urlscan.io logo urlscan.io
SecurityTrails logo

e-scratchm.com Open in urlscan Pro
147.78.140.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html#2086362jQ2249975pn503940873ec14941FM24Dar106412QW
Effective URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payloa...
Submission: On November 14 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 29 HTTP transactions. The main IP is 147.78.140.27, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is e-scratchm.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2021. Valid for: a year.
This is the only time e-scratchm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 192.34.108.58 23033 (WOW)
1 1 209.236.123.154 30277 (DFW-DATAC...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 147.78.140.10 209242 (CLOUDFLAR...)
3 147.78.140.27 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.22.41 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.78.140.81 209242 (CLOUDFLAR...)
2 147.78.140.9 209242 (CLOUDFLAR...)
1 13.32.22.63 16509 (AMAZON-02)
1 143.204.215.95 16509 (AMAZON-02)
1 147.78.140.38 209242 (CLOUDFLAR...)
29 13
1    2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    192.34.108.58 (United States)

ASN23033 (WOW, US)
PTR: 192.34.108.58-reverse.wowrack.com
192.34.108.58
1    209.236.123.154 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: 209.236.123.154
www.delightfuldelight.com
1    2606:4700:3036::ac43:a591 (United States)

ASN13335 (CLOUDFLARENET, US)
record.smnetopartners.com
1    147.78.140.10 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
click.power-pppp.com
3    147.78.140.27 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
e-scratchm.com
secure.e-scratchm.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
13    2606:4700:3035::6815:d44 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cg-platform.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.32.22.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-41.fra56.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    147.78.140.81 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
cdn-origin.netoplay.com
2    147.78.140.9 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
click.power-ppp.com
1    13.32.22.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-63.fra56.r.cloudfront.net
script.hotjar.com
1    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
1    147.78.140.38 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
cdn.gratohelp.com
Domain Requested by
13 cdn.cg-platform.com e-scratchm.com
cdn.cg-platform.com
2 click.power-ppp.com cdn.cg-platform.com
2 www.google-analytics.com e-scratchm.com
www.google-analytics.com
2 e-scratchm.com storage.googleapis.com
e-scratchm.com
1 secure.e-scratchm.com
1 cdn.gratohelp.com ajax.googleapis.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn-origin.netoplay.com e-scratchm.com
1 www.googletagmanager.com e-scratchm.com
1 static.hotjar.com e-scratchm.com
1 ajax.googleapis.com e-scratchm.com
1 maxcdn.bootstrapcdn.com e-scratchm.com
1 click.power-pppp.com 1 redirects
1 record.smnetopartners.com 1 redirects
1 www.delightfuldelight.com 1 redirects
1 storage.googleapis.com
29 17

This site contains links to these domains. Also see Links.

Domain
www.geogratorama.com
it.77scratchmania.com
en.scratchmania.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
e-scratchm.com
Cloudflare Inc ECC CA-3		 2021-08-16 -
2022-08-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
cdn-origin.netoplay.com
Cloudflare Inc ECC CA-3		 2021-08-18 -
2022-08-17		 a year crt.sh
click.power-ppp.com
Cloudflare Inc ECC CA-3		 2021-08-22 -
2022-08-21		 a year crt.sh
cdn.gratohelp.com
Cloudflare Inc ECC CA-3		 2021-08-16 -
2022-08-15		 a year crt.sh
secure.e-scratchm.com
Cloudflare Inc ECC CA-3		 2021-08-16 -
2022-08-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Frame ID: CDA758B3768E95C8C84FA1EF7DAF8D9C
Requests: 28 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Frame ID: 272C2D01B1DCD39534E330F4F1C1A9F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scratchmania - Gioca per Divertimento Guadagna per davvero

Page URL History Show full URLs

  1. https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html Page URL
  2. http://192.34.108.58/2086362jQ2249975pn503940873ec14941FM24Dar106412QW HTTP 302
    https://www.delightfuldelight.com/CSRRLN/9JM5P6P/?sub1=2086362&sub2=4b-2086362-2249975-106412-14941-503940873 HTTP 302
    https://record.smnetopartners.com/_7dt6q83S5OVg6lmcz7o-Q2Nd7ZgqdRLk/25/?pg=0&payload=239_2086362&c3=b0c7d98068... HTTP 301
    https://click.power-pppp.com/click/5815a521591fa?affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=2... HTTP 302
    https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd... Page URL

Page Statistics

29
Requests

100 %
HTTPS

41 %
IPv6

13
Domains

17
Subdomains

13
IPs

3
Countries

433 kB
Transfer

899 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html Page URL
  2. http://192.34.108.58/2086362jQ2249975pn503940873ec14941FM24Dar106412QW HTTP 302
    https://www.delightfuldelight.com/CSRRLN/9JM5P6P/?sub1=2086362&sub2=4b-2086362-2249975-106412-14941-503940873 HTTP 302
    https://record.smnetopartners.com/_7dt6q83S5OVg6lmcz7o-Q2Nd7ZgqdRLk/25/?pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309 HTTP 301
    https://click.power-pppp.com/click/5815a521591fa?affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media= HTTP 302
    https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dsdgrf%20vder%20rbvc.html
storage.googleapis.com/checkthisbuckets/ 		327 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
89b175995457f156318ed4b7f068ea1bf0d88890ce770272c6a3a5606c6ee8dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

x-guploader-uploadid
ADPycdtEkZqHtTC_BUJB38PvcNVRqN-N6F8qwqSt2tSL2QsWhToIp1CUvK0sGsoxR5Ew3FsrmoZZdQehaEE9Oge0iX6VyJ0Efw
expires
Sun, 14 Nov 2021 15:11:39 GMT
date
Sun, 14 Nov 2021 14:11:39 GMT
last-modified
Mon, 08 Mar 2021 14:24:50 GMT
etag
"470c354b8289d8fb8d1b4eac09859fa2"
x-goog-generation
1615213490310699
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
327
content-type
text/html
x-goog-hash
crc32c=p2Pxdw== md5=Rww1S4KJ2PuNG06sCYWfog==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
327
server
UploadServer
age
3033
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request index.html
e-scratchm.com/lps/it/WH-style/2/
Redirect Chain
  • http://192.34.108.58/2086362jQ2249975pn503940873ec14941FM24Dar106412QW
  • https://www.delightfuldelight.com/CSRRLN/9JM5P6P/?sub1=2086362&sub2=4b-2086362-2249975-106412-14941-503940873
  • https://record.smnetopartners.com/_7dt6q83S5OVg6lmcz7o-Q2Nd7ZgqdRLk/25/?pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309
  • https://click.power-pppp.com/click/5815a521591fa?affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=
  • https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.27 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d061da0f2ddb6a9f36eb60557f4dc58d2dd67113982d3e08290f268ce2f8a977

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html#2086362jQ2249975pn503940873ec14941FM24Dar106412QW

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ae11ea6ce0859a7-MXP
content-encoding
gzip

Redirect headers

date
Sun, 14 Nov 2021 15:02:14 GMT
content-type
text/html; charset=UTF-8
rd
err: No redis
location
https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ae11ea5380059b3-MXP
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3669
date
Sun, 14 Nov 2021 14:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sun, 14 Nov 2021 16:01:06 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
7592434
cdn-cachedat
08/11/2021 05:01:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4f20b186be765cc90ac60b251f53d310
cf-ray
6ae11ea87c3359ef-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
style.css
cdn.cg-platform.com/it/SM/WH-style/2/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/it/SM/WH-style/2/style.css
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf35dd39a910cc00b6995529a6dd307cac32c534ea691f75275a6ecc996b2a85

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=eUsNGg==, md5=ULiRZvIBvjQ1REiCHzOieg==
date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvxRZ69bwvJ30hmRjGjxOEsrpC8Din5JKar7RlwxWkEctCZWtxZI5QiSYkH5qV2mmcDTNL6A2CloyQriReNF2c
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 21 Mar 2018 07:17:18 GMT
server
cloudflare
etag
W/"50b89166f201be34354448821f33a27a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP29KE6lNPt1d1hA4dbj5AA492hxegTH0JfDzLH%2FacvCzouWf191VY60O8srRtjpwgicTF1tiSNdbmJwlIJ5H1OHZSqHj8FrkoGOAyNCCvFJWnEtTcyW3I6dh8oEro9SDLo9hjx6EvbbsjJWlOemkqUo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1521616638018415
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
5051
cf-ray
6ae11ea89af60f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
lang-nav.css
cdn.cg-platform.com/common-images/language-bar/ 		2 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/common-images/language-bar/lang-nav.css
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b043774247fb8ef1fb01d5fd3b357807daffe900b34956341bad9f1cd806fc09

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=RHRWtw==, md5=mxvsIflylqsZZplqJqYfXw==
date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdutmguX9Gs3Z6n7O0hKuEbYrwdYTivZdC5FuolImjiGXLKBpLEnoKt8Fmj64PQ4SQ7FGGWEGeMsI9gnRdhPHFE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Aug 2019 14:03:16 GMT
server
cloudflare
etag
W/"9b1bec21f97296ab1966996a26a61f5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QqL4RMsziUMZDek0L2cKg4Vz3%2FoTmnmtS0VWNIQCIfKYK6ZZUUsdVxB%2FFRcdNSEgqrS9eBQujiWro2LRnzjGVc9D%2FwOCt14R8E%2BCEzXATFe2JSIohAa%2BCw4jeRx1y80BdBkmh0HaMRIJ24%2FPt2mm%2F51"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1565186596416309
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
1816
cf-ray
6ae11ea89afe0f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
swfobject.js
cdn.cg-platform.com/script/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/swfobject.js
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c798a1ed77d81808ccd071c777ab901965f0ed613cf47867f5e737d6671f905

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=BopeQQ==, md5=1RrDOSyVY3ZFkv3fykcOoQ==
date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduFPiy9nufzzd9RI_hyWysuDJE1LkyfMerMOPsrSFK9gI0N-72PtHlges3KmeC_5JgYrOWqcfpCRttmLrLPV-SROvx0Lg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 18 Jan 2018 10:08:59 GMT
server
cloudflare
etag
W/"d51ac3392c9563764592fddfca470ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXIfLCoyLIjLBLHuKqRxYICMmLhw9zdV3X8SgFawS%2FMqhcOFsgiPlHFQNMCOLPGEXcxi8XCKSU8wGWCUATZukYPPeBlcE43446j3iVZ8o9%2BKnoRr2VcDyiDAQ1r8ByoQq%2BK9EuTvrYIikz1TzRDiSDYJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1516270139434877
content-type
application/javascript
cache-control
max-age=14400, 3456000
x-goog-stored-content-length
10070
cf-ray
6ae11ea89aff0f82-MXP
expires
Mon, 14 Nov 2022 01:27:10 GMT
arrow.png
cdn.cg-platform.com/common-images/language-bar/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/common-images/language-bar/arrow.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b4ac8575fe56f4e0122f9496501b52cc58e58566a45aa41797a1091dd51e5c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=0WlKPQ==, md5=G0SsQM7aUEPokjxjS1Yzbg==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsnpgFccnZZvpuksnnPLTQcaObgRZTGf0zsZ6i-raxxaONi45s-i6yhgbc9MzPSMY-2CYlIY8t19o2xlAseZiFLimTAKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15098
last-modified
Thu, 18 Jan 2018 12:50:48 GMT
server
cloudflare
etag
"1b44ac40ceda5043e8923c634b56336e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXP4lUeNrgjCB4Tb2LzIqh%2F96LsCCz%2FebeDCQcvTdoH2AATLfe02eexAULC3Wbs31J7n48oAUUcA6jCthBeiT8xKXxXoVyMHK2fRFHJ8urn19f9VTCNqqjCuqc8ho3ByEuq25zcXOSSiz05Kx0ZceRpg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1516279848913504
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
15098
accept-ranges
bytes
cf-ray
6ae11ea93ce30f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
logo.png
cdn.cg-platform.com/it/SM/WH-style/2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/it/SM/WH-style/2/logo.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cf8781caa96497cc09b11c99940781d08337815ad60ee9b2ef2e1ff7344577

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=pgvYIA==, md5=brxbvXjzmWLbh6QQrZs+FA==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvs2sTpX9OKcadBez2cJU1o2j_JNo-s0O9f_Owem9FA7z0UJ0WqLWHz_M2VyIdcfKUrSHCf_5CwkmZE5bmcu1Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9846
last-modified
Wed, 21 Mar 2018 07:14:57 GMT
server
cloudflare
etag
"6ebc5bbd78f39962db87a410ad9b3e14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3SZTa15ib3AROY5lWyFbBqBPZsWJi%2B58APSVRn%2BJk0Z3O1VB2cRf%2B4tuW5CjqnPbugBA1TT4AQhq%2Fg%2BC9Fd31Dmf9bT4SGTIm1iaesHOq%2Bx3mO49o2RtRM%2FBB3ju9PptMKuf5SM4B6T9jz52OjTRGox"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1521616497413580
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
9846
accept-ranges
bytes
cf-ray
6ae11ea93ce60f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
btn-header.png
cdn.cg-platform.com/it/SM/WH-style/2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/it/SM/WH-style/2/btn-header.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61df24c06ed54fd36890a366686fe72fef7ad5ce641bb1ae576e5d2aba9d0e48

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=kW93AQ==, md5=BIp/UUUXAk7Br6VDCh9LPA==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsS2ViUDbM1SnHhUULM59cWabiXac9QVIqo3pfYMmKs3BzjiAmEP8ecHqxS7HgSXcjVg5IaeSpnfSrquQSI13DyJch_8A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1588
last-modified
Wed, 21 Mar 2018 07:14:56 GMT
server
cloudflare
etag
"048a7f514517024ec1afa5430a1f4b3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6ernQbGZPzLobM2mOt86%2BRB8c%2B9zsSxEiZ9rkOPkDYIUShWSJcFACP4O%2BmzebyUYipzx3T%2F%2Btl6fyYIb%2B3KK%2FFwW5Oex6WL6s2Xol5asTDvkN24eupJlt76l5PiRE5IUMo4R126DzI8AtBOHrs9FPjL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1521616496817942
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
1588
accept-ranges
bytes
cf-ray
6ae11ea93ce90f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
main-7-free.png
cdn.cg-platform.com/it/SM/WH-style/2/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/it/SM/WH-style/2/main-7-free.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176dd49911149af1358b4c6a4ce70c12935bcf22bdb8b9c0f53ddcdcd75399a1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=vrAYFQ==, md5=vGAjbvVe4Ji8UFxK2VPimA==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdt4cMRO8uNVvLFM0dzMDuIvLLpQt9Q5xgSVX--Y8v2FeYi3ETXIWL0eT5ki5dHv5TIpMJKwGu43lw8X-HkuR-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
130299
last-modified
Wed, 21 Mar 2018 07:14:57 GMT
server
cloudflare
etag
"bc60236ef55ee098bc505c4ad953e298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MWVaSVVtdGYS85F1FqQngzXWPd%2BawvjlJej7CSAn6gevRMfQKAExy%2BPNS3hUtKyB27owTcxNVINILCSIr05gq3zoPL5YBTiGGBZfHNFHzNtTe9Ew%2FkrHX65gpCwQh6ZvvtNBSjvz5hH0wzOXNMndJwy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1521616497624371
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
130299
accept-ranges
bytes
cf-ray
6ae11ea93ceb0f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
btn-main.png
cdn.cg-platform.com/it/SM/WH-style/2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/it/SM/WH-style/2/btn-main.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb10655101f5367548fff248dc6425fed0c2fcfd80d6ea6890b502cdb91c9aa

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=7T4cgA==, md5=qagFqwIqnVM+SQaIoLlPtQ==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdseyA8SwLU1yivOqlH5OFSaxe1ZSqvSfgjQJMpTvfO1Pe2p6SrlQFKWbFlpi7eKcMxDowMpZ1WLPoOOvyf5bTE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3807
last-modified
Wed, 21 Mar 2018 07:14:56 GMT
server
cloudflare
etag
"a9a805ab022a9d533e490688a0b94fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blxkAtfNwKob3Sd9UZhdj6voCDWwBHSx1Vg6RkSSlpluBvdBhYJJj1wg2pu%2BMhUdCDr%2BTjJN9BGE7LRSXbdsSBV1m5SPOZ5zHGgiKfKzfHC%2FWMJiJa51WS16G4Bcgq9fKL8hd6H470AM2m6yQs1m4z6Y"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1521616496829308
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
3807
accept-ranges
bytes
cf-ray
6ae11ea93cee0f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
sec-desktop.png
cdn.cg-platform.com/security/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/security/sec-desktop.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add186c53eb054fa6301d24c4d09eef52205b96b72a806a2adb21aaaa1bb6a51

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=uaFnLw==, md5=syz4P9M1sggm/ObuyXBfaQ==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsPilfrm_ASMzN-yenJYtLQgvB5y4tCcBM8azCb-GYvqr_sRt3cV2hZk9gGnWrQ2zlV5QXWIdWzPczsnNAh2CA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5944
last-modified
Sun, 16 Jun 2019 09:45:16 GMT
server
cloudflare
etag
"b32cf83fd335b20826fce6eec9705f69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtwOl1aOhG%2F2IW4PL64thBJTbgjeb5Xz3j5zTbPhsb11cy4k6OLE6JlZY%2BHEph5VePWz474Me4Ywhc%2B6Ad5D9vAzFQ7uir9SaxQM0xQ6xecUJiQbnas74ujat415iEKNyFkG6vFaZXS1iL2uahiHfYI6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1560678316499003
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
5944
accept-ranges
bytes
cf-ray
6ae11ea93cf10f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
PMs-desktop.png
cdn.cg-platform.com/payment-methods/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/payment-methods/PMs-desktop.png
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f49a0cb7e7cad2681c2d1c22bcfe1451001c553a4f98123e269b8a207bbd03

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=Cb8oHA==, md5=rddfqVQtMxgvuireMwlC4w==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdu-rOrXLGZSU6R9LHcZYzM-w3fN5ViWJRfm0EWN6yLJPkGtKkFUxfAvR-rUAAdCK2Aj567Fp9yHHY3b2PNHgdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41930
last-modified
Sun, 16 Jun 2019 09:44:10 GMT
server
cloudflare
etag
"add75fa9542d33182fba2ade330942e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzFtHHGmG9YAwHvN0Sb6CY7clNNgqDaQYo%2FtMW5maHhuAtLlZgmJzBJrW9OjgF7IgHSU0YsWeN59x7JFkD59zJ0dCFQBHN64%2Fc4eXHaW1pHnrX8QP%2BQi6cFE2QHH4z5SBqEMiQQJve2rU%2F%2BELeiX9I76"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1560678250531741
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
41930
accept-ranges
bytes
cf-ray
6ae11ea93cf40f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
email-decode.min.js
e-scratchm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e-scratchm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.27 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 11:48:50 GMT
server
cloudflare
etag
W/"618d0322-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6ae11ea92dd059a7-MXP
vary
Accept-Encoding
expires
Tue, 16 Nov 2021 15:02:15 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 18:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 13 Nov 2022 18:34:23 GMT
utils.js
cdn.cg-platform.com/script/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/utils.js?w
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ef9727739235615679515387c86893ad6f77ee2986bf12fea5bd1e4d60f34b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=zkceWg==, md5=TTwHgvOCmtlixRi1NyWzbg==
date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduBfAclBEdmsk5P3qwipEbjDR0F3hgExkfny4H63rGpzHXM0AnARurWQfhvPlc7ACLsdSxxD-p5CZFse4HLscA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 03 Jan 2021 18:44:03 GMT
server
cloudflare
etag
W/"4d3c0782f3829ad962c518b53725b36e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARUXAi2lxrsLrxx8FBmcgGcQmooQQt9tN3Z9Pq%2BM4X2IclWuFMay5SXs%2FEkawxIfnszn7zBcnVYbG9YGxsJCMJYM8V1tnHyeXGsMvCKiVKYOJlnHcIFc6C%2BTXpgY5NbywfIqzPZpQ7NdNC%2FeaA%2F%2FGpv0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1609699443246463
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
29879
cf-ray
6ae11ea93cd70f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
popups.js
cdn.cg-platform.com/script/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/popups.js?v=5
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb2bb90c5f6a6875daa101395ac1aaab922cd02cf883005da5fdfc26a4ee148

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=kW01uQ==, md5=H7kfKO/CmP/LPFzqWTVp1w==
date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduaAPpyOL_FedjhB2Tcu-vXymoiU90trB3Jr7FROhqHsRotN9wPGIzT1CFLXakET096iBwNK3O5f-8XYyvzLs0-XnTuCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 01 Mar 2020 15:43:32 GMT
server
cloudflare
etag
W/"1fb91f28efc298ffcb3c5cea593569d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iB5Bp8V2JU3YEjpm1aj3YcKB1P2yrynxQgQpP9V5%2BKiVnvkuQEMyxDg9NOsFk1VRzvYiVHNAsfLOI2ro%2FLC64yB78hT8obNKTM75hVFV7JJsdyzyCR0fBBTD1w2kyCjJW09Thj3zfxOyrSLBMAt2wh88"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1583077412820902
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
27346
cf-ray
6ae11ea93cdc0f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
hotjar-915733.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-915733.js?sv=6
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-41.fra56.r.cloudfront.net
Software
/
Resource Hash
e84474674459c14eab80e6bc3b028ab3ec0f5ab8bcb260df1b991166457b0d03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1919
access-control-allow-origin
*
cache-control
max-age=60
etag
W/8685f328875ae52c2313a2ca61d23c30
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
x-cache-hit
1
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
6AtrmVEI63oU-nEddJYDyMF3Y8shKFCK5gM15R-i-QDNIajxGQOQ2g==
gtm.js
www.googletagmanager.com/ 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
489a8a4ff682abf81830a51f9e0853554358b238949fe49a3bdd3ec93c6982d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
42226
x-xss-protection
0
expires
Sun, 14 Nov 2021 15:02:15 GMT
sprite.jpg
cdn.cg-platform.com/common-images/language-bar/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/common-images/language-bar/sprite.jpg?v=1
Requested by
Host: cdn.cg-platform.com
URL: https://cdn.cg-platform.com/common-images/language-bar/lang-nav.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8283feede6f0c2f427ba3487f7951b62ef19e4e98c817e00c4bce570398188

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cdn.cg-platform.com/common-images/language-bar/lang-nav.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=k2wyQg==, md5=G39w8ubl957250Lv8xKCzQ==
date
Sun, 14 Nov 2021 15:02:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycds_AHYGjUaBJRON66iF9vUngD9XgX0cSWDuBQCoCdsO0zpea06G8SdYX3EwAXD4PSTvumn2Y88-MNok2AJNLrE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19700
last-modified
Tue, 21 Aug 2018 07:15:42 GMT
server
cloudflare
etag
"1b7f70f2e6e5f79ef6e742eff31282cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO%2FE2uxQ8tncZmmAivSsvk08c3RHT5Z%2FaAs1S4xguB7N187Jik8VH3XYkFYo%2F%2B7Lok3pKNcS3i%2BAAffkFHBoUMBuEOr4H1lPC5t3A7O4b%2BMeUTMu6EnbDuDSBxhuXRmaj%2BVjR5%2BU%2B3S%2FADYGsu8vDN3h"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1534835742086992
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
19700
accept-ranges
bytes
cf-ray
6ae11ea93cf90f82-MXP
expires
Sun, 14 Nov 2021 16:02:15 GMT
visitorCountry.php
cdn-origin.netoplay.com/ 		302 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-origin.netoplay.com/visitorCountry.php?language=it
Requested by
Host: e-scratchm.com
URL: https://e-scratchm.com/lps/it/WH-style/2/index.html?Inc=105970651&affToken=Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk&pg=0&payload=239_2086362&c3=b0c7d98068fe4b68ab36f9f8c6490309&LP=329&referrer=&affiliateID=9168&media=&ABClicks=1&shorten_link=5815a521591fa&shorten_target=8625&netoClickId=619124f68f5d69e61c1046d5&pid=7777772e35736372617463686d616e69612e636f6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.81 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
0d5e31763c577d21fbbc748f8f91cf18a8b07e02b703d378038e3dba4a0eda98

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
6ae11eab3f903742-MXP
content-length
171
105970651
click.power-ppp.com/traffic/update/Arrived/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://click.power-ppp.com/traffic/update/Arrived/105970651
Requested by
Host: cdn.cg-platform.com
URL: https://cdn.cg-platform.com/script/utils.js?w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.9 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ae11eab8f415a1f-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
modules.dad547d55d09325865c9.js
script.hotjar.com/ 		224 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.dad547d55d09325865c9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-915733.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-63.fra56.r.cloudfront.net
Software
/
Resource Hash
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
336969
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60319
access-control-allow-origin
*
last-modified
Wed, 10 Nov 2021 17:25:15 GMT
etag
"20ec4d522a02fcf0254cd43ea667f540"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OtSaGj6mAWW7fiA8PGRFG_2e_4U_iAljy9f4CPk1Ho7hm9vq9LmhJQ==
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1873614634&t=pageview&_s=1&dl=https%3A%2F%2Fe-scratchm.com%2Flps%2Fit%2FWH-style%2F2%2Findex.html%3FInc%3D105970651%26affToken%3DIou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk%26pg%3D0%26payload%3D239_2086362%26c3%3Db0c7d98068fe4b68ab36f9f8c6490309%26LP%3D329%26referrer%3D%26affiliateID%3D9168%26media%3D%26ABClicks%3D1%26shorten_link%3D5815a521591fa%26shorten_target%3D8625%26netoClickId%3D619124f68f5d69e61c1046d5%26pid%3D7777772e35736372617463686d616e69612e636f6d&dp=https%3A%2F%2Fe-scratchm.com%2Flps%2Fit%2FWH-style%2F2%2Findex.html%3FInc%3D105970651%26affToken%3DIou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk%26pg%3D0%26payload%3D239_2086362%26c3%3Db0c7d98068fe4b68ab36f9f8c6490309%26LP%3D329%26referrer%3D%26affiliateID%3D9168%26media%3D%26ABClicks%3D1%26shorten_link%3D5815a521591fa%26shorten_target%3D8625%26netoClickId%3D619124f68f5d69e61c1046d5%26pid%3D7777772e35736372617463686d616e69612e636f6d&ul=en-us&de=UTF-8&dt=Scratchmania%20-%20Gioca%20per%20Divertimento%20Guadagna%20per%20davvero&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=601315024&gjid=1928556412&cid=1583145453.1636902136&tid=UA-27702367-8&_gid=614464481.1636902136&_r=1&gtm=2wgba1MM92NX&cd1=1&z=2129409118
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e-scratchm.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 15:02:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://e-scratchm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-028f986f575e1b13474634857daa6bfc.html
vars.hotjar.com/ Frame 272C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-915733.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:14 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"1502011b9c345a816e17e09cda9762e1"
last-modified
Wed, 20 Oct 2021 10:53:36 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-368VmSb2N_vnB0AUkdexbtqwZQ9tKhRUEEuTZjjHzAQXatc49fiBg==
age
521821
105970651
click.power-ppp.com/traffic/update/Loaded/ 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://click.power-ppp.com/traffic/update/Loaded/105970651
Requested by
Host: cdn.cg-platform.com
URL: https://cdn.cg-platform.com/script/utils.js?w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.9 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ae11eacaa925a1f-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
serverTime.php
cdn.gratohelp.com/assets/js/ 		89 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gratohelp.com/assets/js/serverTime.php?_=1636902135362
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.38 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
18a4521d5c66bc789e3083b3069e5a5749e5b2ceb48aaf16d9da286e6e62d689

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 15:02:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
6ae11ead19ad375f-MXP
content-length
106
/
secure.e-scratchm.com/server/clickstats/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.e-scratchm.com/server/clickstats/?brandId=1&deviceCategory=1&campaignId=&mediaId=&affiliateProfileName=&referer=https%3A%2F%2Fe-scratchm.com%2Flps%2Fit%2FWH-style%2F2%2Findex.html%3Fshorten_link%3D5815a521591fa%26shorten_target%3D8625%26netoClickId%3D619124f68f5d69e61c1046d5%26pid%3D7777772e35736372617463686d616e69612e636f6d%26Inc%3D105970651%26affToken%3DIou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk%26pg%3D0%26payload%3D239_2086362%26c3%3Db0c7d98068fe4b68ab36f9f8c6490309%26LP%3D329%26referrer%3D%26affiliateID%3D9168%26media%3D%26ABClicks%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.27 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://e-scratchm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| hj object| _hjSettings object| dataLayer object| brandInfo object| google_tag_data function| ga object| gaplugins object| swfobject string| defaultBrandInfo function| $ function| jQuery object| platformWindow object| Cookies object| gPixel function| get_url_parameter function| getAllUrlParams object| Preferences function| getParamsFromFunction function| getParamsFromCookie function| checkInArray function| checkClick function| getStringCookieProperties function| OpenGamesWindowIt function| OpenGamesWindow function| openLiveChat function| printPixel function| registerUser function| isDepositor function| getVIPLevel function| fireEvent function| isReal object| lpMTagConfig function| lpAddMonitorTag function| getMobileDomain object| isMobile boolean| isNgBrand string| COOKIE_PREFIX object| jQuery110206467911124390724 string| lang string| imgUrl boolean| popup_shown string| lightBoxJS string| lightBoxCSS boolean| lightBoxLoaded boolean| exit_shown string| campaignId function| promoSideBanners function| promoBanners function| showExitPopup function| showUKPopup function| showExitPopupNonSignup1 function| showFreeSpin string| swfVer string| str object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData function| countryCode function| getCurrencySymbol function| getCurrencyString function| getCurrencyForPlatform function| getServerDate function| getServerTime

31 Cookies

Domain/Path Name / Value
record.smnetopartners.com/ Name: VID1
Value: KCwzPFIuMyxSLEMwYApgCg%3D%3D
.smnetopartners.com/ Name: ZBan
Value: Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk
click.power-pppp.com/ Name: Click_5815a521591fa
Value: a%3A1%3A%7Bi%3A0%3Bs%3A4%3A%228625%22%3B%7D
click.power-pppp.com/ Name: Count
Value: 1
e-scratchm.com/ Name: pid
Value: 7777772e35736372617463686d616e69612e636f6d
.e-scratchm.com/ Name: brandId
Value: 1
.e-scratchm.com/ Name: lang
Value: it
.e-scratchm.com/ Name: gp.Arrived
Value: 105970651
.e-scratchm.com/ Name: url_Inc
Value: 105970651
.e-scratchm.com/ Name: url_affToken
Value: Iou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk
.e-scratchm.com/ Name: url_pg
Value: 0
.e-scratchm.com/ Name: url_payload
Value: 239_2086362
.e-scratchm.com/ Name: url_c3
Value: b0c7d98068fe4b68ab36f9f8c6490309
.e-scratchm.com/ Name: url_LP
Value: 329
.e-scratchm.com/ Name: url_referrer
Value:
.e-scratchm.com/ Name: url_affiliateID
Value: 9168
.e-scratchm.com/ Name: url_media
Value:
.e-scratchm.com/ Name: url_ABClicks
Value: 1
.e-scratchm.com/ Name: url_shorten_link
Value: 5815a521591fa
.e-scratchm.com/ Name: url_shorten_target
Value: 8625
.e-scratchm.com/ Name: url_netoClickId
Value: 619124f68f5d69e61c1046d5
.e-scratchm.com/ Name: url_pid
Value: 7777772e35736372617463686d616e69612e636f6d
.e-scratchm.com/ Name: referer
Value: https%253A%252F%252Fe-scratchm.com%252Flps%252Fit%252FWH-style%252F2%252Findex.html%253Fshorten_link%253D5815a521591fa%2526shorten_target%253D8625%2526netoClickId%253D619124f68f5d69e61c1046d5%2526pid%253D7777772e35736372617463686d616e69612e636f6d%2526Inc%253D105970651%2526affToken%253DIou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk%2526pg%253D0%2526payload%253D239_2086362%2526c3%253Db0c7d98068fe4b68ab36f9f8c6490309%2526LP%253D329%2526referrer%253D%2526affiliateID%253D9168%2526media%253D%2526ABClicks%253D1
.e-scratchm.com/ Name: _ga
Value: GA1.2.1583145453.1636902136
.e-scratchm.com/ Name: _gid
Value: GA1.2.614464481.1636902136
.e-scratchm.com/ Name: _gat_UA-27702367-8
Value: 1
.e-scratchm.com/ Name: _hjid
Value: 8c4ac102-cc5e-4d56-92d5-c4829f691180
.e-scratchm.com/ Name: _hjFirstSeen
Value: 1
.e-scratchm.com/ Name: gp.Loaded
Value: 105970651
.e-scratchm.com/ Name: unikClick
Value: yes
.e-scratchm.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://secure.e-scratchm.com/server/clickstats/?brandId=1&deviceCategory=1&campaignId=&mediaId=&affiliateProfileName=&referer=https%3A%2F%2Fe-scratchm.com%2Flps%2Fit%2FWH-style%2F2%2Findex.html%3Fshorten_link%3D5815a521591fa%26shorten_target%3D8625%26netoClickId%3D619124f68f5d69e61c1046d5%26pid%3D7777772e35736372617463686d616e69612e636f6d%26Inc%3D105970651%26affToken%3DIou6UI9d38AfQwbwqlt5uWNd7ZgqdRLk%26pg%3D0%26payload%3D239_2086362%26c3%3Db0c7d98068fe4b68ab36f9f8c6490309%26LP%3D329%26referrer%3D%26affiliateID%3D9168%26media%3D%26ABClicks%3D1
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-origin.netoplay.com
cdn.cg-platform.com
cdn.gratohelp.com
click.power-ppp.com
click.power-pppp.com
e-scratchm.com
maxcdn.bootstrapcdn.com
record.smnetopartners.com
script.hotjar.com
secure.e-scratchm.com
static.hotjar.com
storage.googleapis.com
vars.hotjar.com
www.delightfuldelight.com
www.google-analytics.com
www.googletagmanager.com
13.32.22.41
13.32.22.63
143.204.215.95
147.78.140.10
147.78.140.27
147.78.140.38
147.78.140.81
147.78.140.9
192.34.108.58
209.236.123.154
2606:4700:3035::6815:d44
2606:4700:3036::ac43:a591
2606:4700::6812:acf
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2008
2a00:1450:4001:828::2010
0d5e31763c577d21fbbc748f8f91cf18a8b07e02b703d378038e3dba4a0eda98
176dd49911149af1358b4c6a4ce70c12935bcf22bdb8b9c0f53ddcdcd75399a1
18a4521d5c66bc789e3083b3069e5a5749e5b2ceb48aaf16d9da286e6e62d689
1fb2bb90c5f6a6875daa101395ac1aaab922cd02cf883005da5fdfc26a4ee148
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c798a1ed77d81808ccd071c777ab901965f0ed613cf47867f5e737d6671f905
36b4ac8575fe56f4e0122f9496501b52cc58e58566a45aa41797a1091dd51e5c
489a8a4ff682abf81830a51f9e0853554358b238949fe49a3bdd3ec93c6982d5
61df24c06ed54fd36890a366686fe72fef7ad5ce641bb1ae576e5d2aba9d0e48
62ef9727739235615679515387c86893ad6f77ee2986bf12fea5bd1e4d60f34b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8283feede6f0c2f427ba3487f7951b62ef19e4e98c817e00c4bce570398188
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89b175995457f156318ed4b7f068ea1bf0d88890ce770272c6a3a5606c6ee8dd
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
add186c53eb054fa6301d24c4d09eef52205b96b72a806a2adb21aaaa1bb6a51
b043774247fb8ef1fb01d5fd3b357807daffe900b34956341bad9f1cd806fc09
bf35dd39a910cc00b6995529a6dd307cac32c534ea691f75275a6ecc996b2a85
c4f49a0cb7e7cad2681c2d1c22bcfe1451001c553a4f98123e269b8a207bbd03
d061da0f2ddb6a9f36eb60557f4dc58d2dd67113982d3e08290f268ce2f8a977
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84474674459c14eab80e6bc3b028ab3ec0f5ab8bcb260df1b991166457b0d03
f1cf8781caa96497cc09b11c99940781d08337815ad60ee9b2ef2e1ff7344577
ffb10655101f5367548fff248dc6425fed0c2fcfd80d6ea6890b502cdb91c9aa