urlscan.io logo urlscan.io
SecurityTrails logo

wen-rewards.work Open in urlscan Pro
172.67.132.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wendrop.io/
Effective URL: https://wen-rewards.work/
Submission: On April 09 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 172.67.132.58, located in United States and belongs to CLOUDFLARENET, US. The main domain is wen-rewards.work.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.
This is the only time wen-rewards.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
16 172.67.132.58 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.84.88.66 16509 (AMAZON-02)
19 5
1    2606:4700:3032::6815:2f88 (United States)

ASN13335 (CLOUDFLARENET, US)
wendrop.io
16    172.67.132.58 (United States)

ASN13335 (CLOUDFLARENET, US)
wen-rewards.work
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:f9cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    99.84.88.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-66.muc50.r.cloudfront.net
openfpcdn.io
Apex Domain
Subdomains		 Transfer
16 wen-rewards.work
wen-rewards.work
28 MB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1334
136 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 22084
14 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 746
31 KB
1 wendrop.io
wendrop.io
771 B
19 5
Domain Requested by
16 wen-rewards.work wen-rewards.work
ajax.googleapis.com
2 unpkg.com 1 redirects wen-rewards.work
1 openfpcdn.io wen-rewards.work
1 ajax.googleapis.com wen-rewards.work
1 wendrop.io 1 redirects
19 5

This site contains no links.

Subject Issuer Validity Valid
wen-rewards.work
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wen-rewards.work/
Frame ID: 0EA5FDBF9D632E3375DE1197DA3F5F11
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WEN Airdrop

Page URL History Show full URLs

  1. http://wendrop.io/ HTTP 307
    https://wendrop.io/ HTTP 302
    https://wen-rewards.work/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

28549 kB
Transfer

29152 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wendrop.io/ HTTP 307
    https://wendrop.io/ HTTP 302
    https://wen-rewards.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js HTTP 302
  • https://unpkg.com/@solana/web3.js@1.91.4/lib/index.iife.min.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wen-rewards.work/
Redirect Chain
  • http://wendrop.io/
  • https://wendrop.io/
  • https://wen-rewards.work/
58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17071897dcc85e16a25acf79197deff9f9551fd57273a0cefe13580a1ada1ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87176b570c4877ad-KBP
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 09 Apr 2024 03:30:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCqmfGkhhVxCoe3V5%2BaRRZZV6OzXgMsyPd6aXzs3pOHE0IAG%2BsecQwmHI2hn%2Fpv5i6OB3y%2BG7DuvIahPNDe2ePODIAYYKjT%2Fy6FkftDeOrKycHVlXc3Pasu9xJV%2BiC6oBpFj"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87176b543aa73bc7-WAW
content-type
text/html; charset=utf-8
date
Tue, 09 Apr 2024 03:30:34 GMT
expires
Tue, 09 Apr 2024 03:30:34 GMT
location
https://wen-rewards.work/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B5C0t1%2BiVOsnrIuJ%2FrSUzsFQkpUmyHKYHpfrqQAts3bUjkWFUPYuvlV2hHV975VwY3K%2FpflP%2FgtelkxVtBvJcUz8s73%2FA1E6di6FFcNWdzB%2F83ToD0Q6Ip9RhokPb0Lrlzy%2FavTrPAwv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.292b2c80.css
wen-rewards.work/css/ 		470 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/css/main.292b2c80.css
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef7b7adf7476502d819ff220327060ef4f01e54526d04365c81984d1afce0e2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da8074c1fd11d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4F4HE%2FtF7QZs%2FCqyVCll1TGBBiypPkuaNY2l%2FVoaEgmJ8wZhuQFxsE3ggzGnQ4Vt1GOmeL8W2khnBoH0YFme5QOTJNpTEPR5I19RMJfHImxauimW84hXsPGdD7eeAbDKdUN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87176b57de2b77ad-KBP
alt-svc
h3=":443"; ma=86400
main-2.1.4-Tailwind.css
wen-rewards.work/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/css/main-2.1.4-Tailwind.css
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab3c1ddcb2af20b6632a66750f1a780ba04262329bb44790a77458b6de720dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da8074c295dfd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlQ0T1vPSjB6YX8yDqZrvrFf7Y4ti9XZIWGIL5eatWLwhz2mk3Eqm7WFrthfr%2BTowOqEPcIL8iEqrHdtYIJZGPtQsGSi2WI0DkWhWEJQ8hQb7S5fYmTTW7%2B6sDf3rprZzDAT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87176b57de2d77ad-KBP
alt-svc
h3=":443"; ma=86400
scoped-preflight.css
wen-rewards.work/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/css/scoped-preflight.css
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e15d8c3d91f95b3891661e5c17f8047488f3b50f4ebf59444e116b89660e40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da8074c295b494"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F07NLcNwEWgO0gBJitPxMx7hIkEzcw9dt49VQ62R%2FyX5bOvbvLtw%2Brse6mqn%2FlgOrf%2F23wbEhJGvREjFwM5u96W89PswOottEW2dTB7NkSNpdJDiqdsWQ54VS6xLZC4eQJED"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87176b57de2f77ad-KBP
alt-svc
h3=":443"; ma=86400
main-2.1.4-Jupiter.css
wen-rewards.work/css/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/css/main-2.1.4-Jupiter.css
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9fa584d7ff91d5122967e6e4adf64a6eedafbeaec5c7b17b3b4398f8b3066f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da8074c295de6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbrtLm4jAMNk33JNPaiGbuX2wYJlxYTcdT63CYn85zTKZEm1qOYaZnvjGmMpSICdEtNDWpdZNRB6IC1AQwzPcSPYe8ZXpVC%2B919j%2Fz3iZq1nl46rzg9t7h4ZNxRzgPI%2Bdh6K"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87176b57de3277ad-KBP
alt-svc
h3=":443"; ma=86400
wen_head.png
wen-rewards.work/images/ 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wen-rewards.work/images/wen_head.png
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf17390416cdcdbd2d99c143a4b2175309f1cdbfbc35586a26cfb40e3743389

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1da8074c32ab562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA4v0ejp%2Fib3znQW8LYPJ2VDHkSF%2B36GAcqxbq5CfCMcmueMbmTv1MEmj6gIQOEcmixK0uVfwXgYdKALBbFiuBagftVwN0kpaDMS9bHmZu68gQ9Pog4QQh3cwtILSsu4ah6b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87176b57fe6a77ad-KBP
alt-svc
h3=":443"; ma=86400
content-length
297058
long_wen.png
wen-rewards.work/images/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wen-rewards.work/images/long_wen.png
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb9c2702c95469402875ff651791f9ddbb265838a090ed7fdbd823bf7139436

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 18:29:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1da8074c32ab9c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojzHY4hYQZTb4w8mFasslhj5pKjh5SLD137TgiVTchczYEwyJwqH5cF3I%2F3YfxBPNsTNNpFjbPIntb2MIi8ag9muXnFIcbYb%2FPcM5z%2BXGKAGyFcdrRVVqfrbVHwyBPwsFRZr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87176b57fe6f77ad-KBP
alt-svc
h3=":443"; ma=86400
content-length
296137
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0568a024a8290d744ee7a548839ab9db336357a3fe1b8efcd881d8da1e57013

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adf32634803a331907c3bf5fdfdbca5934db2f1060bee56b3e2c507c621ae02

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
queue.gif
wen-rewards.work/images/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wen-rewards.work/images/queue.gif
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75298f0c0f19692b9a79eff86719d4f2222ad731fb834129d3a95264840e694b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 18 Mar 2024 15:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1da79463892e28d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rr%2BlEaOVIa91Vw79RpZEYswBZvDDyXKPZNMMpaFf4MhDEyuk6rrWOiX2M%2FOo4Nxb6uoKML2a5EMB%2FH1n1m3PL1i4jUuYsg383EL8o9i4EE578faEBbzraOAiGqL93v%2FWlltR"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87176b583ec077ad-KBP
alt-svc
h3=":443"; ma=86400
content-length
7784717
squeue.gif
wen-rewards.work/images/ 		20 MB
20 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wen-rewards.work/images/squeue.gif
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b47351ae7077e4e44ba34fe4f4b08ddd0a6a6e8dab3d3d2e3df972bedb47df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 31 Mar 2024 20:49:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1da83acf8ed178b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64ffkAsmhMpVXk72EDF%2FvPV3R3HV%2BxcxQ1bOb7PnECS3%2FfY24raEmM1rBU2Cfns7JgXmQy%2FX%2BsA2mI9kaVAx89CFei3b0FEg1RoYmJln%2BPdZ1AxsgdLAlqKYmHtX95YDOZl9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87176b583ec377ad-KBP
alt-svc
h3=":443"; ma=86400
content-length
20502027
loading.gif
wen-rewards.work/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wen-rewards.work/images/loading.gif
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43dfc1418f3b706abec1acaf2343a72f1d6c29f4ea3492a971a6a2d8eff2f689

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Apr 2024 13:47:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1da85cd81009a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EW1fktk%2F88Hdi1b%2F1irH1sJDtbvhevg3g3P8bst27nJIUiXTWH5eTULVWI9Sn1PB0FUkk7Ss02KSjDVuSXl6NgQ1Vot4PsSs6d2d8FwpW0iy8QdzJzYUARXX0yAwhK%2Flk1JI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87176b583ec477ad-KBP
alt-svc
h3=":443"; ma=86400
content-length
72232
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:31:17 GMT
index.iife.min.js
unpkg.com/@solana/web3.js@1.91.4/lib/
Redirect Chain
  • https://unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js
  • https://unpkg.com/@solana/web3.js@1.91.4/lib/index.iife.min.js
458 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@solana/web3.js@1.91.4/lib/index.iife.min.js
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H2
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877bc75a5ed0cd463982119393a121e41af04ae2e895163af4c28399b0f9467e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://wen-rewards.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 03:30:35 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
453240
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HTJY8WDQ3QCT6NQ66J57681Y-arn
server
cloudflare
etag
"728ee-AnU4CBhSdwIwlaoTYtJva7p6TMg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87176b5cbbf68d68-HEL

Redirect headers

date
Tue, 09 Apr 2024 03:30:35 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
EXPIRED
fly-request-id
01HV0EGMV91NZAYFVM9KR3K4X2-arn
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@solana/web3.js@1.91.4/lib/index.iife.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
87176b588b0a8d68-HEL
iife.min.js
openfpcdn.io/fingerprintjs/v3/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3/iife.min.js
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-66.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c0bb57bba1fafcb2dd46631077d28821b1fcca5df19a2715e2c4c720a357331a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 01:10:38 GMT
via
1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
8737
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"g0lRX7PXaA0LE6QJtkW/65jQkNA"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=588207, s-maxage=10930
x-amz-cf-id
sOH5ij70gkq3otWjChSSLj-3qcJcDtaaR4bq3y6RyBf8Q89_J-a71Q==
browser.js
wen-rewards.work/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/js/browser.js
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b72430d8f34c40d5ce5c80660bff1847f3b71c55d86f13e6709a5117aae2278

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Feb 2024 21:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da5a0b725256e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ajot2WJogX4gZ7dVfRdlAs%2F0VDr6VFp3rfntGOIX0EZ7Q2%2B7qxA%2FbRWvd5OqH4ydXwY4g5C%2BM20QUkHaBnaiYPq9UJJgvNWOLTSN3jDX%2FZ4MBg91kpkQzTM%2FE28yux06TScE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87176b583ec677ad-KBP
alt-svc
h3=":443"; ma=86400
favicon.ico
wen-rewards.work/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508dbaff5559ca74e8a4dfb50464ef1380026069de56facbbfca981d628717d1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wen-rewards.work/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Mar 2024 21:03:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da808a40b0442e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfp7negfArCGgMElsRYJ0kG1wnEHXzMoCXwMjCB%2Fa%2FC1seb4Ph%2BVG6PU0ZH%2BNU0YN1JedKKuJ9FnhS9rpdLDAD8aia0VEMG1Rbie2n9t0tb8z48zILuoIJ3dZ92LE%2FDCTYcu"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
87176b677c3c77ad-KBP
alt-svc
h3=":443"; ma=86400
GetData
wen-rewards.work/api/ 		144 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/api/GetData
Requested by
Host: wen-rewards.work
URL: https://wen-rewards.work/js/browser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d9e9747966f26887f8162352d062eb4398ab9ef796c4ee81b1e0372952c9e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
Referer
https://wen-rewards.work/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9cBQb4MCUpUwY2pI%2F7%2F0a3Myl4TmqnH%2F2nUIJZSc%2B9%2F6KBS%2FKT8vrhqxvtsW5nWlWoTkqQPTSQvHOrK%2BwzHF3vuVjjhK2VdvTDX88i%2F8Um5xSCx8d8qNxWlvJBV2pgOvV6t"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
87176b679c7577ad-KBP
alt-svc
h3=":443"; ma=86400
devtools-detector.js
wen-rewards.work/js/ 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/js/devtools-detector.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f03381d7802bd2a3d8683b41681f34da1e449e983f9a74894b8658b56f62ad52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wen-rewards.work/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Jul 2023 15:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d9b4d6f1fce374"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXTGH4dvqSBlqpzG4twr12eHXlF0h7h5UjfYjdEfHfLtKxYn78cTR3wvtDOr%2BboOrvpIaXUnDCgZQ1qoMASzJbOI7BKKdAArYGR9raqdD898XdMBrjxOryXE8z80y9eak2Ct"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87176b683da177ad-KBP
alt-svc
h3=":443"; ma=86400
notify.min.js
wen-rewards.work/js/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/js/notify.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23efbfd67a8f05a7e077879326c0bfd8db30cca53baec92cec4bd4c03b43104a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wen-rewards.work/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Jul 2022 07:13:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d8975141d404d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbHFaMNgoze9obTeSJIJKMnd3KGlP7slRo%2F4k8JH1H03dcpEk44o94LWEi%2BolPnBgoJFIHPo0AHE15%2BWRpPY38CdKJLgfTIox51bGv5YBG8dMF1h62stH9UWFNxubDZcxdnF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87176b691f8677ad-KBP
alt-svc
h3=":443"; ma=86400
mint.js
wen-rewards.work/js/ 		105 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wen-rewards.work/js/mint.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5448c217abca98991f11ea8450ac59630830b267f3fa2ac7ad201ddf60d2ea5b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wen-rewards.work/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 03:30:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Apr 2024 18:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1da85f2ea46182a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qV%2F31hBYwZdwt7THpwIGntJU%2FPcoa1oUQeTX1HMWxjyUWcGM%2B4A0LsF8p%2F0fcLARqb2HWTqaIrfCAp3DKarTNXDdKSCHs398mlK8RugvmgCmUm7nJbrvfOIa9bq%2F5SWC4jus"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87176b69c8ed77ad-KBP
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| client function| $ function| jQuery object| solanaWeb3 object| regeneratorRuntime object| FingerprintJS function| _0x1eca object| fpPromise function| _0x20a888 function| _0x43627c function| _0x584d function| sendData object| devtoolsDetector function| _0x46f2 function| _0x36d1 function| _0x31746e function| _0x219347

2 Cookies

Domain/Path Name / Value
wendrop.io/ Name: _subid
Value: 28ehnpk4l0p
wendrop.io/ Name: 2bba7
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM2XCI6MTcxMjYzMzQzNH0sXCJjYW1wYWlnbnNcIjp7XCIxMVwiOjE3MTI2MzM0MzR9LFwidGltZVwiOjE3MTI2MzM0MzR9In0.NWJ8hMhgAI8ASp2lF6Legm6_LTWKVQW7_3K5VNulKew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
openfpcdn.io
unpkg.com
wen-rewards.work
wendrop.io
172.67.132.58
2606:4700:3032::6815:2f88
2606:4700::6811:f9cb
2a00:1450:4001:806::200a
99.84.88.66
23efbfd67a8f05a7e077879326c0bfd8db30cca53baec92cec4bd4c03b43104a
43d9e9747966f26887f8162352d062eb4398ab9ef796c4ee81b1e0372952c9e6
43dfc1418f3b706abec1acaf2343a72f1d6c29f4ea3492a971a6a2d8eff2f689
4adf32634803a331907c3bf5fdfdbca5934db2f1060bee56b3e2c507c621ae02
508dbaff5559ca74e8a4dfb50464ef1380026069de56facbbfca981d628717d1
5448c217abca98991f11ea8450ac59630830b267f3fa2ac7ad201ddf60d2ea5b
6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1
75298f0c0f19692b9a79eff86719d4f2222ad731fb834129d3a95264840e694b
877bc75a5ed0cd463982119393a121e41af04ae2e895163af4c28399b0f9467e
8ab3c1ddcb2af20b6632a66750f1a780ba04262329bb44790a77458b6de720dc
8ef7b7adf7476502d819ff220327060ef4f01e54526d04365c81984d1afce0e2
9b72430d8f34c40d5ce5c80660bff1847f3b71c55d86f13e6709a5117aae2278
a17071897dcc85e16a25acf79197deff9f9551fd57273a0cefe13580a1ada1ad
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b3e15d8c3d91f95b3891661e5c17f8047488f3b50f4ebf59444e116b89660e40
c0bb57bba1fafcb2dd46631077d28821b1fcca5df19a2715e2c4c720a357331a
ca9fa584d7ff91d5122967e6e4adf64a6eedafbeaec5c7b17b3b4398f8b3066f
ccf17390416cdcdbd2d99c143a4b2175309f1cdbfbc35586a26cfb40e3743389
e0b47351ae7077e4e44ba34fe4f4b08ddd0a6a6e8dab3d3d2e3df972bedb47df
f03381d7802bd2a3d8683b41681f34da1e449e983f9a74894b8658b56f62ad52
f0568a024a8290d744ee7a548839ab9db336357a3fe1b8efcd881d8da1e57013
fbb9c2702c95469402875ff651791f9ddbb265838a090ed7fdbd823bf7139436