urlscan.io logo urlscan.io
SecurityTrails logo

9.gamalanding.com Open in urlscan Pro
104.21.16.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pop5sjhspear.com/1797194/
Effective URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Submission: On November 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 35 HTTP transactions. The main IP is 104.21.16.220, located in and belongs to CLOUDFLARENET, US. The main domain is 9.gamalanding.com.
TLS certificate: Issued by E1 on October 13th 2023. Valid for: 3 months.
This is the only time 9.gamalanding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 212.117.190.201 7979 (SERVERS-COM)
2 193.200.65.61 6681 (GIVEME-CLOUD)
1 1 193.200.64.30 6681 (GIVEME-CLOUD)
1 1 172.67.184.172 13335 (CLOUDFLAR...)
25 104.21.16.220 13335 (CLOUDFLAR...)
1 172.217.18.104 15169 (GOOGLE)
3 188.114.96.3 13335 (CLOUDFLAR...)
35 5
4    212.117.190.201 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
pop5sjhspear.com
2    193.200.65.61 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
popvalcom.com
1    193.200.64.30 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cpabeta.com
alanwaketor.com
1    172.67.184.172 (United States)

ASN13335 (CLOUDFLARENET, US)
colorful-road-three.com
25    104.21.16.220 (None, )

ASN13335 (CLOUDFLARENET, US)
9.gamalanding.com
1    172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f8.1e100.net
www.googletagmanager.com
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
posthog-cat.com
Apex Domain
Subdomains		 Transfer
25 gamalanding.com
9.gamalanding.com
2 MB
4 pop5sjhspear.com
pop5sjhspear.com
24 KB
3 posthog-cat.com
posthog-cat.com
38 KB
2 popvalcom.com
popvalcom.com — Cisco Umbrella Rank: 314320
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
45 KB
1 colorful-road-three.com
colorful-road-three.com
623 B
1 alanwaketor.com
alanwaketor.com
529 B
35 7
Domain Requested by
25 9.gamalanding.com popvalcom.com
9.gamalanding.com
4 pop5sjhspear.com pop5sjhspear.com
3 posthog-cat.com pop5sjhspear.com
posthog-cat.com
2 popvalcom.com pop5sjhspear.com
popvalcom.com
1 www.googletagmanager.com 9.gamalanding.com
1 colorful-road-three.com 1 redirects
1 alanwaketor.com 1 redirects
35 7

This site contains links to these domains. Also see Links.

Domain
land.see2gama.com
Subject Issuer Validity Valid

Buypass Class 2 CA 5		 2023-10-29 -
2024-04-26		 6 months crt.sh
popvalcom.com
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
gamalanding.com
E1		 2023-10-13 -
2024-01-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
posthog-cat.com
E1		 2023-10-12 -
2024-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Frame ID: 81943554BD3307D81AB7C0270CA41260
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gama

Page URL History Show full URLs

  1. https://pop5sjhspear.com/1797194/ Page URL
  2. https://pop5sjhspear.com/?r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXi... Page URL
  3. https://popvalcom.com/bens/vinos.js?24189&mode=redir&subsite=1797194 Page URL
  4. https://popvalcom.com/clicks/MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0M... Page URL
  5. http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15407&subid_5=1797194&c... HTTP 302
    https://colorful-road-three.com/de610bbd5?ClickID=5288338971700623242&WebID=410_15407 HTTP 302
    https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

4
Countries

1675 kB
Transfer

1881 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pop5sjhspear.com/1797194/ Page URL
  2. https://pop5sjhspear.com/?r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXiUhRHVJNYSCf02gwn2eEUb5JsU2vnXKpsTJtS5QIgVI0qvhXAH_eO7w16GAVQ6U4w2CKMAT1lFl30c2MPPSnMgDI2_IzppHUB1gN25zZU6CnDt-3J7japtjY2URHVPe2csoTFqhkWAFCYDGsZDciN18AUKk8meQZabqLS2Bxz4ke7aroyyDwlaSueV_kpKWjhfk0N-0dcnA0X_W6f1Uq7k-vvAVUEdpMpaTnS6Wvmyipw5TybY7kRc9nWktLdrFlEQL_IHSjJ_qxdLBDfba366QBCf1qbU0QeHgeNOCpqNws5M94cNPJdDepy0m1ePJGspoB4FfLNr4SQC1hZKbqIZsjcZ2iXUdn9sgMS-V9ILiruOtsOtaMNEA9e1NO0GYMivnX_jPWRNLbPu20cdCULIhIntGv70nAHGGUaGE810uotpiEbWEyWRzli2d7SWfaoCDY0VQegAhwZPo8g2e1mXz6ueP5tmzhV8v01lIGKN0OfiLwW89fi564p-jo0mid7cKgL-BnJAKRRTdSj-Gqt6B1I6geD4CVgmQnygokjxgbNu_BYy3S95sXZ_kHeSzygRDZ7lW8OJHpMGyAeBqfQr0rVi4CwlTHKI60Lqf_XAbUmO6oYA1-IBWdbGXgMLJyZ7rit9WaP1zAWPx0Cz5WgVz2_Fkb0lH7Hd5pH0ETgEh_GYAmE2hvKX9gaXe22EGUDk30rqUkEi4DzBv4xZSMkuep8m-Hmi3kkfX-XfypHhnfiGcV1uLcWnnW39G6IBLiSWutaHPQSU2n81VGht-RcHSfNfGShFTeP6Ng4rmhZhboL3uRzCvBcb9PXgy-KV9-kZ6X6EROL2IHMXcBjS6dIWIQ7K1aymgdpmjRpEnR4OmIBv-Rp22PgcwmuGJH_6Uge_b1mktrbUAmIozjlqbhFDK8=&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=955876974866432&eclog=0&sp=1&im=1&pload=484&rlp=%5B0%2C0%2C78.70000457763672%2C73.30000305175781%2C3.0999908447265625%2C192.1999969482422%2C77.99999237060547%2C49%5D Page URL
  3. https://popvalcom.com/bens/vinos.js?24189&mode=redir&subsite=1797194 Page URL
  4. https://popvalcom.com/clicks/MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0MjJiOGRjMzQyNjMwMzgzMDk2ZGZkY2VlNGEwXjA2LjExLjIyLjIwMjM=?&subid=1797194 Page URL
  5. http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15407&subid_5=1797194&click_id=24189_279873_7_5_s31_1797194 HTTP 302
    https://colorful-road-three.com/de610bbd5?ClickID=5288338971700623242&WebID=410_15407 HTTP 302
    https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pop5sjhspear.com/1797194/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pop5sjhspear.com/1797194/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 03:20:41 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl
submit.min.js
pop5sjhspear.com/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pop5sjhspear.com/submit.min.js?abvar=
Requested by
Host: pop5sjhspear.com
URL: https://pop5sjhspear.com/1797194/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Wed, 22 Nov 2023 03:20:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 14:55:11 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"6554dbcf-a617"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
pop5sjhspear.com/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pop5sjhspear.com/?r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXiUhRHVJNYSCf02gwn2eEUb5JsU2vnXKpsTJtS5QIgVI0qvhXAH_eO7w16GAVQ6U4w2CKMAT1lFl30c2MPPSnMgDI2_IzppHUB1gN25zZU6CnDt-3J7japtjY2URHVPe2csoTFqhkWAFCYDGsZDciN18AUKk8meQZabqLS2Bxz4ke7aroyyDwlaSueV_kpKWjhfk0N-0dcnA0X_W6f1Uq7k-vvAVUEdpMpaTnS6Wvmyipw5TybY7kRc9nWktLdrFlEQL_IHSjJ_qxdLBDfba366QBCf1qbU0QeHgeNOCpqNws5M94cNPJdDepy0m1ePJGspoB4FfLNr4SQC1hZKbqIZsjcZ2iXUdn9sgMS-V9ILiruOtsOtaMNEA9e1NO0GYMivnX_jPWRNLbPu20cdCULIhIntGv70nAHGGUaGE810uotpiEbWEyWRzli2d7SWfaoCDY0VQegAhwZPo8g2e1mXz6ueP5tmzhV8v01lIGKN0OfiLwW89fi564p-jo0mid7cKgL-BnJAKRRTdSj-Gqt6B1I6geD4CVgmQnygokjxgbNu_BYy3S95sXZ_kHeSzygRDZ7lW8OJHpMGyAeBqfQr0rVi4CwlTHKI60Lqf_XAbUmO6oYA1-IBWdbGXgMLJyZ7rit9WaP1zAWPx0Cz5WgVz2_Fkb0lH7Hd5pH0ETgEh_GYAmE2hvKX9gaXe22EGUDk30rqUkEi4DzBv4xZSMkuep8m-Hmi3kkfX-XfypHhnfiGcV1uLcWnnW39G6IBLiSWutaHPQSU2n81VGht-RcHSfNfGShFTeP6Ng4rmhZhboL3uRzCvBcb9PXgy-KV9-kZ6X6EROL2IHMXcBjS6dIWIQ7K1aymgdpmjRpEnR4OmIBv-Rp22PgcwmuGJH_6Uge_b1mktrbUAmIozjlqbhFDK8=&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=955876974866432&eclog=0&sp=1&im=1&pload=484&rlp=%5B0%2C0%2C78.70000457763672%2C73.30000305175781%2C3.0999908447265625%2C192.1999969482422%2C77.99999237060547%2C49%5D
Requested by
Host: pop5sjhspear.com
URL: https://pop5sjhspear.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-viewport-height
1200
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 03:20:41 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
vinos.js
popvalcom.com/bens/ 		498 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popvalcom.com/bens/vinos.js?24189&mode=redir&subsite=1797194
Requested by
Host: pop5sjhspear.com
URL: https://pop5sjhspear.com/?r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXiUhRHVJNYSCf02gwn2eEUb5JsU2vnXKpsTJtS5QIgVI0qvhXAH_eO7w16GAVQ6U4w2CKMAT1lFl30c2MPPSnMgDI2_IzppHUB1gN25zZU6CnDt-3J7japtjY2URHVPe2csoTFqhkWAFCYDGsZDciN18AUKk8meQZabqLS2Bxz4ke7aroyyDwlaSueV_kpKWjhfk0N-0dcnA0X_W6f1Uq7k-vvAVUEdpMpaTnS6Wvmyipw5TybY7kRc9nWktLdrFlEQL_IHSjJ_qxdLBDfba366QBCf1qbU0QeHgeNOCpqNws5M94cNPJdDepy0m1ePJGspoB4FfLNr4SQC1hZKbqIZsjcZ2iXUdn9sgMS-V9ILiruOtsOtaMNEA9e1NO0GYMivnX_jPWRNLbPu20cdCULIhIntGv70nAHGGUaGE810uotpiEbWEyWRzli2d7SWfaoCDY0VQegAhwZPo8g2e1mXz6ueP5tmzhV8v01lIGKN0OfiLwW89fi564p-jo0mid7cKgL-BnJAKRRTdSj-Gqt6B1I6geD4CVgmQnygokjxgbNu_BYy3S95sXZ_kHeSzygRDZ7lW8OJHpMGyAeBqfQr0rVi4CwlTHKI60Lqf_XAbUmO6oYA1-IBWdbGXgMLJyZ7rit9WaP1zAWPx0Cz5WgVz2_Fkb0lH7Hd5pH0ETgEh_GYAmE2hvKX9gaXe22EGUDk30rqUkEi4DzBv4xZSMkuep8m-Hmi3kkfX-XfypHhnfiGcV1uLcWnnW39G6IBLiSWutaHPQSU2n81VGht-RcHSfNfGShFTeP6Ng4rmhZhboL3uRzCvBcb9PXgy-KV9-kZ6X6EROL2IHMXcBjS6dIWIQ7K1aymgdpmjRpEnR4OmIBv-Rp22PgcwmuGJH_6Uge_b1mktrbUAmIozjlqbhFDK8=&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=955876974866432&eclog=0&sp=1&im=1&pload=484&rlp=%5B0%2C0%2C78.70000457763672%2C73.30000305175781%2C3.0999908447265625%2C192.1999969482422%2C77.99999237060547%2C49%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.61 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Nov 2023 03:20:41 GMT
P3P
CP="NON DSP COR CURa TIA"
Server
nginx
Transfer-Encoding
chunked
dupa.gif
pop5sjhspear.com/ 		43 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pop5sjhspear.com/dupa.gif?z=1797194&r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXiUhRHVJNYSCf02gwn2eEUb5JsU2vnXKpsTJtS5QIgVI0qvhXAH_eO7w16GAVQ6U4w2CKMAT1lFl30c2MPPSnMgDI2_IzppHUB1gN25zZU6CnDt-3J7japtjY2URHVPe2csoTFqhkWAFCYDGsZDciN18AUKk8meQZabqLS2Bxz4ke7aroyyDwlaSueV_kpKWjhfk0N-0dcnA0X_W6f1Uq7k-vvAVUEdpMpaTnS6Wvmyipw5TybY7kRc9nWktLdrFlEQL_IHSjJ_qxdLBDfba366QBCf1qbU0QeHgeNOCpqNws5M94cNPJdDepy0m1ePJGspoB4FfLNr4SQC1hZKbqIZsjcZ2iXUdn9sgMS-V9ILiruOtsOtaMNEA9e1NO0GYMivnX_jPWRNLbPu20cdCULIhIntGv70nAHGGUaGE810uotpiEbWEyWRzli2d7SWfaoCDY0VQegAhwZPo8g2e1mXz6ueP5tmzhV8v01lIGKN0OfiLwW89fi564p-jo0mid7cKgL-BnJAKRRTdSj-Gqt6B1I6geD4CVgmQnygokjxgbNu_BYy3S95sXZ_kHeSzygRDZ7lW8OJHpMGyAeBqfQr0rVi4CwlTHKI60Lqf_XAbUmO6oYA1-IBWdbGXgMLJyZ7rit9WaP1zAWPx0Cz5WgVz2_Fkb0lH7Hd5pH0ETgEh_GYAmE2hvKX9gaXe22EGUDk30rqUkEi4DzBv4xZSMkuep8m-Hmi3kkfX-XfypHhnfiGcV1uLcWnnW39G6IBLiSWutaHPQSU2n81VGht-RcHSfNfGShFTeP6Ng4rmhZhboL3uRzCvBcb9PXgy-KV9-kZ6X6EROL2IHMXcBjS6dIWIQ7K1aymgdpmjRpEnR4OmIBv-Rp22PgcwmuGJH_6Uge_b1mktrbUAmIozjlqbhFDK8=&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=955876974866432&eclog=0&sp=1&im=1&pload=484&rlp=%5B0%2C0%2C78.70000457763672%2C73.30000305175781%2C3.0999908447265625%2C192.1999969482422%2C77.99999237060547%2C49%5D&pload=77&rlp=%5B0%2C0%2C0%2C0%2C-44.400001525878906%2C-0.7000045776367188%2C-3%2C0%5D&bb=0
Requested by
Host: pop5sjhspear.com
URL: https://pop5sjhspear.com/?r=dir&zoneid=1797194&pb=9af297f39dd618550817bd3a6c60c6df1700630441&psp=WqXiUhRHVJNYSCf02gwn2eEUb5JsU2vnXKpsTJtS5QIgVI0qvhXAH_eO7w16GAVQ6U4w2CKMAT1lFl30c2MPPSnMgDI2_IzppHUB1gN25zZU6CnDt-3J7japtjY2URHVPe2csoTFqhkWAFCYDGsZDciN18AUKk8meQZabqLS2Bxz4ke7aroyyDwlaSueV_kpKWjhfk0N-0dcnA0X_W6f1Uq7k-vvAVUEdpMpaTnS6Wvmyipw5TybY7kRc9nWktLdrFlEQL_IHSjJ_qxdLBDfba366QBCf1qbU0QeHgeNOCpqNws5M94cNPJdDepy0m1ePJGspoB4FfLNr4SQC1hZKbqIZsjcZ2iXUdn9sgMS-V9ILiruOtsOtaMNEA9e1NO0GYMivnX_jPWRNLbPu20cdCULIhIntGv70nAHGGUaGE810uotpiEbWEyWRzli2d7SWfaoCDY0VQegAhwZPo8g2e1mXz6ueP5tmzhV8v01lIGKN0OfiLwW89fi564p-jo0mid7cKgL-BnJAKRRTdSj-Gqt6B1I6geD4CVgmQnygokjxgbNu_BYy3S95sXZ_kHeSzygRDZ7lW8OJHpMGyAeBqfQr0rVi4CwlTHKI60Lqf_XAbUmO6oYA1-IBWdbGXgMLJyZ7rit9WaP1zAWPx0Cz5WgVz2_Fkb0lH7Hd5pH0ETgEh_GYAmE2hvKX9gaXe22EGUDk30rqUkEi4DzBv4xZSMkuep8m-Hmi3kkfX-XfypHhnfiGcV1uLcWnnW39G6IBLiSWutaHPQSU2n81VGht-RcHSfNfGShFTeP6Ng4rmhZhboL3uRzCvBcb9PXgy-KV9-kZ6X6EROL2IHMXcBjS6dIWIQ7K1aymgdpmjRpEnR4OmIBv-Rp22PgcwmuGJH_6Uge_b1mktrbUAmIozjlqbhFDK8=&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=955876974866432&eclog=0&sp=1&im=1&pload=484&rlp=%5B0%2C0%2C78.70000457763672%2C73.30000305175781%2C3.0999908447265625%2C192.1999969482422%2C77.99999237060547%2C49%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Wed, 22 Nov 2023 03:20:41 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0MjJiOGRjMzQyNjMwMzgzMDk2ZGZkY2VlNGEwXjA2LjExLjIyLjIwMjM=
popvalcom.com/clicks/ 		224 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popvalcom.com/clicks/MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0MjJiOGRjMzQyNjMwMzgzMDk2ZGZkY2VlNGEwXjA2LjExLjIyLjIwMjM=?&subid=1797194
Requested by
Host: popvalcom.com
URL: https://popvalcom.com/bens/vinos.js?24189&mode=redir&subsite=1797194
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.61 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash

Request headers

Referer
https://popvalcom.com/bens/vinos.js?24189&mode=redir&subsite=1797194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 03:20:42 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3P
CP="NON DSP COR CURa TIA"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Primary Request /
9.gamalanding.com/
Redirect Chain
  • http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15407&subid_5=1797194&click_id=24189_279873_7_5_s31_1797194
  • https://colorful-road-three.com/de610bbd5?ClickID=5288338971700623242&WebID=410_15407
  • https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Requested by
Host: popvalcom.com
URL: https://popvalcom.com/clicks/MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0MjJiOGRjMzQyNjMwMzgzMDk2ZGZkY2VlNGEwXjA2LjExLjIyLjIwMjM=?&subid=1797194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8895ca8ca63fc8d7205e24d3cce434cb5962344ef517708a641a13c16dcc706e

Request headers

Referer
https://popvalcom.com/clicks/MjQxODlfMjc5ODczXzIzLjYwM18xM18xNzAwNjIzMTEwNTI4ODMzODk3XzM1XmRkNzk0MjJiOGRjMzQyNjMwMzgzMDk2ZGZkY2VlNGEwXjA2LjExLjIyLjIwMjM=?&subid=1797194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
829e09c4b943b7dc-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 03:20:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOVdQ8evGz6mlpNbShxDgQnP3tGDFec%2FUnbDb65qEJn5t4TNrLqHvltb0ZhegCRA9ZY1DVzuyaqG0E1R74hHYYY9oFersxXgBf%2B8Zb2Re8fuhu%2BIIdvDNVDUbCqLXZwYBO9fYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
829e09c1cdbb9064-FRA
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 03:20:42 GMT
location
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ0r7kLlqoHxIAxuMlqYXe0KdYJiec64u%2BsuEWCG2bErQjCdDassx%2BkeYtTwgqESrXK9ms9xTXwV0P0aw6jzD8RtjBqnsv7U5HkFbYx50if1%2FH0Cuj8w7oc%2BntwN6Uq6TwuCV%2FWOB25Xbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains max-age=31536000
vary
Accept-Encoding
style.min.css
9.gamalanding.com/public/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/css/style.min.css
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a9bf5a9c164f35128b45bb365ce7e260c03087aefbb86a4d1f79c002e29467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
W/"65158e6d-7037"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFhG4OKZ79%2FZNr%2B0%2Fp65%2BuunUpoOtUuD7e63JkjLiuSiYf88HjkNb%2FzLKo%2BHOMKusTNlqMCPVLRRrBO9ngKhEKzOhTDqbZ5lPG3U9PqRuB%2FRXGN3xrLJ9fh8Can4QhNypsalHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
829e09c4f95fb7dc-AMS
alt-svc
h3=":443"; ma=86400
logo.png
9.gamalanding.com/public/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/logo.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbf96291a96a2dae59c1998861b9f7134534173660c8c668af6f04b1c883344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
"65158e72-1579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvgAdzXhZ850WYMOkn%2FMiMeOMiWoQfv6zEukzzOGJ69oY3FF4s%2BsuHMmpQoAaaPJzPeadjHVdTs7Wp1c21Oj1pW%2BfviXGAc%2BZcFU3P2QC5MKrnkfi3OvyBCGzhR2AYYvc2h5nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c4f961b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
5497
circle-back.png
9.gamalanding.com/public/img/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-back.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39713f38165e519029197b4b90f4d56d4d4d62bb01a57a076fb7a28faac49224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
"65158e70-10c9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKCc0LKKCPHV%2FHU1x0wYvvFCgkgO3MovBuaTqkdcbU7qRPZEyiGsfdrV0%2BdgNJrFGpS1DWZHsmtY4qN7RIr%2FAdMBONEwLiXdo4fj20fyvYa2%2Fx59H8qrBgoZakZiZ4Hl2nhk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c4f963b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
68764
circle-main.png
9.gamalanding.com/public/img/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-main.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23023e7c81167ab993c5b12192dd518d94ca41e65f900442d82fc90d850376c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4020
etag
"65158e71-358f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChXoKNf7KSSKt1IN%2BEc5l7csonXNmt1qFC44Le3NAbYBZts4t9bkA1lEmAIQiRMA0AWbVccCjiuVsa7pHXCXRnFNXt9PbdCI1q5Nj3VDwXRAb%2FR6W3qPRSupfzu8Ndyd5HsqtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c5398eb7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
219384
glow-1.png
9.gamalanding.com/public/img/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/glow-1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2febb3c26d06c71efd18cd15d1a7000e06e29760cdfca9a37439a6bc15d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4020
etag
"65158e71-7c19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufJm70rqID9GScE2JTgBLBKVqa%2FJzpIgMLB7to2JwuSoVUMPvsQvdIABafkHgoF1TDVNDzE3lHAfd%2B7FbNdcF%2FOmNw8iJMxEtp4zhfMBN%2B%2BKyA9nFBTybMciEfoFzJhf72TzaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c54993b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
31769
glow-2.png
9.gamalanding.com/public/img/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/glow-2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7d693a3236b40def59bcfa6fb3e68e80119664b1c64df87b86f6eef47f09d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4020
etag
"65158e72-8dc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM1VckBtEQpsL5b2YC%2FvPtzdeoDslm74DZQKsKDgbjW%2BBJYsR0QxQnV05w4XgftiL%2B0AQV6Gtm%2Ba%2FTRC90dVx067FcZ0wIEWjbhfpNGn8kD0eWIUNpNDrjRwomX%2FS8ACi8q1sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c54997b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
36290
circle-arr.png
9.gamalanding.com/public/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-arr.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12a01e644a3b76f823380abbc488c385898af484fba13370338cbba17989676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e70-2bd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezxIsmBHNp7yX1hb840IMmFTNYmhg3utLLTtJe6AwLWXClCwedr8bsi1SOt%2BD6%2FjbkTfhWQZCGwc88KPhLtBPsd8GSZbnDqmEBsFqfATKcMUffxG6TNX77ojGQ0kSSzSCMQ6Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c54998b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
11222
circle-btn.png
9.gamalanding.com/public/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-btn.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3054af22c58a550d61b59578e0444d2700bdaff77a771cd1d532a3c1524639d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4020
etag
"65158e70-9798"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlLtQxTyy4ZLbwlcMTaVzabD9X1aaP0dgybL9B78PzAZflb1EgZrMYFJDhCE8YIXcJ8djMJJQTO0TN0kHOdmeID%2BMHrzBtSfEN2pVc43%2FhDUIUn5HywHlUdgWnBe3dqw4bGfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c54999b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
38808
zeus.png
9.gamalanding.com/public/img/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/zeus.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8068b0ff4dea4d80682180aeba89ca04e5fe9418b98012a3114e22496df136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e74-14cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dam6SzLMUDjPQelc9X3%2Fr2XCTX7RucDCGme4VbZKVe0tKEP7JkmX%2FtpiyG4wMAt19GHZbXlQctTlpD4SgnDaC3tch%2FRgPix7zUEHSZ8TbAXVbh5hlt0eedO7MjI358auuGAI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c5499ab7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
85213
flash2.png
9.gamalanding.com/public/img/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/flash2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d32cd89e4284ed5db34a31963d3b4f7b644a228e64726de522eaa4af5f68f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
79
etag
"65158e71-282a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9OVmpS2Pb71p8LToXaG%2B%2F9vvO%2BJX2Gd6VTlxQn7ST%2BTZOWsQ%2FPP8GlUDSzer%2BpCiqy2j8kQRLV5vRnurhx%2Bwlzfcx8na967TAz2VuxF%2BNdfxUYV4GXmZCKABQkz6qf6u3S%2FGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a1b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
164521
flash1.png
9.gamalanding.com/public/img/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/flash1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f0ca716f08c8004b90ca617ab730e710707a3822b3365197db42b2568a4d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
79
etag
"65158e71-137e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt2S6KiSHsrc%2Fsj%2BH63iCzrKc2g9AdUQMBrAwViie8XBlEN0he7RzXptN97XN814Pb0UpBDPUVu%2FO7lrCCfB4Yl8fwyLzaWM7mDluf7wMPpC0W5L7lYERxZ5wziZyzN8hwxexA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a3b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
79846
item-1.png
9.gamalanding.com/public/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e5d9026e2d1da01d3eec3df4fef757f19018969df7349f397c549e3680175b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
79
etag
"65158e72-3e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZHgVN%2Bdi9WO5Vt2lmvZv4SbghQP2sGk9KvbdDnhkADMtfWlTIQoZFH2M3nSGowJ6mNEU83Mzi0C5CBttvoSJzSYtw76lkhmwhGV6g%2FdiBmBKkxU4AQmbgCB6kqKX6Me5wEfrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a4b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
16011
item-2.png
9.gamalanding.com/public/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3544cbe73dd34c448777812779612e8d028338b2ee9e5445b185a804b980355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e72-5bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s46ARN%2BD7MYSwMAkoG6kWzc6Jg%2Fh1%2B5REQa3SnMU2jitaGwAhPs3R3ILv9h%2B4xuj2PZZvMEZ4zKRfSzgxJQmGR8YbdNQWfnoRSSAPW%2BGL6z1X2AosIQinXBzn%2B9xw8GUYD7s2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a5b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
23540
item-3.png
9.gamalanding.com/public/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-3.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a4eedf87ffdc640cd5ea5428920decc357c8fcc6fce321328e78c202445891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e72-2c74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvPMQO9ezG4wSs1CMgB6cQsLSopJYoUpA4aEi74bxKHR1V8Ps3knQk4rieGHWVfbszj9wGj2HI4SpOoiQtETyHFNoR0OFNrVdRQKHAi%2ByqXbQcknPO%2B5WvBO%2FnagSf2IOcx8fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a6b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
11380
item-4.png
9.gamalanding.com/public/img/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-4.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7be38626b08045319de9788c54b2bb76e3c0ea93f384dcbcb698a15313675b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
78
etag
"65158e72-7138"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y90xPSKti%2F3gQd%2FW1cytEc2YioAYXPk8IBRxpvzfKwrtmjRMUeh4oeBrVGcrEcR1kHjyP%2B7yR6FCAGeumj1WesmHVNcTlItelk5YpnGBdhoH0ZzSDAOun0SvOIQu%2FQe7D%2BdqWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c559a7b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
28984
parallax.min.js
9.gamalanding.com/public/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/js/parallax.min.js
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
W/"65158e75-43a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml92hw%2BXEULbZyj6hW084Ndgfp8jRyJJCGKsPDzoJAZ4HBb%2BdnHoKxgjAc9Abl3hd6vlyXPajp%2F8YmYdWk%2Bhsh4py7EfX1XNS4NdFF3o0m00aIa%2BEXEv%2BzFwH0LRrOkKliRxRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
829e09c54994b7dc-AMS
alt-svc
h3=":443"; ma=86400
main.min.js
9.gamalanding.com/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/js/main.min.js
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8968289813831b28d45afaab3a708f25ee275e2a14a763ef8217db736c6cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
W/"65158e75-1391"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6SIkC6UEdpo6TH%2F63Ix2p3pAlWiYw%2Fg1mt82LDbTf7Hr41yQ8m3tie6c7t6Tr40jzgAOr0w%2B%2FyVSFznlsQTqc5CNPOCM0x4woK2MCwIQX0GhPxo1GrTGVYi0LEJ8LQPymeuSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
829e09c54995b7dc-AMS
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBN57N8N&gtm_auth=SFfZkaTIUPXNVKwBaA16cA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d738ad46fd9cd192d0f73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35da602a73d794e212d23a61ae8d1af0a2a52028c093bc718791dbd4f1f5694a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45737
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg.jpg
9.gamalanding.com/public/img/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/bg.jpg
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aed3330afcf35cf79ed03294cb27399b26f4586f795772a35df8fc03ad0363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2876
etag
"65158e70-39563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrILbqRbBoEg9i4qdcHZqxo3Z8bvorc%2FSJyFNxJSVEjkXSGZEKdUdiH2v6hRLCikJSNn7zgrEgweW1hVCVE0sUgSu8sXpW69Ge7PuQSnpVawSxGNN8YScYI43FT3Yas8do0BAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569b5b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
234851
pergament.png
9.gamalanding.com/public/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/pergament.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0728bed6ff44490ceff9efeeed7b3a3abfc35ff2a28407eced1c9b827da398e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2876
etag
"65158e73-f716"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqn6%2Bs4i4mRx%2BH%2FzcPUXr1qDsxx9ceYYNMGPhdq5nMNvW64dLO6YSgD0rDcgcfWj8PGhZi4N8NdXX3YWVXHxJSUk6YX%2BW4BHnid3eJNBeZeBKaPQ9MtqnaqVkmTicSwst54nAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569b7b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
63254
popup-bg-bg.png
9.gamalanding.com/public/img/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-bg-bg.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87050d490d4837d2b3b3be3f9fdbb148d8128822e434627e39881c541eeeb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2876
etag
"65158e73-1e486"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tkcAMLES4yoALZ4HDn5FaCY9r%2Br6%2B4DGGXJkrqtg9LAT42kxFdQJ2Ct9PrzSp4nKyPM0G0Hznh1wNtswsHINKR%2BK1Krk977GBckmV%2FWwk2xXVnhPfU0sjTrqitgF8kQ2AbPKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569b8b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
124038
popup-bg.png
9.gamalanding.com/public/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-bg.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9604e621df27b780c902b6c3c120702bc1b9aaf2b21a82e8e01a626edaa2cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2876
etag
"65158e73-16119"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXdu7XPLyrUfMFGJM%2B9tTBqbH8VMaQ6w%2FoIQGH%2B3wLEUsoLqcChf16SSX7tkvGOEueJslkpMTGYW6Z67Bu4rqSFfapUUFXE9wZ0XSHbmH88ncB5XRU957vXbrnrA3yRsy5jioQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569b9b7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
90393
popup-btn.png
9.gamalanding.com/public/img/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-btn.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ffede959f751da77ce3c32f21610d6d828d9bd6c397fa9cdf894c54ad29fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2876
etag
"65158e73-f9f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5LWvahp5TlzwCRE83Wul8Qzf4EOMW%2FbowWYVnB3DqI3KcZw8Y3ND8RXNn2QtG6Pt4TBp2zrnPM%2FOa2M%2BhmcyYYnsceY9J7qZLLYPsMdHMegfnFntl6gybY%2FtNWcd9yiU7WTYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569bdb7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
63984
Montserrat-Bold.woff2
9.gamalanding.com/public/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/fonts/Montserrat-Bold.woff2
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e35a837e4f22c75cc03c4e501023d6f4ffe074c786064a9b2c0d27257897ac1

Request headers

Referer
https://9.gamalanding.com/public/css/style.min.css
Origin
https://9.gamalanding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e6f-167f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKtyvMrOn7zdejlgDjoii4wgG2Ja1yxvGyaPMWsdf%2Bnmzm%2FaGIB1zinpbNcMtRP0vBZEkUv4MKM18o78SZKchvC%2FiXDlAjtAR%2FXa3QXBfiIPaiAWMESlEMLXm0%2FfMle2C1FfCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569bbb7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
92152
Montserrat-Black.woff2
9.gamalanding.com/public/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/fonts/Montserrat-Black.woff2
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78440cef291a9e1e12fbf0fe238828e77b2d55fe8f0dc045edf2f95f276099b

Request headers

Referer
https://9.gamalanding.com/public/css/style.min.css
Origin
https://9.gamalanding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:43 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
545
etag
"65158e6f-163b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpuYjybQiEUIGvSCB2O9at7CRsF930fKTTYJskw7dDGqzye002gUGROaSE10QzYJt1D1GXsOLQZnydqfV2VyMC67m2ER7auPRi1MLok5MtxzrpaPTnGIqJ1LpsKWXFDpSEwsZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829e09c569bcb7dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
91060
array.js
posthog-cat.com/static/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/static/array.js
Requested by
Host: pop5sjhspear.com
URL: https://pop5sjhspear.com/1797194/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Tue, 17 Oct 2023 14:20:49 GMT
server
cloudflare
etag
W/"652e9841-1ce8d"
vary
Cookie, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSiZvoJUulWyakwjQsINJwpCHIxwk1igXUWLQz%2FHtLdQKRluml5MyQxTt4FUrnMvWGGgLWL9EL3jKIX5euPVvGIaatcXfWfTrXlcJ7wvd6m1pByWO2Km9b7HLzzKCKUvYNc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
cf-ray
829e09cb298d6ade-FRA
/
posthog-cat.com/e/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/e/?ip=1&_=1700623244129&ver=1.83.2
Requested by
Host: posthog-cat.com
URL: https://posthog-cat.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9.gamalanding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 03:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://9.gamalanding.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkgybarD9jQUmpJd8zVtrCn8FJvtNvCo2uzZwpsl9la0Yno5g9YHcvfeSDcJhj255nVMs6XoUoMEWhQ%2FP5TReD8DhsT22qgnI2OG4wSWAwRuHTUJBL9ZuAdY52iGwevcjJk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
access-control-allow-headers
X-Requested-With,Content-Type
cf-ray
829e09cbd9e86ade-FRA
/
posthog-cat.com/decide/ 		374 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/decide/?v=3&ip=1&_=1700623244132&ver=1.83.2
Requested by
Host: posthog-cat.com
URL: https://posthog-cat.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9.gamalanding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 03:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://9.gamalanding.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Bg0xY%2BnT8NUoMqyj0egX4CGlrHmvBBRsstaLd1qRAhZ9o2HS52BcTgXuV5LQLG41K9izAyndS1Hw1BEp44a85Z5m1cQUerzHqSg%2BdLCkho80j7mFyUTjAobyYmvCJHznRU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
access-control-allow-headers
X-Requested-With,Content-Type
cf-ray
829e09cbd9eb6ade-FRA

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer function| Parallax function| $$ function| addCss function| getElementIndex function| h_el function| debugging function| addEv number| counter function| removeDismiss function| firstBonus function| secondBonus function| Opn number| size object| c object| ctx object| center number| minSegmentHeight number| groundHeight string| color number| roughness number| maxDifference function| render function| createLightning object| google_tag_manager object| google_tag_data object| posthog

11 Cookies

Domain/Path Name / Value
pop5sjhspear.com/ Name: CHCK
Value: 1
pop5sjhspear.com/ Name: UID
Value: 23112122201113811abc28413f91e69ef50f
pop5sjhspear.com/ Name: OACCAP
Value: ACL7ogAAAAAAAAAB
pop5sjhspear.com/ Name: OACBLOCK
Value: ACL7ogAAAABlXDlQ
pop5sjhspear.com/ Name: OXCCLK
Value: ACL7ogAAAAAAAAAB
pop5sjhspear.com/ Name: OXPCLK
Value: AAHk3gAAAAAAAAAB
pop5sjhspear.com/ Name: ppucnt
Value: 1
.popvalcom.com/ Name: uuid
Value: 1700623110528833897
.alanwaketor.com/ Name: uid
Value: 5288338971700623242
colorful-road-three.com/ Name: 49d180ecf56132819571
Value: 655d738ad46fd9cd192d0f73
.gamalanding.com/ Name: ph_phc_vk7ry35fgSZLyRTYWK4py4MAFpsJLlG6JLi00Nk7cqY_posthog
Value: %7B%22distinct_id%22%3A%22018bf50b-5b59-735a-a0d5-f51332706884%22%2C%22%24device_id%22%3A%22018bf50b-5b59-735a-a0d5-f51332706884%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1700623244126%2C%22018bf50b-5b5e-7f27-ad99-3f3ecfc12aef%22%2C1700623244126%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9.gamalanding.com
alanwaketor.com
colorful-road-three.com
pop5sjhspear.com
popvalcom.com
posthog-cat.com
www.googletagmanager.com
104.21.16.220
172.217.18.104
172.67.184.172
188.114.96.3
193.200.64.30
193.200.65.61
212.117.190.201
0728bed6ff44490ceff9efeeed7b3a3abfc35ff2a28407eced1c9b827da398e8
0e35a837e4f22c75cc03c4e501023d6f4ffe074c786064a9b2c0d27257897ac1
1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3
23023e7c81167ab993c5b12192dd518d94ca41e65f900442d82fc90d850376c0
3054af22c58a550d61b59578e0444d2700bdaff77a771cd1d532a3c1524639d7
34a9bf5a9c164f35128b45bb365ce7e260c03087aefbb86a4d1f79c002e29467
35da602a73d794e212d23a61ae8d1af0a2a52028c093bc718791dbd4f1f5694a
39713f38165e519029197b4b90f4d56d4d4d62bb01a57a076fb7a28faac49224
5a2febb3c26d06c71efd18cd15d1a7000e06e29760cdfca9a37439a6bc15d4d6
5f7d693a3236b40def59bcfa6fb3e68e80119664b1c64df87b86f6eef47f09d4
65e5d9026e2d1da01d3eec3df4fef757f19018969df7349f397c549e3680175b
69aed3330afcf35cf79ed03294cb27399b26f4586f795772a35df8fc03ad0363
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8895ca8ca63fc8d7205e24d3cce434cb5962344ef517708a641a13c16dcc706e
8bbf96291a96a2dae59c1998861b9f7134534173660c8c668af6f04b1c883344
9b9604e621df27b780c902b6c3c120702bc1b9aaf2b21a82e8e01a626edaa2cc
b0a4eedf87ffdc640cd5ea5428920decc357c8fcc6fce321328e78c202445891
b4d32cd89e4284ed5db34a31963d3b4f7b644a228e64726de522eaa4af5f68f7
b6ffede959f751da77ce3c32f21610d6d828d9bd6c397fa9cdf894c54ad29fe3
b78440cef291a9e1e12fbf0fe238828e77b2d55fe8f0dc045edf2f95f276099b
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
b9f0ca716f08c8004b90ca617ab730e710707a3822b3365197db42b2568a4d29
cc8068b0ff4dea4d80682180aeba89ca04e5fe9418b98012a3114e22496df136
de8968289813831b28d45afaab3a708f25ee275e2a14a763ef8217db736c6cb4
e7be38626b08045319de9788c54b2bb76e3c0ea93f384dcbcb698a15313675b5
e87050d490d4837d2b3b3be3f9fdbb148d8128822e434627e39881c541eeeb75
f12a01e644a3b76f823380abbc488c385898af484fba13370338cbba17989676
f3544cbe73dd34c448777812779612e8d028338b2ee9e5445b185a804b980355
fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1