urlscan.io logo urlscan.io
SecurityTrails logo

www.gratis-waardebon.com Open in urlscan Pro
185.3.185.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3xliikm#cl/1081_md/2306/8378/1043/5/490150
Effective URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203...
Submission: On July 08 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 185.3.185.114, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.gratis-waardebon.com.
TLS certificate: Issued by R3 on June 18th 2021. Valid for: 3 months.
This is the only time www.gratis-waardebon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 89.163.223.13 24961 (MYLOC-AS ...)
1 1 34.91.99.156 15169 (GOOGLE)
19 185.3.185.114 8426 (CLARANET-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
21 3
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebasestorage.googleapis.com
1    89.163.223.13 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: jxlj.zimo.icu
amazop.de
1    34.91.99.156 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 156.99.91.34.bc.googleusercontent.com
paujames.com
19    185.3.185.114 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
www.gratis-waardebon.com
1    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
Apex Domain
Subdomains		 Transfer
19 gratis-waardebon.com
www.gratis-waardebon.com
271 KB
1 cleverpush.com
static.cleverpush.com
41 KB
1 paujames.com
paujames.com
788 B
1 amazop.de
amazop.de
368 B
1 googleapis.com
firebasestorage.googleapis.com
788 B
1 bit.ly
bit.ly
329 B
21 6
Domain Requested by
19 www.gratis-waardebon.com firebasestorage.googleapis.com
www.gratis-waardebon.com
1 static.cleverpush.com www.gratis-waardebon.com
1 paujames.com 1 redirects
1 amazop.de 1 redirects
1 firebasestorage.googleapis.com
1 bit.ly 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.gratis-waardebon.com
R3		 2021-06-18 -
2021-09-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Frame ID: A8988AD4F3CC09F5453CE3BF22194897
Requests: 17 HTTP requests in this frame

Frame: https://www.gratis-waardebon.com/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
Frame ID: 3C12AE101935BAA353D557D9F9D01CEF
Requests: 2 HTTP requests in this frame

Frame: https://www.gratis-waardebon.com/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
Frame ID: 3B364FA279967CD675CC5E64879F2A8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3xliikm HTTP 301
    https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c... Page URL
  2. http://amazop.de/cl/1081_md/2306/8378/1043/5/490150 HTTP 302
    https://paujames.com/?a=2883&oc=10670&c=31121&m=3&s1=2306&s2=1081_6&s3=5_490150_8378_7627_md HTTP 302
    https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883... Page URL

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

312 kB
Transfer

643 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3xliikm HTTP 301
    https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec Page URL
  2. http://amazop.de/cl/1081_md/2306/8378/1043/5/490150 HTTP 302
    https://paujames.com/?a=2883&oc=10670&c=31121&m=3&s1=2306&s2=1081_6&s3=5_490150_8378_7627_md HTTP 302
    https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3xliikm HTTP 301
  • https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
reedirector.html
firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/
Redirect Chain
  • https://bit.ly/3xliikm
  • https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec
97 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
398915abced02b741f501e9ff8e63f91f992123b068877a6adeee765776c3727

Request headers

:method
GET
:authority
firebasestorage.googleapis.com
:scheme
https
:path
/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-guploader-uploadid
ADPycduNgiIy8JVZWR_7mEnHWySUaL1b5V0fjcpGcWq9gGRy1pQirtbBW88OYjPUhdkJgtuTfLz_zhhow6wbbVuIPQ
expires
Thu, 08 Jul 2021 06:49:31 GMT
date
Thu, 08 Jul 2021 06:49:31 GMT
cache-control
private, max-age=0
last-modified
Fri, 16 Apr 2021 16:13:28 GMT
etag
"7d7a4d956fbd251a88f50fbe1b52c633"
x-goog-generation
1618589608557777
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
97
x-goog-meta-firebasestoragedownloadtokens
de7e7367-28c3-4618-a3b2-6fe992ef19ec
content-type
text/html
content-disposition
inline; filename*=utf-8''reedirector.html
x-goog-hash
crc32c=kZ1lCw== md5=fXpNlW+9JRqI9Q++G1LGMw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
97
server
UploadServer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

server
nginx
date
Thu, 08 Jul 2021 06:49:30 GMT
content-type
text/html; charset=utf-8
content-length
230
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec
referrer-policy
unsafe-url
set-cookie
_bit=l686Nu-4bee96acdc1e1eb2f4-00d; Domain=bit.ly; Expires=Tue, 04 Jan 2022 06:49:30 GMT
via
1.1 google
alt-svc
clear
Primary Request wingame.pl
www.gratis-waardebon.com/cgi-bin/
Redirect Chain
  • http://amazop.de/cl/1081_md/2306/8378/1043/5/490150
  • https://paujames.com/?a=2883&oc=10670&c=31121&m=3&s1=2306&s2=1081_6&s3=5_490150_8378_7627_md
  • https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
43 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
10c6120133820bcc13fa202281b38636418358cbf7da05e502c7dac0fffec853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.gratis-waardebon.com
:scheme
https
:path
/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://firebasestorage.googleapis.com/v0/b/click-311e9.appspot.com/o/reedirector.html?alt=media&token=de7e7367-28c3-4618-a3b2-6fe992ef19ec#cl/1081_md/2306/8378/1043/5/490150

Response headers

server
nginx
date
Thu, 08 Jul 2021 06:49:32 GMT
content-type
text/html;charset=ISO-8859-1
x-firstpage
1
x-page
pregame
x-map-context
be
x-served-by
d-01
content-encoding
gzip
strict-transport-security
max-age=31536000

Redirect headers

Date
Thu, 08 Jul 2021 06:49:31 GMT
Content-Type
text/html; charset=utf-8
Content-Length
268
Cache-Control
private
Location
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sl=fagzCvxhffpv5xie8lrZs31eVJYDVZXpQfO9EhlEvqRAjPgAy5IGGg==; domain=.paujames.com; path=/; HttpOnly ti=HLMX1xetm79iSdByDKxW631eVJYDVZXpQfO9EhlEvqRAjPgAy5IGGg==; domain=.paujames.com; expires=Wed, 08-Jul-2026 07:49:27 GMT; path=/; HttpOnly c10644=fagzCvxhffqDcHZyVBrI+8AkyUXZy4uEIAUxwI+Uu7QifCgMh3Te7w==; domain=.paujames.com; expires=Sat, 07-Aug-2021 06:49:27 GMT; path=/; HttpOnly
switch_language_layer.css
www.gratis-waardebon.com/wingame/global/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/wingame/global/css/switch_language_layer.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/global/css/switch_language_layer.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
W/"5eac2010-aab"
x-served-by
d-01
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
default.css
www.gratis-waardebon.com/_global/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/css/default.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/css/default.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
nginx
x-map-context
be
etag
W/"5c6a6438-10e7"
x-served-by
d-03
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
font-awesome.min.css
www.gratis-waardebon.com/_global/fonts/font-awesome-4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
nginx
x-map-context
be
etag
W/"57b58573-71c7"
x-served-by
d-04
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
foundation-flex-grid.css
www.gratis-waardebon.com/_global/wingame/default/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/wingame/default/css/foundation-flex-grid.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
b3e3ca56fcccc5bcac4930567cd4907e62be8503fb9f27a4cc3a2b178f7122a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/default/css/foundation-flex-grid.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 21 Feb 2020 13:26:38 GMT
server
nginx
x-map-context
be
etag
W/"5e4fda8e-50d1"
x-served-by
d-01
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
series.css
www.gratis-waardebon.com/_global/wingame/75/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/wingame/75/css/series.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
854fff6e7afd9620d7f90a3a395440bf1215e8fcd2ef00fd5706be8b44b0196f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/75/css/series.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 09:40:05 GMT
server
nginx
x-map-context
be
etag
W/"607566f5-3de2"
x-served-by
d-02
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
sweepstake.css
www.gratis-waardebon.com/wingame/68/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/wingame/68/css/sweepstake.css?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
1aa43975191d08d7b890c8208ec3de5b51e94cf2c7fba936fdc9f792102787ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/68/css/sweepstake.css?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 10:23:17 GMT
server
nginx
x-map-context
be
etag
W/"60757115-14b9"
x-served-by
d-03
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
MooTools-Core-1.6.0-compressed.js
www.gratis-waardebon.com/_global/js/framework/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
nginx
x-map-context
be
etag
W/"5a059201-15e64"
x-served-by
d-04
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
scripts.js
www.gratis-waardebon.com/_global/js/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/js/scripts.js?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
e41eab570cc8a5a6f7a4d824b3bc2ffdfc10900ffef68b1aeb85fa0101fb65ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/js/scripts.js?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 08:20:13 GMT
server
nginx
x-map-context
be
etag
W/"6093a6bd-dd05"
x-served-by
d-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
global.js
www.gratis-waardebon.com/wingame/global/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/wingame/global/js/global.js?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/global/js/global.js?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
W/"5eac2010-bc3"
x-served-by
d-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
series.js
www.gratis-waardebon.com/_global/wingame/75/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/_global/wingame/75/js/series.js?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
028ca1be6f00fdeb2a72e8e3585790236a9f280ac04283c061611d659791752b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/75/js/series.js?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 10:35:38 GMT
server
nginx
x-map-context
be
etag
W/"5fb79bfa-3018"
x-served-by
d-03
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
sweepstake.js
www.gratis-waardebon.com/wingame/68/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/wingame/68/js/sweepstake.js?2021-07-08.1
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ffdbdc0f7715f3a275305fd54026622c61e931ee4bf1fd4bcd96e35f8430f7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/68/js/sweepstake.js?2021-07-08.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
W/"5eac2010-e72"
x-served-by
d-04
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000
expires
Fri, 09 Jul 2021 06:49:32 GMT
close_icon.svg
www.gratis-waardebon.com/wingame/global/images/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gratis-waardebon.com/wingame/global/images/close_icon.svg
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/global/images/close_icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
"5eac2010-349"
x-served-by
d-03
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
841
expires
Fri, 09 Jul 2021 06:49:32 GMT
image_1043_966_1555492477.jpg
www.gratis-waardebon.com/files/web/freetest/_images/ 		631 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gratis-waardebon.com/files/web/freetest/_images/image_1043_966_1555492477.jpg
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/files/web/freetest/_images/image_1043_966_1555492477.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
last-modified
Wed, 17 Apr 2019 09:14:37 GMT
server
nginx
x-map-context
be
etag
"5cb6ee7d-277"
x-served-by
d-02
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
631
expires
Fri, 09 Jul 2021 06:49:32 GMT
yHZcpGQRFDGiGMExv.js
static.cleverpush.com/channel/loader/ 		171 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/yHZcpGQRFDGiGMExv.js
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43779ab68cf0e9b6e279294b19a313d2d97f321c80ad83502f0205bcf49cfa7c

Request headers

Referer
https://www.gratis-waardebon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21069
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
J0NB8P36YK271NC5
x-amz-id-2
5vFLE062BHCGyAN7oAX9CTTzyUuh4qbvOThsWHQxR0BckNLVKuDxmVaHAlSWRGgMtS8VgjzGFtc=
last-modified
Thu, 08 Jul 2021 00:35:52 GMT
server
cloudflare
etag
W/"28e00fe76c5e4353f6473713b18d0b8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XbhCiHNPnCg1Z95GDbMuliupqIF9EU2am%2Fw74zpYJ9Za0%2BoS%2FaLkgfRdvMmtMPk8sA7kz3T6DXGz5VxqJ2qIscjN0qKN6SllfzZCyG882KWLcjYCDp%2FwRC2X8kkte94guG%2BbZIgZYeXv22%2BLbik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=5356800
cf-ray
66b75f8b8d874a68-FRA
bg-efteling-ntv-BENL.jpg
www.gratis-waardebon.com/_static/_global/_supload/images/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gratis-waardebon.com/_static/_global/_supload/images/bg-efteling-ntv-BENL.jpg
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
60892981862a7325b0d1e6fed84c46d49ce779db4d76fe1cc95ff70d7d773a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_global/_supload/images/bg-efteling-ntv-BENL.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
last-modified
Wed, 18 Sep 2019 13:22:25 GMT
server
nginx
etag
"2639654841"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
193135
expires
Fri, 09 Jul 2021 06:49:32 GMT
nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoI...
www.gratis-waardebon.com/sc/ Frame 3C12 		251 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
669d3f7e5cfa2e875b7fe59256694b8c38ebfdded9ec85f1d6426bbacbe7cda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.gratis-waardebon.com
:scheme
https
:path
/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936

Response headers

server
nginx
date
Thu, 08 Jul 2021 06:49:32 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
be
x-served-by
d-04
content-encoding
gzip
strict-transport-security
max-age=31536000
kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwp...
www.gratis-waardebon.com/sc/ Frame 3B36 		249 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gratis-waardebon.com/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
9479b6869c198e0769bf0f37f7c20568636251754799aa78b3664ca6e6cabbc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.gratis-waardebon.com
:scheme
https
:path
/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gratis-waardebon.com/cgi-bin/wingame.pl?partner_pk=310&wingame_pk=68&freetest_pk=1043&sub_id=2883&sub_id_postback=203896936

Response headers

server
nginx
date
Thu, 08 Jul 2021 06:49:32 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
be
x-served-by
d-01
content-encoding
gzip
strict-transport-security
max-age=31536000
GPjrRWggzGogMiQigsurXlJlpRzogoihkLJykosghwxhOIxikimowyLmGswomiykohixhlylxmjyoImtKmmkHGOLoxgHtjIQozhswIIOMhiLJwhiLrhikyjswgIsMirjggsktgowr
www.gratis-waardebon.com/sc/ Frame 3C12 		79 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gratis-waardebon.com/sc/GPjrRWggzGogMiQigsurXlJlpRzogoihkLJykosghwxhOIxikimowyLmGswomiykohixhlylxmjyoImtKmmkHGOLoxgHtjIQozhswIIOMhiLJwhiLrhikyjswgIsMirjggsktgowr
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/sc/GPjrRWggzGogMiQigsurXlJlpRzogoihkLJykosghwxhOIxikimowyLmGswomiykohixhlylxmjyoImtKmmkHGOLoxgHtjIQozhswIIOMhiLJwhiLrhikyjswgIsMirjggsktgowr
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/sc/nWggrOwihGkgrggKoqxOIxikimowyLhkswoiGRLGgkhgOsNLikmggKoNqokpiQhKkogKxlLhJwwgLJwhiLrhilnTXRgzGoMiRxoyskmLkqwiKzXQnirlggkiwyhsnnkmjirwmvnpzkxssNwssprpLyxihqMntOxmiLhttLGiLzqmwxMlRiyKgKrmthlxwgmikwkoItOgoIqKoxuwNkgyykxqXisljhthMiHQhnoxGlGxhgqxihIiPhGiilzkrQlkrSgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
server
nginx
x-map-context
be
strict-transport-security
max-age=31536000
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
content-length
79
x-served-by
d-01
jnyMkWgowoLgiirkwxyhgPjrRgzGoMiQigsurgzktyLzopssghwwkhiqzRmwgwkmIzGmwXqkwItOgoIqKoxgwNkgKqoxgkqkkIoIkKupiKLJgKKyIzzlikiHGuNLislyiMNzokL
www.gratis-waardebon.com/sc/ Frame 3B36 		79 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gratis-waardebon.com/sc/jnyMkWgowoLgiirkwxyhgPjrRgzGoMiQigsurgzktyLzopssghwwkhiqzRmwgwkmIzGmwXqkwItOgoIqKoxgwNkgKqoxgkqkkIoIkKupiKLJgKKyIzzlikiHGuNLislyiMNzokL
Requested by
Host: www.gratis-waardebon.com
URL: https://www.gratis-waardebon.com/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.114 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/sc/jnyMkWgowoLgiirkwxyhgPjrRgzGoMiQigsurgzktyLzopssghwwkhiqzRmwgwkmIzGmwXqkwItOgoIqKoxgwNkgKqoxgkqkkIoIkKupiKLJgKKyIzzlikiHGuNLislyiMNzokL
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gratis-waardebon.com
referer
https://www.gratis-waardebon.com/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gratis-waardebon.com/sc/kWglzvgilyIgikpGmLgmiPhGiiXkrQlhhgjiGRLGgkhjsGPhGikixOgrOwihGkrggKoQIGwoylOjwowhwQroxihjkopsGqmokjmtoMinoJOqlgjnoqJKkPimwIykkhqkogXmwyKKgjhiKikxlLhJwxmLJwhiLrhilRggwNkxqgrishvKOpsGggwqsolwOOwKglRwpMkthvKGppuqoylohspwkslGmkJgsQuJQpiKLJgKKyIzzlikiHGuNLislyiMNzokx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:49:32 GMT
server
nginx
x-map-context
be
strict-transport-security
max-age=31536000
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
content-length
79
x-served-by
d-03

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| toggle function| loadPro6pp function| loadJsFile function| loadCssFile boolean| page_submitted undefined| field_validator string| current_page undefined| mooli undefined| scroll_position_x function| do_countdown function| bigger_checkbox function| iframe_selector function| open_iframe function| open_layer function| clean_links object| virtual_pages function| initialize_quiz function| add_pop_iframe_closer_events function| setFilledClass function| show_next_page function| show_previous_page function| show_page_by_index object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame string| sponsorlimit string| context boolean| cleverpushId object| CP undefined| dccBts object| CleverPush function| cleverPushInitCallback object| webpackChunk_cleverpush_cleverpush_js_sdk number| __cleverPushSdkLoadCount number| c2 number| c1

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.cleverpush.com/channel/loader/yHZcpGQRFDGiGMExv.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazop.de
bit.ly
firebasestorage.googleapis.com
paujames.com
static.cleverpush.com
www.gratis-waardebon.com
185.3.185.114
2606:4700:20::681a:f1f
2a00:1450:4001:828::200a
34.91.99.156
67.199.248.11
89.163.223.13
028ca1be6f00fdeb2a72e8e3585790236a9f280ac04283c061611d659791752b
0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c
10c6120133820bcc13fa202281b38636418358cbf7da05e502c7dac0fffec853
1aa43975191d08d7b890c8208ec3de5b51e94cf2c7fba936fdc9f792102787ea
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
398915abced02b741f501e9ff8e63f91f992123b068877a6adeee765776c3727
43779ab68cf0e9b6e279294b19a313d2d97f321c80ad83502f0205bcf49cfa7c
60892981862a7325b0d1e6fed84c46d49ce779db4d76fe1cc95ff70d7d773a20
669d3f7e5cfa2e875b7fe59256694b8c38ebfdded9ec85f1d6426bbacbe7cda5
854fff6e7afd9620d7f90a3a395440bf1215e8fcd2ef00fd5706be8b44b0196f
9479b6869c198e0769bf0f37f7c20568636251754799aa78b3664ca6e6cabbc2
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
b3e3ca56fcccc5bcac4930567cd4907e62be8503fb9f27a4cc3a2b178f7122a2
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
e41eab570cc8a5a6f7a4d824b3bc2ffdfc10900ffef68b1aeb85fa0101fb65ac
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
ffdbdc0f7715f3a275305fd54026622c61e931ee4bf1fd4bcd96e35f8430f7d8