3429_&click_id=10931587&lp=86 HTTP 302
    https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request p9586
landing-hg-vitt.com/vulkanvegas/
Redirect Chain
  • http://fortuneadvert.com/go3429/?123.php
  • https://fortuneadvert.com/go3429/?123.php
  • https://chufgtds.com/12128/26806?param=68_3429_&click_id=10931587&lp=86
  • https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd287c7634664bb50efb2d3872a3d30149409bff7828516bf4cd89cfa3cafba2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8bd908c4fa9ab926-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 22:04:13 GMT
server
cloudflare

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8bd908c4586666cd-AMS
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 22:04:12 GMT
location
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
server
cloudflare
css2
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@600;700&family=Roboto:wght@400;500&display=swap
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e0bc4cf4156a94f5076e356b42bff855fc4e11c6fab4e4463f31d7a9230d665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://landing-hg-vitt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 22:04:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Sep 2024 22:04:13 GMT
style.css
landing-hg-vitt.com/promo/9586/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/promo/9586/css/style.css
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fb704173277eab8010c54cd2efdb57abf9eabea60ad484878d221d28903569

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2024 08:49:01 GMT
server
cloudflare
etag
W/"66c306fd-3516"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c59b2fb926-AMS
loading-mask.css
landing-hg-vitt.com/assets/css/ 		450 B
347 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/assets/css/loading-mask.css
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abeea1286316236b86d213f48642cbbcc1595037dc53278b71d6aed6d52456b

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 10:40:35 GMT
server
cloudflare
age
1644
etag
W/"66c715a3-1c2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c59b31b926-AMS
preloader.svg
landing-hg-vitt.com/promo/9586/img/ 		438 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/preloader.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3633b56ee9abd015fc3d31aceceb603b58f5f61c817885b17f64c08919ed31

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:57 GMT
server
cloudflare
etag
W/"60785c31-1b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c59b33b926-AMS
en.svg
landing-hg-vitt.com/shared/img/flags/ 		524 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/en.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0ec662a6417453c50c4e38e0d71260f92e5f7c317438b8c275ee2a0871a1eb

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 07:59:50 GMT
server
cloudflare
age
2081
etag
W/"6572ccf6-20c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c59b34b926-AMS
de.svg
landing-hg-vitt.com/shared/img/flags/ 		210 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/de.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbace9ab0afa55952aa1e6702ccaa9e78b1b03445ae8ee562591d73e0a2813f8

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
2081
etag
W/"655f4945-d2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb48b926-AMS
pl.svg
landing-hg-vitt.com/shared/img/flags/ 		204 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/pl.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
741b33e23459b0d96a9c251c254af444ac4f5a2efbc2ad3ed68c18e87004ff43

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
2081
etag
W/"655f4945-cc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb49b926-AMS
pt.svg
landing-hg-vitt.com/shared/img/flags/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/pt.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
359523226e533992d4ebb9b0229a7d5cff39baa39292873157d1044033895c3d

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
2081
etag
W/"655f4945-2090"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb4bb926-AMS
hu.svg
landing-hg-vitt.com/shared/img/flags/ 		253 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/hu.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f097a75ccb5209db07cb987fab1a01b4b631ef53ba18714924f8afb3dda48d

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
2081
etag
W/"655f4945-fd"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb55b926-AMS
ro.svg
landing-hg-vitt.com/shared/img/flags/ 		282 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/ro.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d010872dd3020a2c3aaa0458b9b1a515aee89d7179a2585c93b1c883df40b1

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
6052
etag
W/"655f4945-11a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb59b926-AMS
fr.svg
landing-hg-vitt.com/shared/img/flags/ 		269 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/fr.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96e0955d356acdef4d4eb2fc2321821e4fd8066558f2d0485a80ebeba056e9d

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
3437
etag
W/"655f4945-10d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb6db926-AMS
cz.svg
landing-hg-vitt.com/shared/img/flags/ 		218 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/cz.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e8941a6cea8e6cad702faa3d22377ddb32c510aa3134fed9a764374f34dad3

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
2081
etag
W/"655f4945-da"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb6fb926-AMS
gr.svg
landing-hg-vitt.com/shared/img/flags/ 		1 KB
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/gr.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81364b4598f992924597856de2b3a5b639e614487e87ee6c7e42142d7e65b032

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
6052
etag
W/"655f4945-40d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb71b926-AMS
no.svg
landing-hg-vitt.com/shared/img/flags/ 		304 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/no.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aae8cb31722001b120bc5674d7656a46116f78a554ee24e530eb982f3c6fe38

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
age
6223
etag
W/"655f4945-130"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb73b926-AMS
es.svg
landing-hg-vitt.com/shared/img/flags/ 		89 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/es.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee147f4421c2b552189f49038e448cc595c84143162bc571745089921b7d90a

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
etag
W/"655f4945-1631d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb75b926-AMS
bg.svg
landing-hg-vitt.com/shared/img/flags/ 		271 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/shared/img/flags/bg.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43794dcc340e1ed8743ad36d90ec382d753684510ff6bd126ea27e50defcdf1d

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 Nov 2023 12:44:53 GMT
server
cloudflare
etag
W/"655f4945-10f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb77b926-AMS
logo-en.svg
landing-hg-vitt.com/promo/9586/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/logo-en.svg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39b3056455b404b14ac6eed575da8accbe4335139984dfa3d01f24d6e679b2f

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:57 GMT
server
cloudflare
etag
W/"60785c31-2479"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb7ab926-AMS
wheel-spinner-en.png
landing-hg-vitt.com/promo/9586/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/wheel-spinner-en.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fb215dc1ff3d13f4252e9af6cfae6033e8cfd4d37dc399074a1e0247423912

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:57 GMT
server
cloudflare
etag
"60785c31-14cea"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb7cb926-AMS
content-length
85226
pay.png
landing-hg-vitt.com/promo/9586/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/pay.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a454c3b633376dc259d29b88030017f4d15882b8e2928690b86ffd38ada4c0a

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:56 GMT
server
cloudflare
etag
"60785c30-5348"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb7db926-AMS
content-length
21320
pay-mob.png
landing-hg-vitt.com/promo/9586/img/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/pay-mob.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
359075e6987ac43904278b0aee5934215fce69bd30aaeda914939d5331b06874

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:56 GMT
server
cloudflare
etag
"60785c30-b02a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb7eb926-AMS
content-length
45098
secure.png
landing-hg-vitt.com/promo/9586/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/secure.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d301a4846596e8fcc17d0873444e9c8a8303acb1e518f58407ce143cd485beb2

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-13c6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb7fb926-AMS
content-length
5062
secure-mob.png
landing-hg-vitt.com/promo/9586/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/secure-mob.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54565fabf2d3af8c3169989bc5f80abeaf6671dd06cab8d3ef93d22381fc1600

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-15c1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb81b926-AMS
content-length
5569
partners.png
landing-hg-vitt.com/promo/9586/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/partners.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efa076ae754f8b95b3121c2d6945ea1aa2d091bc49f1bace43f39ee21efe488

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:56 GMT
server
cloudflare
etag
"60785c30-2ac3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb84b926-AMS
content-length
10947
partners-mob.png
landing-hg-vitt.com/promo/9586/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/partners-mob.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ad35216747f60fb2f80532a0af99a810fbdaa73fb5860e2c0b0e02dcc06290

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:56 GMT
server
cloudflare
etag
"60785c30-7eb0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c5cb86b926-AMS
content-length
32432
email-decode.min.js
landing-hg-vitt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Aug 2024 14:27:12 GMT
server
cloudflare
etag
W/"66d1d6c0-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8bd908c5bb4db926-AMS
expires
Thu, 05 Sep 2024 22:04:13 GMT
bundle-341220101100.min.js
landing-hg-vitt.com/assets/js/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/assets/js/bundle-341220101100.min.js
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 10:40:57 GMT
server
cloudflare
age
2348
etag
W/"66c715b9-8b65"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5cb87b926-AMS
lm-1.0.1.min.js
landing-hg-vitt.com/assets/js/ 		366 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/assets/js/lm-1.0.1.min.js
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb35a1abe47587483909082b9460a3d2b5e89862b17e25bb842861d56c825cd

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 10:40:35 GMT
server
cloudflare
age
3992
etag
W/"66c715a3-16e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb50b926-AMS
jquery-3.6.0.min.js
landing-hg-vitt.com/shared/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/shared/js/jquery-3.6.0.min.js
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 10:11:03 GMT
server
cloudflare
age
4408
etag
W/"62f38437-15ae3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb52b926-AMS
main.js
landing-hg-vitt.com/promo/9586/js/ 		2 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/promo/9586/js/main.js
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8524b6b64bc63355bce41fd69774e435a0dafae179d385e881f50cf75a26ab67

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2024 08:49:01 GMT
server
cloudflare
etag
W/"66c306fd-76f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8bd908c5bb54b926-AMS
bg-desk.jpg
landing-hg-vitt.com/promo/9586/img/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/bg-desk.jpg
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6eb1196a69ddad3e11c31b6e2eda8ed0c80e8fbae2c80d6c9c7e600e0380690

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-1ec74"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bccb926-AMS
content-length
126068
lang-arr.png
landing-hg-vitt.com/promo/9586/img/ 		186 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/lang-arr.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c56417b1df7bb7552bba7d60a12aae958c14b72329d3b6e5ad01ad5b5d013ef

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bcdb926-AMS
content-length
186
wheel-win-frame.png
landing-hg-vitt.com/promo/9586/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/wheel-win-frame.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7410ae4fb5107248c206f1ea68d15b43f81f479f02ef1a3bc301bce5d36d8edf

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:57 GMT
server
cloudflare
etag
"60785c31-1221"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bcfb926-AMS
content-length
4641
wheel-btn.png
landing-hg-vitt.com/promo/9586/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/wheel-btn.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16662ce41178a45a03f6f73a939f319e01d7ab21705d3349216a77b0ded1c354

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:56 GMT
server
cloudflare
etag
"60785c30-52dd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bd1b926-AMS
content-length
21213
icons.png
landing-hg-vitt.com/promo/9586/img/ 		780 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-hg-vitt.com/promo/9586/img/icons.png
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f824e28b5a5ecbdc4c2cc04e44660b0e720c9d30ec614e5ee6e54dfc62ee258

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-30c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bd2b926-AMS
content-length
780
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600;700&family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://landing-hg-vitt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:14:45 GMT
x-content-type-options
nosniff
age
344968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 22:14:45 GMT
GothamProBold.otf
landing-hg-vitt.com/promo/9586/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/promo/9586/fonts/GothamProBold.otf
Requested by
Host: landing-hg-vitt.com
URL: https://landing-hg-vitt.com/promo/9586/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da270a3284e7d63a611ed00044392de057be65b73c22585d75f6785f1acff380

Request headers

Referer
https://landing-hg-vitt.com/promo/9586/css/style.css
Origin
https://landing-hg-vitt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:43 GMT
server
cloudflare
etag
"60785c23-de1c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c64bd9b926-AMS
content-length
56860
favicon.png
landing-hg-vitt.com/promo/9586/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://landing-hg-vitt.com/promo/9586/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::32 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc1494384b218ac818d93ebd9e69a278e5c2fc01f49ddc4b58ca6db9805e166

Request headers

Referer
https://landing-hg-vitt.com/vulkanvegas/p9586?atp=68_3429_&goto=sitereg&clickid=&plid=12128&bnid=26806&po=&lang=nl&cc=NL&click_id=10931587
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:04:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 15:30:55 GMT
server
cloudflare
etag
"60785c2f-486"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bd908c70c52b926-AMS
content-length
1158

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onLoadBundle function| $ function| jQuery function| bs function| _typeof object| fp function| pm object| devtools

11 Cookies

Domain/Path Name / Value
fortuneadvert.com/ Name: site491
Value: 3429
chufgtds.com/ Name: _HGAU
Value: 344a3cee-05d9-45c3-8746-6b2db48114d7
chufgtds.com/ Name: vst_cnt_17533
Value: 1
.chufgtds.com/ Name: __cf_bm
Value: b98m4ekjIsV7lVLT.ndjZ4vF3KjYx9vZEosdbxMIEdA-1725401052-1.0.1.1-A4FVJMWqQdl_0Qp6WWxvd4T5VpFqNhI.Q.cApUN8iCLIgvVtH04k07SCpWgVlgXReqp5F9zl_9ovPK.Wdum7hA
landing-hg-vitt.com/ Name: promouuid
Value: 883d9f22-909d-4da1-9dcb-47de53483795
landing-hg-vitt.com/ Name: 136c9b9cced1c868962ffc7c748fdee6
Value: 1
.landing-hg-vitt.com/ Name: __cf_bm
Value: 36ubcSRe2w_pjnh7S7o8VUEKSEoiTPWH2ADd0Nd.9h0-1725401053-1.0.1.1-IdCE7qjOl8SWgTqJ9o6Y8TnGlNVMbjyhTicSjlrG4_sbZsSWE3vKN2xI8ikwqcOYOXtUnrI75ZkIEfxoUjFPnQ
landing-hg-vitt.com/ Name: bl
Value: 1
landing-hg-vitt.com/ Name: bic
Value: 1
landing-hg-vitt.com/ Name: bct
Value: 0
landing-hg-vitt.com/ Name: fp
Value: c4a147ff61df5fb3543503ba3e9f891e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chufgtds.com
fonts.googleapis.com
fonts.gstatic.com
fortuneadvert.com
landing-hg-vitt.com
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a07:180::32
2a07:180::362
5.45.70.170
08d010872dd3020a2c3aaa0458b9b1a515aee89d7179a2585c93b1c883df40b1
0aae8cb31722001b120bc5674d7656a46116f78a554ee24e530eb982f3c6fe38
0c56417b1df7bb7552bba7d60a12aae958c14b72329d3b6e5ad01ad5b5d013ef
16662ce41178a45a03f6f73a939f319e01d7ab21705d3349216a77b0ded1c354
1f824e28b5a5ecbdc4c2cc04e44660b0e720c9d30ec614e5ee6e54dfc62ee258
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
359075e6987ac43904278b0aee5934215fce69bd30aaeda914939d5331b06874
359523226e533992d4ebb9b0229a7d5cff39baa39292873157d1044033895c3d
38f097a75ccb5209db07cb987fab1a01b4b631ef53ba18714924f8afb3dda48d
3b3633b56ee9abd015fc3d31aceceb603b58f5f61c817885b17f64c08919ed31
43794dcc340e1ed8743ad36d90ec382d753684510ff6bd126ea27e50defcdf1d
4e0bc4cf4156a94f5076e356b42bff855fc4e11c6fab4e4463f31d7a9230d665
4fb35a1abe47587483909082b9460a3d2b5e89862b17e25bb842861d56c825cd
54565fabf2d3af8c3169989bc5f80abeaf6671dd06cab8d3ef93d22381fc1600
58ad35216747f60fb2f80532a0af99a810fbdaa73fb5860e2c0b0e02dcc06290
59fb704173277eab8010c54cd2efdb57abf9eabea60ad484878d221d28903569
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
7410ae4fb5107248c206f1ea68d15b43f81f479f02ef1a3bc301bce5d36d8edf
741b33e23459b0d96a9c251c254af444ac4f5a2efbc2ad3ed68c18e87004ff43
7abeea1286316236b86d213f48642cbbcc1595037dc53278b71d6aed6d52456b
81364b4598f992924597856de2b3a5b639e614487e87ee6c7e42142d7e65b032
8524b6b64bc63355bce41fd69774e435a0dafae179d385e881f50cf75a26ab67
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9a454c3b633376dc259d29b88030017f4d15882b8e2928690b86ffd38ada4c0a
9efa076ae754f8b95b3121c2d6945ea1aa2d091bc49f1bace43f39ee21efe488
b6eb1196a69ddad3e11c31b6e2eda8ed0c80e8fbae2c80d6c9c7e600e0380690
c6fb215dc1ff3d13f4252e9af6cfae6033e8cfd4d37dc399074a1e0247423912
cbace9ab0afa55952aa1e6702ccaa9e78b1b03445ae8ee562591d73e0a2813f8
d301a4846596e8fcc17d0873444e9c8a8303acb1e518f58407ce143cd485beb2
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310
da270a3284e7d63a611ed00044392de057be65b73c22585d75f6785f1acff380
dbc1494384b218ac818d93ebd9e69a278e5c2fc01f49ddc4b58ca6db9805e166
dd0ec662a6417453c50c4e38e0d71260f92e5f7c317438b8c275ee2a0871a1eb
dd287c7634664bb50efb2d3872a3d30149409bff7828516bf4cd89cfa3cafba2
e96e0955d356acdef4d4eb2fc2321821e4fd8066558f2d0485a80ebeba056e9d
eee147f4421c2b552189f49038e448cc595c84143162bc571745089921b7d90a
f39b3056455b404b14ac6eed575da8accbe4335139984dfa3d01f24d6e679b2f
f9e8941a6cea8e6cad702faa3d22377ddb32c510aa3134fed9a764374f34dad3