urlscan.io logo urlscan.io
SecurityTrails logo

legostawars.blogspot.com Open in urlscan Pro
2607:f8b0:4006:80f::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://legostawars.blogspot.com.ee/
Effective URL: https://legostawars.blogspot.com/
Submission: On November 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 21 HTTP transactions. The main IP is 2607:f8b0:4006:80f::2001, located in United States and belongs to GOOGLE, US. The main domain is legostawars.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on October 16th 2023. Valid for: 3 months.
This is the only time legostawars.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
legostawars.blogspot.com.ee
legostawars.blogspot.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
3    2600:9000:2209:8200:18:af29:bac0:21 (United States)

ASN16509 (AMAZON-02, US)
d266key948fg17.cloudfront.net
4    2606:4700:3037::6815:cf7 (United States)

ASN13335 (CLOUDFLARENET, US)
locker-cpa.eu
2    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80b::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
4 locker-cpa.eu
locker-cpa.eu
16 KB
3 cloudfront.net
d266key948fg17.cloudfront.net
656 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 blogspot.com
legostawars.blogspot.com
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
987 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
86 KB
1 gstatic.com
fonts.gstatic.com
11 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4015
21 KB
1 blogspot.com.ee
legostawars.blogspot.com.ee
291 B
21 11
Domain Requested by
4 locker-cpa.eu legostawars.blogspot.com
locker-cpa.eu
3 d266key948fg17.cloudfront.net legostawars.blogspot.com
2 www.google-analytics.com legostawars.blogspot.com
browser.sentry-cdn.com
2 fonts.googleapis.com legostawars.blogspot.com
locker-cpa.eu
2 legostawars.blogspot.com legostawars.blogspot.com
1 cdnjs.cloudflare.com locker-cpa.eu
1 cdn.jsdelivr.net locker-cpa.eu
1 www.googletagmanager.com www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com legostawars.blogspot.com
1 browser.sentry-cdn.com legostawars.blogspot.com
1 legostawars.blogspot.com.ee 1 redirects
21 12

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
locker-cpa.eu
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://legostawars.blogspot.com/
Frame ID: 896183CD164E7B4505132FD5EA714628
Requests: 14 HTTP requests in this frame

Frame: https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Frame ID: 680C350CCAC9E2DA3EAAC486998F232E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox Robux Generator 2023 Roblox Robux Generator 2023

Page URL History Show full URLs

  1. https://legostawars.blogspot.com.ee/ HTTP 302
    https://legostawars.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

90 %
HTTPS

90 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

856 kB
Transfer

1208 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://legostawars.blogspot.com.ee/ HTTP 302
    https://legostawars.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
legostawars.blogspot.com/
Redirect Chain
  • https://legostawars.blogspot.com.ee/
  • https://legostawars.blogspot.com/
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
472d48627f468826825574cbe89d2fceeee1adbbfd250c2659ff279fb01907b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
5151
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 23:17:00 GMT
etag
W/"9177be8840fe1c965ce31f8b7640c254b43b3a550bb0277032f3239906b38a7a"
expires
Wed, 08 Nov 2023 23:17:00 GMT
last-modified
Wed, 08 Nov 2023 22:42:38 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
180
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 23:17:00 GMT
expires
Wed, 08 Nov 2023 23:17:00 GMT
location
https://legostawars.blogspot.com/
server
GSE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bundle.min.js
browser.sentry-cdn.com/6.4.1/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://legostawars.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 19 May 2021 16:36:38 GMT
server
Fastly
age
2539719
etag
"42639cce5db857005b8285dedd67553d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20972
expires
Wed, 09 Oct 2024 13:48:21 GMT
style.css
legostawars.blogspot.com/ 		0
0
css2
fonts.googleapis.com/ 		792 B
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Titan+One&display=swap
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b29f167d11351501a1c407554afb36d688a952645e4ee008b34181a2473e46b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 23:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:26:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 23:17:00 GMT
16619944223d89a36c94e4f44ed75934c51e19f251.png
d266key948fg17.cloudfront.net/uploads/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16619944223d89a36c94e4f44ed75934c51e19f251.png
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8200:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
110e752da2783183b4a11c513566c868e6475964330b874430459d861f53acc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
x.NeAACxJD0i_tsuUF9gbEqhVxY.AA4M
date
Wed, 08 Nov 2023 23:17:02 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 01:07:04 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"c46c25f4a005ef6785dd9402da57df2b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
24080
x-amz-cf-id
FtXdwqh8xV_NepfHgpd4Nm7KbOPRHqefF62JTW7n6Y9433fms9Vj1A==
16738350432e81b6597ff4004d9e57a7cebf22e927.png
d266key948fg17.cloudfront.net/uploads/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16738350432e81b6597ff4004d9e57a7cebf22e927.png
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8200:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f318527810e3a3973227234c9db6b3edd0ef41d5fa000888edacfc76ba766402

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
.dNtIuKYosGdDfkodsAhsldoX.yWfJ87
date
Wed, 08 Nov 2023 23:17:02 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jan 2023 02:10:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
etag
"782ea39e8de632e6c3988f8db6ebc55f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
71122
x-amz-cf-id
3q_BtDPdOjDoGwQnZNKAffAZ1Dld-tdmilSSR0P4foXMoOKgtVvLKw==
main.js
legostawars.blogspot.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://legostawars.blogspot.com/main.js
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 23:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1333
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 12:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 12:24:19 GMT
c1734690-7e87-11ee-930f-4573aefec2b0
locker-cpa.eu/iframeLoader/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://locker-cpa.eu/iframeLoader/c1734690-7e87-11ee-930f-4573aefec2b0?
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:cf7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86664ae83f8b1b9e707d78e36052a865ad7194415ed0b31459c7a2c650bd150a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XxuXION1UAA6vcrCuD90b2UL%2F3d0ON25DisEewPRPxqX%2BBN5FzuxDyKfgikRscVNhSgHOqkJFj7aXX8l%2F7atFG5Kax9OnNrXtz9b25s2nvfXgGN%2BobgXGH%2FRTtpNVJIWcwK5sMMqTsqpFB5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
823186e8deda78d0-EWR
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Nov 2023 22:38:10 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2330
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 09 Nov 2023 00:38:10 GMT
15931055727a68f41214aeaf0c86c79b91b1cc39e9.jpg
d266key948fg17.cloudfront.net/uploads/ 		561 KB
562 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/15931055727a68f41214aeaf0c86c79b91b1cc39e9.jpg
Requested by
Host: legostawars.blogspot.com
URL: https://legostawars.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8200:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27e170e6bb6ece131db0e4f6c095a28520e3c83e58885e05120ac21505edf519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legostawars.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
Cb_.jKCj5dxIkvznXNJwcWupmIwII0PJ
date
Wed, 08 Nov 2023 23:17:02 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jun 2020 17:19:33 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"99cf6c8fb006842beecea1f8b04e4b27"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpg
accept-ranges
bytes
content-length
574808
x-amz-cf-id
xg2JY2FylAx_MwBxN3d7cKpfPlix1obtGP7Cf81In6AI68ga5XRwhQ==
c1734690-7e87-11ee-930f-4573aefec2b0
locker-cpa.eu/iframe/ Frame 680C 		31 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/iframeLoader/c1734690-7e87-11ee-930f-4573aefec2b0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:cf7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f71c09378773eeed0a0ebc6e9610b18d75922cf9fe91f0c79b2d3cb7f11be11

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
823186ef4c6b78d0-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 23:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FCSjQEQ9y5hsGuRHi7qFq0uT5ERJ4UqCjK8EOAK0X7WL9Qfic5jnASe4bi2CV4a%2FSRrET%2BMx95BVXRXq9BKr7ATJUmhUUWz8qu2lCpkOYJIHZTImCtyX9ZCqBp72kHJJ0bdp0OVFC8%2FQ9rS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
mFTzWbsGxbbS_J5cQcjClDgm.woff2
fonts.gstatic.com/s/titanone/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titanone/v15/mFTzWbsGxbbS_J5cQcjClDgm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titan+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f15f138af309ad659b62246999cccc2da21759ec8619d7e6ea759e8eb5a7a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://legostawars.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:14:48 GMT
x-content-type-options
nosniff
age
453733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10752
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:46:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 17:14:48 GMT
collect
www.google-analytics.com/j/ 		15 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=638644143&t=pageView&_s=1&dl=https%3A%2F%2Flegostawars.blogspot.com%2F&ul=en-us&de=UTF-8&dt=Roblox%20Robux%20Generator%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=671783837&gjid=2034619118&cid=900176324.1699485421&tid=UA-85922709-2&_gid=1146279059.1699485421&_r=1&_slc=1&cd1=1&z=82962993
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 23:17:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://legostawars.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EL9WPX8S0Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a8f98927d1a5400ee33cfee59c0d27ba43088187593f99187091c002e29c161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87310
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 23:17:02 GMT
css-vars-ponyfill@2
cdn.jsdelivr.net/npm/ Frame 680C 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/css-vars-ponyfill@2
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d5d8f9866f4c0e93e2da777633b046b9e4c75d475bc7e33629011e86d0c3a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://locker-cpa.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 Nov 2023 23:17:03 GMT
x-content-type-options
nosniff
content-encoding
br
age
33670
x-jsd-version
2.4.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8214
x-served-by
cache-fra-eddf8230121-FRA, cache-lga21965-LGA
x-jsd-version-type
version
etag
W/"5b5b-mazjNSl1ItDUIIJy3TRtzgvo1Yw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ Frame 680C 		773 B
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://locker-cpa.eu/
Origin
https://locker-cpa.eu
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
604400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
333
last-modified
Mon, 04 May 2020 16:13:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f23-305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rP1t82NEXAoCIrdZKicg5ePgXzc%2F%2FBoUuQC9uZoZWkY1nh3LUu8DZB6L%2BU1TFTV0hvVEpDwH3Sfwz%2FH1qxzZCcYBfzn6exqhmBmKsQb%2BH93RHy0Kie4Qk4foPMq72M88z09qqJiY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
823186fb9df115d3-EWR
expires
Mon, 28 Oct 2024 23:17:03 GMT
84765-1.css
locker-cpa.eu/css/ Frame 680C 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://locker-cpa.eu/css/84765-1.css?id=4de1cf96d85e2bed30b5
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:cf7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d8ea89e3568c38c4d557ad82805203c4232c282ff3d9663c90c056be323e2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 14:53:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1171449
etag
W/"62b47e6a-2a6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sqx0dHWO5CF6mnJTWtuHNadhhrD68ueXY8kUmy6%2FnSxvbw8HpfB7%2BAeUNAx8diBWewlqMLxI3GZE9rzVkG1BAV6qeSPdkkYf3XC%2F2KDc2VWffA%2BFty%2Fbjmb7Me1bgXaJ6yLOq7saa%2Fp2qrbU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
823186fbbbea4319-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 25 Oct 2024 09:52:54 GMT
offers
locker-cpa.eu/api/locker/ Frame 680C 		0
0
lock-icon-t1.png
locker-cpa.eu/assets/images/ Frame 680C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://locker-cpa.eu/assets/images/lock-icon-t1.png
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:cf7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209cbe70b493d8a0c70d20583663bb7c2cd3264b84f17110bd1b16d7b1dc0958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://locker-cpa.eu/iframe/c1734690-7e87-11ee-930f-4573aefec2b0?if=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 23:17:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 08 May 2021 19:26:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6096e5ea-455"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7l%2FcBzyOkuMAxGObhsz5TSnIQacJaAWRNihg9s3iU6gkCI9F0%2FLRTkp1Nr7LA%2BmtID6U5FS5RSydWq4jng2mAvd0pkYqAa0gg%2B9mqxKlt2vusgBZsvU2UzMEJ%2Fgcr3BscMs6cQiIOk3vlXy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
823186fbcbf74319-EWR
alt-svc
h3=":443"; ma=86400
content-length
1109
css
fonts.googleapis.com/ Frame 680C 		5 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,700&display=swap
Requested by
Host: locker-cpa.eu
URL: https://locker-cpa.eu/css/84765-1.css?id=4de1cf96d85e2bed30b5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f89626503c2fc113f08d17216c7c2f2493369c6bb280600fdb5865468378535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://locker-cpa.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 23:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:20:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 23:17:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
legostawars.blogspot.com
URL
https://legostawars.blogspot.com/style.css
Domain
locker-cpa.eu
URL
https://locker-cpa.eu/api/locker/offers?country_code=US&user_agent=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTIzIFNhZmFyaS81MzcuMzY%3D&ip=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTpiODg1OmM2OGE6Zjk0NQ%3D%3D&program_id=84765&epc_value=10&is_adult=0&max_offer_number=5&wifi=1&configuration_id=1709341

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins function| $ function| jQuery function| showLocker function| renderUsernameForm function| renderKudosBundles function| renderLoadingScreen function| init object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

3 Cookies

Domain/Path Name / Value
.legostawars.blogspot.com/ Name: _ga
Value: GA1.3.900176324.1699485421
.legostawars.blogspot.com/ Name: _gid
Value: GA1.3.1146279059.1699485421
.legostawars.blogspot.com/ Name: _gat_customTemplateGlobal
Value: 1

3 Console Messages

Source Level URL
Text
security error URL: https://legostawars.blogspot.com/(Line 526)
Message:
Refused to apply style from 'https://legostawars.blogspot.com/style.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://legostawars.blogspot.com/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://legostawars.blogspot.com/
Message:
Refused to execute script from 'https://legostawars.blogspot.com/main.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
browser.sentry-cdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d266key948fg17.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
legostawars.blogspot.com
legostawars.blogspot.com.ee
locker-cpa.eu
www.google-analytics.com
www.googletagmanager.com
legostawars.blogspot.com
locker-cpa.eu
104.17.24.14
2600:9000:2209:8200:18:af29:bac0:21
2606:4700:3037::6815:cf7
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::2001
2607:f8b0:4006:824::200e
2a04:4e42:200::485
2a04:4e42:600::729
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06d8ea89e3568c38c4d557ad82805203c4232c282ff3d9663c90c056be323e2f
0f89626503c2fc113f08d17216c7c2f2493369c6bb280600fdb5865468378535
110e752da2783183b4a11c513566c868e6475964330b874430459d861f53acc0
209cbe70b493d8a0c70d20583663bb7c2cd3264b84f17110bd1b16d7b1dc0958
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
27e170e6bb6ece131db0e4f6c095a28520e3c83e58885e05120ac21505edf519
2a8f98927d1a5400ee33cfee59c0d27ba43088187593f99187091c002e29c161
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
2f15f138af309ad659b62246999cccc2da21759ec8619d7e6ea759e8eb5a7a53
3d5d8f9866f4c0e93e2da777633b046b9e4c75d475bc7e33629011e86d0c3a84
472d48627f468826825574cbe89d2fceeee1adbbfd250c2659ff279fb01907b7
5f71c09378773eeed0a0ebc6e9610b18d75922cf9fe91f0c79b2d3cb7f11be11
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
86664ae83f8b1b9e707d78e36052a865ad7194415ed0b31459c7a2c650bd150a
b29f167d11351501a1c407554afb36d688a952645e4ee008b34181a2473e46b2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f318527810e3a3973227234c9db6b3edd0ef41d5fa000888edacfc76ba766402