www.mrgreen.com
Open in
urlscan Pro
13.225.73.77
Public Scan
Effective URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_s...
Submission: On April 19 via manual from AT
Summary
TLS certificate: Issued by HydrantID SSL ICA G2 on December 10th 2019. Valid for: a year.
This is the only time www.mrgreen.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: estrella.network
estrella.network |
ASN19551 (INCAPSULA, US)
PTR: 107.154.251.88.ip.incapdns.net
ads.mrgreen.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-77.fra2.r.cloudfront.net
www.mrgreen.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-140-66.deploy.static.akamaitechnologies.com
cloud.typography.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-92.fra2.r.cloudfront.net
widget.trustpilot.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net
8605628.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
4707643.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-116.fra2.r.cloudfront.net
cdn.nanigans.com |
ASN36351 (SOFTLAYER, US)
PTR: 52.e4.0ab9.ip4.static.sl-reverse.com
api.nanigans.com |
Domain | Requested by | |
---|---|---|
13 | www.mrgreen.com |
1 redirects
www.mrgreen.com
|
10 | static.mrgcdn.com |
www.mrgreen.com
|
6 | www.google-analytics.com |
1 redirects
www.mrgreen.com
www.google-analytics.com |
5 | a1.adform.net |
estrella.network
a1.adform.net |
3 | cdnjs.cloudflare.com |
www.mrgreen.com
|
2 | www.facebook.com |
www.mrgreen.com
connect.facebook.net |
2 | track.adform.net |
1 redirects
www.mrgreen.com
|
2 | connect.facebook.net |
estrella.network
connect.facebook.net |
2 | 4707643.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | 8605628.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | use.fortawesome.com |
www.mrgreen.com
use.fortawesome.com |
1 | api.nanigans.com |
cdn.nanigans.com
|
1 | www.google.de |
www.mrgreen.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | r.turn.com |
www.mrgreen.com
|
1 | cdn.nanigans.com |
estrella.network
|
1 | fonts.gstatic.com |
www.mrgreen.com
|
1 | www.googletagmanager.com |
www.mrgreen.com
|
1 | widget.trustpilot.com |
www.mrgreen.com
|
1 | ajax.googleapis.com |
www.mrgreen.com
|
1 | cloud.typography.com | 1 redirects |
1 | fonts.googleapis.com |
www.mrgreen.com
|
1 | ads.mrgreen.com | 1 redirects |
1 | estrella.network | |
54 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
casino.mrgreen.com |
www.authorisation.mga.org.mt |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mrgreen.com HydrantID SSL ICA G2 |
2019-12-10 - 2020-12-10 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
use.fonticons.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-17 |
a year | crt.sh |
*.trustpilot.com Amazon |
2019-05-29 - 2020-06-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.nanigans.com Go Daddy Secure Certificate Authority - G2 |
2019-02-28 - 2021-04-29 |
2 years | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
*.turn.com DigiCert SHA2 Secure Server CA |
2020-03-18 - 2021-04-19 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Frame ID: 3E5BD289425BD52E217F2202A445A56B
Requests: 54 HTTP requests in this frame
Frame:
https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
Frame ID: 0E31E294D3B103BF626E794B47A0CC34
Requests: 1 HTTP requests in this frame
Frame:
https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
Frame ID: 887DC899F610067ABFB348B8084D1AE6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://estrella.network/ Page URL
-
https://ads.mrgreen.com/redirect.aspx?pid=4031950&bid=22685
HTTP 301
http://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_med... HTTP 301
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_med... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP (Programming Languages) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL (Databases) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
TrackJs (Analytics) Expand
Detected patterns
- script /tracker\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Kostenlos registrieren
Search URL Search Domain Scan URL
Title: Einloggen
Search URL Search Domain Scan URL
Title: Book Of Dead
Search URL Search Domain Scan URL
Title: Starburst
Search URL Search Domain Scan URL
Title: Vegas Adventures with Mr Green
Search URL Search Domain Scan URL
Title: Vault of Anubis
Search URL Search Domain Scan URL
Title: Lucky Mr Green
Search URL Search Domain Scan URL
Title: Legacy of Dead
Search URL Search Domain Scan URL
Title: Dedicated Roulette Live
Search URL Search Domain Scan URL
Title: Neros Fortune
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://estrella.network/ Page URL
-
https://ads.mrgreen.com/redirect.aspx?pid=4031950&bid=22685
HTTP 301
http://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658 HTTP 301
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://cloud.typography.com/7155672/712248/css/fonts.css HTTP 302
- https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
- https://8605628.fls.doubleclick.net/activityi;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658 HTTP 302
- https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
- https://4707643.fls.doubleclick.net/activityi;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658 HTTP 302
- https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
- https://track.adform.net/Serving/TrackPoint/?pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=| HTTP 302
- https://track.adform.net/Serving/TrackPoint/?CC=1&pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=721731287&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658&dr=http%3A%2F%2Festrella.network%2F&dp=%2Fde%2Faff%2Fvegas-adventures&ul=en-us&de=UTF-8&dt=Vegas%20Adventures%20with%20Mr%20Green%20%7C%20Holen%20Sie%20sich%20bis%20zu%20%E2%82%AC%20100%2C-%20%2B%20200%20Freispiele&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEALQ~&jid=648171665&gjid=1282572840&cid=2114150955.1587316387&tid=UA-63985451-3&_gid=1051428685.1587316387&_r=1>m=2wg480TWJJ8L&cd2=GA1.2.2114150955.1587316387&cd5=DE&cd7=2020-04-19T19%3A13%3A06.959%2B02%3A00&cd10=0&cd11=1587316386959.yeg30c9&cd16=GA1.2.2114150955.1587316387&cd19=storefront&cd23=1&cd34=GA1.2.2114150955.1587316387&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cm6=2725&z=2043288572 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_gid=1051428685.1587316387&gjid=1282572840&_v=j81&z=2043288572 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572&slf_rd=1&random=2003505893
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
estrella.network/ |
255 B 460 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
vegas-adventures
www.mrgreen.com/de/aff/ Redirect Chain
|
2 MB 264 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 653 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
C9B824A3E9336530F.css
www.mrgreen.com/app/themes/storefront/assets/fonts/553158/ Redirect Chain
|
225 KB 170 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template-ppc-3-538c2a2c.css
www.mrgreen.com/app/themes/storefront/dist/styles/ |
160 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.css
www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy-prerender.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ |
240 B 756 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lookup-e88a2794.js
www.mrgreen.com/app/themes/storefront/dist/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie_write.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
89 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mga.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto/https://www.mrgreen.com/app/uploads/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18.png
www.mrgreen.com/app/uploads/ |
562 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gamcare.png
www.mrgreen.com/app/uploads/ |
613 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.gsap.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TweenMax.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ |
102 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.countdown.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0b3514d0.js
use.fortawesome.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-links.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ |
753 B 839 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
400 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Marcom-3361-Acq.-Aff.-Landing-page-Desktop-1872x1050.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto/https://www.mrgreen.com/app/uploads/ |
227 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
220 B 220 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woff2.css
use.fortawesome.com/kits/0b3514d0/publications/102900/ |
38 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumbnail_bookofdead_712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/ |
86 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumbnail_starburst_712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/ |
44 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vegasadventure-thumbnail-1.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-8/ |
66 KB 67 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vault-of-anubis-thumbnail-712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/ |
36 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
luckymrg-thumbnail-1-1.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-3/ |
49 KB 49 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
legacyofdead-thumbnail.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-9/ |
75 KB 75 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wh-roulette-th.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/evolution-thumbnails/ |
52 KB 53 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
neros-fortune-thumbnail-712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/ |
55 KB 55 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=202...
8605628.fls.doubleclick.net/ Frame 0E31 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-advent...
4707643.fls.doubleclick.net/ Frame 887D Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NaN_tracker.js
cdn.nanigans.com/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
a1.adform.net/serving/scripts/trackpoint/async/ |
76 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon
r.turn.com/r/ |
43 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/Serving/TrackPoint/ Redirect Chain
|
35 B 496 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 499 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
500699753395600
connect.facebook.net/signals/config/ |
447 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 254 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event.php
api.nanigans.com/ |
0 658 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
a1.adform.net/Serving/TrackPoint/ |
19 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
a1.adform.net/Serving/TrackPoint/ |
19 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
a1.adform.net/wpf/v2/kla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... |
128 B 703 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
a1.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... |
128 B 705 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 52 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
119 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer string| GoogleAnalyticsObject function| ga string| sf_cookieOverride object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| $ function| jQuery string| ajaxurl function| getParameterByName undefined| data undefined| obj boolean| is_root string| mockdata boolean| got_cookies string| sportBasePath undefined| country undefined| exclusions function| processData function| objData function| createRedirect undefined| xhr function| Cookies function| createCookie function| getCookie function| delete_cookie function| createCookieConsent function| casinoJSONIDs function| gameDetails object| html5 object| Modernizr object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl object| tlGameTiles object| curTime string| endTime number| endTimeUnix string| device string| deviceAgent object| isTouchDevice object| Trustpilot object| NaN_api function| addAdformTrackingCall function| findMarket string| marketPrefix string| marketID_GTM string| pagename object| _adftrack function| fbq function| _fbq string| $page_url object| $this string| $href object| Adform object| KJUR object| adf object| d string| expires object| fortyone20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.mrgreen.com/ | Name: NaN_hash Value: a23557c8ENPDKDNZ1587316387106 |
|
.mrgreen.com/ | Name: _fbp Value: fb.1.1587316387102.1409858081 |
|
.mrgreen.com/ | Name: affiliatevar5 Value: undefined |
|
.mrgreen.com/ | Name: affiliatevar4 Value: undefined |
|
.mrgreen.com/ | Name: visid_incap_2104320 Value: 9gHz00tSQgmS8xccXuXhIKCGnF4AAAAAQUIPAAAAAAD7qy0A6lKZa9+T8PYQPECu |
|
.mrgreen.com/ | Name: affiliatevar1 Value: undefined |
|
.mrgreen.com/ | Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221000677195%7c1%22%7d%5d |
|
.mrgreen.com/ | Name: affiliateandclickid Value: 658658_C6374208FB4E48428B2D25312D407A65 |
|
.mrgreen.com/ | Name: session Value: 1 |
|
.mrgreen.com/ | Name: affiliatevar3 Value: undefined |
|
.mrgreen.com/ | Name: _gcl_au Value: 1.1.1286127859.1587316387 |
|
.mrgreen.com/ | Name: _gid Value: GA1.2.1051428685.1587316387 |
|
.mrgreen.com/ | Name: affiliatesubid Value: undefined |
|
.mrgreen.com/ | Name: _gat_UA-63985451-3 Value: 1 |
|
.mrgreen.com/ | Name: _ga Value: GA1.2.2114150955.1587316387 |
|
.mrgreen.com/ | Name: btag Value: 658658_C6374208FB4E48428B2D25312D407A65 |
|
.mrgreen.com/ | Name: incap_ses_730_2104320 Value: ZE4GXns5UlzGEiyPZXwhCqCGnF4AAAAAq48bYLc0ldl6UV0dkVSPUg== |
|
.mrgreen.com/ | Name: affiliatevar2 Value: undefined |
|
.mrgreen.com/ | Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a4031950%2c%22BID%22%3a22685%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1587316384365)%5c%2f%22%2c%22CookieTag%22%3a%2222685403195021171712581C20204191813%22%7d%5d |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4707643.fls.doubleclick.net
8605628.fls.doubleclick.net
a1.adform.net
ads.mrgreen.com
ajax.googleapis.com
api.nanigans.com
cdn.nanigans.com
cdnjs.cloudflare.com
cloud.typography.com
connect.facebook.net
estrella.network
fonts.googleapis.com
fonts.gstatic.com
r.turn.com
static.mrgcdn.com
stats.g.doubleclick.net
track.adform.net
use.fortawesome.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mrgreen.com
104.17.167.81
104.96.140.66
107.154.251.88
13.224.194.92
13.225.73.116
13.225.73.77
151.139.128.8
172.217.18.166
178.62.93.203
185.10.228.82
216.58.207.70
2606:4700::6810:84e5
2a00:1450:4001:809::200a
2a00:1450:4001:818::2008
2a00:1450:4001:818::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2004
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.157.4.40
37.157.6.252
46.228.164.11
0351f3d79d99270c9c47135ae6eb7d93f37a0836a86d757b9db917d88810ab77
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1463f550945a65105bf29c91aaf39dcda69cf8a9640dd3e82848fdf2fc10c8c7
18238c145f1c82ccdab332e8c1af2a280af974121c74079416fe4a30f6476cf8
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
1a5f45dfb0933e4bc0b62c68fa8e3c7e77339c53282db0610ae728f0dec94cf7
1be5e53e95b6d8e1f4d90b8ced70e6faa9a449e71704a1f5e807a717111f1ade
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22bbef2c3f41d0bb1bac2de6537f59af2fd5955fd0a076e355aced5e51df96c1
23bebb305ca1f7d4d9924526b3c2051c7a823fcad643d6087c2b121fe5af36cd
24610d5f2b30a453587be9cab5145ca7649aa37ee8353a4582352d26fae0a16e
2894a019d51d063b6783559f8f9c0ceb03f3128e948496727477514f6c4e4818
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0
310849a5f945cbe402c9ee331d5a02b99b133a53b16e5d8291ff9adf5df27363
361da9269c760998405cbfdb649bdc5bbc81020e508287b211bbcf1d0582d799
380f77bcb2673ffbfcf2b22a63b98afd78dfab35cc7a88144154669fb0b72bba
3a1a82efc4e8f347ea0e4b7e55ea01f911b88c0c805209d30a0bf3224abd7de8
4141c1c9ae579d4a5a1a12b01f949714595b6f425e9e326bdbbeb27abd4ac172
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
4eeef187d488fbf4e55ccf729e43357ab481854fec6b5e0b1650cb64b7bf200d
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
59eb8a181387982f19964cca4b5eed6aecd5aa649febff7fbaa8e0d0c2bb1e2d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
5d9371e0c41f5f47e50429fdb0aeecca88b5f31c047093468614211ce03e5d90
659189b43e6491644521a058e17142ec1cfcbbf1f61b854d45fe818984c60ef5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208
8e267f0aa2eba56c8be97a3c468a480a0cb4527e0409d29715f16365c21a8015
9b9b620c2fe5f2ea1710cbe67b9e6db570894d4a426c468007a2b530e1131f95
a7cbb8f058189241f3216ee549aa6061233d33fd3ea5f4eb1e6db4ef2514146b
b7b7952bae051d15945e875b443b686f81877f77969d4174e219871188971031
bdfd3e44bdef5791d72af11e1b024a3a52dbb187dad6310699598fdd213a0df6
bffc65969f9a03f73a1da087bf1e822860a8a2599c20c08f7a4afb72a2934605
cbbda5117c2580935ef3fb873d16510c6354dcf8eb381dab2a321ba345ee0694
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d9471e175f041ede3a2f0889b1dcb91d7a9c2de32c766616c70878dfb4c07989
d9696ef19610ed80e50bf0b2ad08b9a54fe6d823a73c62f6ce9f8f494467d11a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec840ebae4ee24661af9ec7105343e6b9e93b58745d0127ef6830756d564a774
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4
f909140eec3390a38868c1335f7e9014d528111a175b16dec73e63543be80865
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
ffa30ec57206a103a0cd523ecdcd29028a09177148f534ed7b86ef656060b8fc