urlscan.io logo urlscan.io
SecurityTrails logo

gdin.info Open in urlscan Pro
162.244.82.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gdin.info/
Effective URL: https://gdin.info/
Submission Tags: tranco_l324
Submission: On May 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 27 HTTP transactions. The main IP is 162.244.82.66, located in United States and belongs to SERVERROOM, US. The main domain is gdin.info.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 19th 2024. Valid for: 3 months.
This is the only time gdin.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    162.244.82.66 (United States)

ASN19624 (SERVERROOM, US)
PTR: cliquebanner.com
gdin.info
www.cliquebanner.com
3    162.244.82.65 (United States)

ASN19624 (SERVERROOM, US)
PTR: gedan.com.br
noticias.gedan.com.br
aumentatrafego.gedan.com.br
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    162.19.58.160 (France)

ASN16276 (OVH, FR)
PTR: ns3096649.ip-162-19-58.eu
i.ibb.co
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
12 gdin.info
gdin.info
35 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
123 KB
3 gedan.com.br
noticias.gedan.com.br
aumentatrafego.gedan.com.br
4 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 cliquebanner.com
www.cliquebanner.com
3 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
191 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 10971
22 KB
27 8
Domain Requested by
12 gdin.info gdin.info
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com gdin.info
2 www.cliquebanner.com gdin.info
www.cliquebanner.com
2 pagead2.googlesyndication.com gdin.info
pagead2.googlesyndication.com
2 noticias.gedan.com.br gdin.info
1 fonts.googleapis.com
1 i.ibb.co gdin.info
1 aumentatrafego.gedan.com.br gdin.info
27 9
Subject Issuer Validity Valid
gdin.info
ZeroSSL RSA Domain Secure Site CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
noticias.gedan.com.br
ZeroSSL RSA Domain Secure Site CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cliquebanner.com
ZeroSSL RSA Domain Secure Site CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
aumentatrafego.gedan.com.br
ZeroSSL RSA Domain Secure Site CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
ibb.co
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gdin.info/
Frame ID: 0F489D369894AEFBDCFEE080B7D00AEA
Requests: 26 HTTP requests in this frame

Frame: https://noticias.gedan.com.br/sites.php?P=H&Estilo=gdin.info/classe.css
Frame ID: F0438A8666FEA46F3B226E110E811421
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

gdin Link Pago Ganhe dinheiro com seus links

Page URL History Show full URLs

  1. http://gdin.info/ HTTP 307
    https://gdin.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

557 kB
Transfer

1492 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gdin.info/ HTTP 307
    https://gdin.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gdin.info/
Redirect Chain
  • http://gdin.info/
  • https://gdin.info/
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
52e681371563b594182a41d1619392c8efda8cc3917249d72857380a47c149d1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
date
Fri, 24 May 2024 07:07:00 GMT
server
Apache/2.4.58 (IUS)
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
x-powered-by
PHP/5.6.40
x-supported-by
KloxoNG
x-xss-protection
1;mode=block

Redirect headers

Location
https://gdin.info/
Non-Authoritative-Reason
HttpsUpgrades
default.css
gdin.info/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdin.info/default.css?12
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
281e527ba403fb0a2f854d1b6627336f0ffde5df89fc3929d005e83adcb43744
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Aug 2021 01:17:32 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"1803-5ca5803b9e300"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
6147
x-xss-protection
1;mode=block
dolares.gif
gdin.info/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/dolares.gif
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
e065ced7f51680da9b7dc4599273ecabe5554072f8ce05ebaca2894007869d6a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Oct 2008 23:11:12 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"1a89-458c6083fa400"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
6793
x-xss-protection
1;mode=block
aleatorioGDINS.php
noticias.gedan.com.br/ 		856 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noticias.gedan.com.br/aleatorioGDINS.php
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
860cd2a616d2e68b25e0cd19f4ca7ea52ef4c8b44bbb7f452db3c38c1d53dfa3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
x-powered-by
PHP/5.6.40
content-type
text/javascript;charset=ISO-8859-1
access-control-allow-origin
*
x-xss-protection
1;mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e2e867b524652b40aadfb23b6dd84ab8f36ff912b56e7f7e48dce640c4910a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:07:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51389
x-xss-protection
0
server
cafe
etag
17125024635455280341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 24 May 2024 07:07:00 GMT
mostrag.cgi
www.cliquebanner.com/cgi-bin/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cliquebanner.com/cgi-bin/mostrag.cgi?conta30=click1
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
19eb23c0529b7f4d8ac9cb890671396800d885e8210c16642da14dc1c5a3a419
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
content-type
text/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
redir.php
aumentatrafego.gedan.com.br/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aumentatrafego.gedan.com.br/redir.php?usuario=joseant&Q=2
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
6cf0588d37b919083ab119982f22ea69108f6b28177eaeb7b707f7cfa2cfdeee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
x-powered-by
PHP/5.6.40
content-type
text/javascript;charset=ISO-8859-1
access-control-allow-origin
*
x-xss-protection
1;mode=block
img01.gif
gdin.info/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img01.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
6744189383f40d114701abdf3eaf78a049ffd7ca659bae9300f18890a8910ddd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:44 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"e28-454625c9a8000"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
3624
x-xss-protection
1;mode=block
img02.gif
gdin.info/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img02.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
3a6ef9587e76df8a8992322ad67d8dcbef2ade6099f352d950b32e9f407f5e14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Jul 2009 16:07:10 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"1128-46f9e079ba780"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
4392
x-xss-protection
1;mode=block
img04.jpg
gdin.info/images/ 		429 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img04.jpg
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
7e4e6a084ecc89216426179653392637cdf783842cdc740b0b18c3097d01d24c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:50 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"1ad-454625cf60d80"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
429
x-xss-protection
1;mode=block
img03.jpg
gdin.info/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img03.jpg
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
67ce9cbd25a14aa6b54b8d897c737b209f70d1cae26d395f98751beee017ceaf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:50 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"431-454625cf60d80"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
1073
x-xss-protection
1;mode=block
img09.gif
gdin.info/images/ 		72 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img09.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
87edcdbec1bdee050eecc753f8caccbae2dde652b1f65146b22be705280c0a4f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:56 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"48-454625d519b00"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
72
x-xss-protection
1;mode=block
img08.gif
gdin.info/images/ 		70 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img08.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
7049c6ffa04d4dc17977b4e18d5cd402c9136012387bdc104c379e7c43335f92
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:52 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"46-454625d149200"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
70
x-xss-protection
1;mode=block
li.gif
gdin.info/images/ 		114 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/li.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
16873698adb6741d3d6529e82e298ad2833581608fceb72dfd094ea2568b934a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Apr 2008 11:13:00 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"72-44a468cf6e700"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
114
x-xss-protection
1;mode=block
sites.php
noticias.gedan.com.br/ Frame F043 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://noticias.gedan.com.br/sites.php?P=H&Estilo=gdin.info/classe.css
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gdin.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
date
Fri, 24 May 2024 07:07:01 GMT
server
Apache/2.4.58 (IUS)
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
x-powered-by
PHP/5.6.40
x-supported-by
KloxoNG
x-xss-protection
1;mode=block
img05.gif
gdin.info/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdin.info/images/img05.gif
Requested by
Host: gdin.info
URL: https://gdin.info/default.css?12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
705111d10bfa40d9376bc74a12e110045ea8f0867dadcc0a6e335cbc8ce5e08c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/default.css?12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Aug 2008 02:35:50 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"7c7-454625cf60d80"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
1991
x-xss-protection
1;mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/ 		416 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=gdin.info&aplac=true&bust=31083881
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9c5ea1fc32eae14fe16ab4428b6bed9f1dbd81c20dda9783bec824c4f4d8044c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:07:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143884
x-xss-protection
0
server
cafe
etag
18039112626653144468
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 May 2024 07:07:00 GMT
popdhtml.php
www.cliquebanner.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cliquebanner.com/popdhtml.php?usuario=click1&Catac=Sporn&Categoria=Int&Apop=sim
Requested by
Host: www.cliquebanner.com
URL: https://www.cliquebanner.com/cgi-bin/mostrag.cgi?conta30=click1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
d0f5cea8ce2b58f32967bffd8be6d2fab0278e8a297fac3295ed229358405fb8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:00 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
x-powered-by
PHP/5.6.40
content-type
text/javascript;charset=ISO-8859-1
access-control-allow-origin
*
x-xss-protection
1;mode=block
veja-o-jogo-de-futebol-ao-vivo.jpg
i.ibb.co/kxN3LTL/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/kxN3LTL/veja-o-jogo-de-futebol-ao-vivo.jpg
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096649.ip-162-19-58.eu
Software
nginx /
Resource Hash
02bbf73dd0faea3c3c483f4ae76f5e9343e9bea03b7e225a377cc16d42828357

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:07:01 GMT
last-modified
Mon, 29 Apr 2024 13:03:22 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
22391
expires
Thu, 31 Dec 2037 23:55:55 GMT
ca-pub-8500587267418417
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8500587267418417?href=https%3A%2F%2Fgdin.info&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=gdin.info&aplac=true&bust=31083881
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5dc8b13109e4ee0d46987907e8179e9815206450c5527cd7cd3e3dd214981b23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bMVEOifeUL3S3qUJ9Odkjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:07:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-bMVEOifeUL3S3qUJ9Odkjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQt3--wDoTiIV4OKb-PLCJTWDG4n_PGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEyNjPQMjOILDADzNTc9"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUaijJXpv981gxJx7zkprWIUpmEFEUNGcjRgPuTkB6VS8P_u0RRaCXGQoHjLPnan9tZoOj0GrWZHWO5QIiIgF2uVbA_rPC5IDOE7MBNh8p2Fs9uXrdwgnF0pAEoMs2-SQ4pfzGcqg==
fundingchoicesmessages.google.com/f/ 		401 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUaijJXpv981gxJx7zkprWIUpmEFEUNGcjRgPuTkB6VS8P_u0RRaCXGQoHjLPnan9tZoOj0GrWZHWO5QIiIgF2uVbA_rPC5IDOE7MBNh8p2Fs9uXrdwgnF0pAEoMs2-SQ4pfzGcqg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NTM0NDIxLDYyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZGluLmluZm8vIixudWxsLFtbOCwicTl0bkl5SW14Q2siXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/am=AgM/d=1/rs=AJlcJMxkkNvgKBbuz5NvUu_twxCDXIVPmQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
603d410b1d4075cfd7fce69212decf1aa02b99008b087b802e0c034ac3b747bb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u4Pra1oYpiJSSpVu7MOlGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:07:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u4Pra1oYpiJSSpVu7MOlGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1JBiOHHrNtMFID7vdIfpOhAbaDxnsgBiia8vmbSAOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAnPTvPGsJELd_vsA6E4iFeDim_jywiU2g4VTDZSYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwNTIyM9A6P4AgMAh-k7yw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzKmT9gZmrjR-96xHhKNytAbq6lww/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 07:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 07:07:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 07:07:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Origin
https://gdin.info
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
281768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: gdin.info
URL: https://gdin.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Origin
https://gdin.info
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:40:16 GMT
x-content-type-options
nosniff
age
102405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:40:16 GMT
AGSKWxUEA3gH8QwEfrmr5fPvH8h7f6ryAUozR-nOBV-J4HpqN05sxaqo0zCpr26PC2CUHd9L6CEfOT4JX7-sYa_s8259U0ZvhI7WQc8cB9Q31Ax6GfJYW_RXVEixTglRpLsW8blGlcw2IQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUEA3gH8QwEfrmr5fPvH8h7f6ryAUozR-nOBV-J4HpqN05sxaqo0zCpr26PC2CUHd9L6CEfOT4JX7-sYa_s8259U0ZvhI7WQc8cB9Q31Ax6GfJYW_RXVEixTglRpLsW8blGlcw2IQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/am=AgM/d=1/rs=AJlcJMxkkNvgKBbuz5NvUu_twxCDXIVPmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5-YArwZHNGNYpYtfiTAKWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 07:07:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-5-YArwZHNGNYpYtfiTAKWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HFN_HtjEJrDj3LxrzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUyEjPwCS-wAAA1KEi6g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gdin.info
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUEA3gH8QwEfrmr5fPvH8h7f6ryAUozR-nOBV-J4HpqN05sxaqo0zCpr26PC2CUHd9L6CEfOT4JX7-sYa_s8259U0ZvhI7WQc8cB9Q31Ax6GfJYW_RXVEixTglRpLsW8blGlcw2IQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUEA3gH8QwEfrmr5fPvH8h7f6ryAUozR-nOBV-J4HpqN05sxaqo0zCpr26PC2CUHd9L6CEfOT4JX7-sYa_s8259U0ZvhI7WQc8cB9Q31Ax6GfJYW_RXVEixTglRpLsW8blGlcw2IQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/am=AgM/d=1/rs=AJlcJMxkkNvgKBbuz5NvUu_twxCDXIVPmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YlGhx6oxrHBkPAJ7kdyIfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 07:07:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YlGhx6oxrHBkPAJ7kdyIfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxEI8HFN_HtjEJvCgb-E1ZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKRnYBJfYAAAyvQiyw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gdin.info
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
gdin.info/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gdin.info/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.66 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
cliquebanner.com
Software
Apache/2.4.58 (IUS) /
Resource Hash
b748eaa0a9dcf0cc66b0278bf12fb322219948df211d89bafba40b75042fc59f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gdin.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Fri, 24 May 2024 07:07:02 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
content-length
2059
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| TEXTO object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint string| BannCBKLx string| loccb string| banncb string| bannererr object| expdate string| URLcb number| TempoCBpro string| URLdestCB function| inicevtfzcb function| cookieSetCB function| cookieReadCB function| mudalksfzcb function| vaiURLnwfzcb number| aCBE number| TempoATRpro string| URLdestATR string| QIGCat function| inicevtfzATR function| cookieSetATR function| cookieReadATR function| mudalksfzATR function| vaiURLnwfzATR function| getCookieATR object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGMwMTMzMTkyNjQzNWQ1MmxvYWRlcl9qcw== string| NGMwMTMzMTkyNjQzNWQ1MmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| lidjjx

1 Cookies

Domain/Path Name / Value
gdin.info/ Name: PopUpCB2
Value: POP

4 Console Messages

Source Level URL
Text
javascript warning URL: https://www.cliquebanner.com/cgi-bin/mostrag.cgi?conta30=click1(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.cliquebanner.com/popdhtml.php?usuario=click1&Catac=Sporn&Categoria=Int&Apop=sim, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.cliquebanner.com/cgi-bin/mostrag.cgi?conta30=click1(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.cliquebanner.com/popdhtml.php?usuario=click1&Catac=Sporn&Categoria=Int&Apop=sim, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation verbose URL: https://gdin.info/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://gdin.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aumentatrafego.gedan.com.br
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gdin.info
i.ibb.co
noticias.gedan.com.br
pagead2.googlesyndication.com
www.cliquebanner.com
142.250.185.130
142.250.186.142
162.19.58.160
162.244.82.65
162.244.82.66
2a00:1450:4001:806::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
02bbf73dd0faea3c3c483f4ae76f5e9343e9bea03b7e225a377cc16d42828357
16873698adb6741d3d6529e82e298ad2833581608fceb72dfd094ea2568b934a
19eb23c0529b7f4d8ac9cb890671396800d885e8210c16642da14dc1c5a3a419
281e527ba403fb0a2f854d1b6627336f0ffde5df89fc3929d005e83adcb43744
3a6ef9587e76df8a8992322ad67d8dcbef2ade6099f352d950b32e9f407f5e14
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
52e681371563b594182a41d1619392c8efda8cc3917249d72857380a47c149d1
5dc8b13109e4ee0d46987907e8179e9815206450c5527cd7cd3e3dd214981b23
603d410b1d4075cfd7fce69212decf1aa02b99008b087b802e0c034ac3b747bb
6744189383f40d114701abdf3eaf78a049ffd7ca659bae9300f18890a8910ddd
67ce9cbd25a14aa6b54b8d897c737b209f70d1cae26d395f98751beee017ceaf
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
6cf0588d37b919083ab119982f22ea69108f6b28177eaeb7b707f7cfa2cfdeee
7049c6ffa04d4dc17977b4e18d5cd402c9136012387bdc104c379e7c43335f92
705111d10bfa40d9376bc74a12e110045ea8f0867dadcc0a6e335cbc8ce5e08c
7e4e6a084ecc89216426179653392637cdf783842cdc740b0b18c3097d01d24c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
860cd2a616d2e68b25e0cd19f4ca7ea52ef4c8b44bbb7f452db3c38c1d53dfa3
87edcdbec1bdee050eecc753f8caccbae2dde652b1f65146b22be705280c0a4f
9c5ea1fc32eae14fe16ab4428b6bed9f1dbd81c20dda9783bec824c4f4d8044c
b748eaa0a9dcf0cc66b0278bf12fb322219948df211d89bafba40b75042fc59f
d0f5cea8ce2b58f32967bffd8be6d2fab0278e8a297fac3295ed229358405fb8
e065ced7f51680da9b7dc4599273ecabe5554072f8ce05ebaca2894007869d6a
e2e867b524652b40aadfb23b6dd84ab8f36ff912b56e7f7e48dce640c4910a2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855