urlscan.io logo urlscan.io
SecurityTrails logo

www.busr.ag Open in urlscan Pro
31.3.2.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3Rno67N
Effective URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campai...
Submission: On May 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 31.3.2.196, located in Frankfurt am Main, Germany and belongs to MEDIANOVA-CDN, TR. The main domain is www.busr.ag.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2024. Valid for: a year.
This is the only time www.busr.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
12 31.3.2.196 21245 (MEDIANOVA...)
3 142.250.186.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 4
Apex Domain
Subdomains		 Transfer
12 busr.ag
www.busr.ag
cdn.busr.ag
192 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
972 B
1 gstatic.com
www.gstatic.com
202 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6755
352 B
16 4
Domain Requested by
7 www.busr.ag www.busr.ag
5 cdn.busr.ag www.busr.ag
cdn.busr.ag
3 www.google.com www.busr.ag
www.gstatic.com
1 www.gstatic.com www.google.com
1 bit.ly 1 redirects
16 5

This site contains links to these domains. Also see Links.

Domain
record.webpartners.co
twitter.com
www.gamblersanonymous.org
Subject Issuer Validity Valid
*.busr.ag
Sectigo RSA Domain Validation Secure Server CA		 2024-03-12 -
2025-04-07		 a year crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Frame ID: 46B0EE9BCDE696ABAC110D42E9CF0AB8
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP7OQjAAAAALVKhw5RDvFEDEwB6h7QX2U2JDUd&co=aHR0cHM6Ly93d3cuYnVzci5hZzo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=oj448pswhdsk
Frame ID: F491CA7C160DC01E06AF2BF23C039B53
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LcP7OQjAAAAALVKhw5RDvFEDEwB6h7QX2U2JDUd
Frame ID: C0BAB7D196A7112C838CB72A0344080B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome Back - BUSR Check out today's great promotions and odds at BUSR

Page URL History Show full URLs

  1. https://bit.ly/3Rno67N HTTP 301
    https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

395 kB
Transfer

1356 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3Rno67N HTTP 301
    https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request take-me
www.busr.ag/
Redirect Chain
  • https://bit.ly/3Rno67N
  • https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
46 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 / PHP/7.4.24
Resource Hash
26b9402f52d211025e4284686eb7e6e8e7f79a893215fd8bd7761273ef19085b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-cache no-store
content-encoding
gzip
content-length
13606
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 16:56:32 GMT
link
<https://www.busr.ag/wp-json/>; rel="https://api.w.org/" <https://www.busr.ag/wp-json/wp/v2/pages/3431>; rel="alternate"; type="application/json" <https://www.busr.ag/?p=3431>; rel=shortlink
server
MNCDN-2131
vary
Accept-Encoding
x-cache-age
10m
x-cache-status
Edge : MISS, Midcache : EXPIRED
x-edge-location
DE-372
x-litespeed-cache
hit
x-mnrequest-id
97cfbc6a6025806c7924a6f0307f00c8
x-mserver
6859
x-powered-by
PHP/7.4.24
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
224
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 16:56:38 GMT
location
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
referrer-policy
unsafe-url
server
nginx
via
1.1 google
a4dc3177b0e28f4bef28e06798fa023c.css
cdn.busr.ag/wp-content/litespeed/css/ 		306 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
f2be134788650124ceac0a53eef7f104719caa7dd0447a43543bd2de43b735f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 09:20:34 GMT
server
MNCDN-2131
x-mnrequest-id
1154ba11c60eb9084e2b2fb8923ab38c
age
7h
x-edge-location
DE-372
etag
W/"4c7e8-66432ce2-18001242;;;"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-mserver
DE-372
expires
Tue, 21 May 2024 09:20:34 GMT
jquery-3.5.1.min.js
www.busr.ag/assets/js/opt/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.busr.ag/assets/js/opt/jquery-3.5.1.min.js
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
age
17h
x-edge-location
DE-372
x-cache-status
Edge : STALE,
content-length
30121
x-xss-protection
1; mode=block
x-cache-age
10m
last-modified
Tue, 16 Nov 2021 15:56:20 GMT
server
MNCDN-2131
x-mnrequest-id
84f073ee0baef7a0da8cd30c7c868fbb
etag
"15d84-6193d4a4-87b788e;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-mserver
102200
expires
Thu, 16 May 2024 01:29:06 GMT
truncated
/ 		118 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37c6edd88508d8ba4ac7f9dd0cc97526334d43ba71e200b847c5e6509d245180

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa342b97b6acee767a3004efc92747408f998f7d76db22087ac0453163ede0f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
logo.svg
www.busr.ag/assets/home-v2/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.busr.ag/assets/home-v2/images/logo.svg
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
39e6eeeee8c5a5a0ddb67971dcbcd624a387ca6832924fffed0a414b6646dd62
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
age
1d
x-edge-location
DE-372
x-cache-status
Edge : STALE,
content-length
1498
x-xss-protection
1; mode=block
x-cache-age
10m
last-modified
Thu, 23 Mar 2023 18:28:38 GMT
server
MNCDN-2131
x-mnrequest-id
343a2e294bbcfae332cbec0583911010
etag
"bf6-641c9a56-7a2d13;br"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-mserver
102201
expires
Thu, 16 May 2024 01:04:51 GMT
hamburger.svg
www.busr.ag/assets/home-v2/images/ 		606 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.busr.ag/assets/home-v2/images/hamburger.svg
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
2b19ebb51b2cf6d22b860c8e867b679263c18116267dfe6fe4c2b48c6b92cacb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
age
3h
x-edge-location
DE-372
x-cache-status
Edge : STALE,
content-length
246
x-xss-protection
1; mode=block
x-cache-age
10m
last-modified
Thu, 23 Mar 2023 18:28:44 GMT
server
MNCDN-2131
x-mnrequest-id
05261e63c445b58773d484d7b7bb0163
etag
"25e-641c9a5c-7a2d17;br"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-mserver
102200
expires
Thu, 16 May 2024 00:19:44 GMT
truncated
/ 		287 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28b008881a42d19a10f3c0a1d9a12461049de28a3326ae9efd049818fdf77313

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		324 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
b7b017f5d09e6ec067ab57221429eb66.js
cdn.busr.ag/wp-content/litespeed/js/ 		274 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.busr.ag/wp-content/litespeed/js/b7b017f5d09e6ec067ab57221429eb66.js?ver=23411
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
96d67c64e4c1e6e209b6984d060d6774ec778e5d37dc982783527a87e3dd4027

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 09:18:47 GMT
server
MNCDN-2131
x-mnrequest-id
a72c9342257d2d8052ffa1db2f80d27e
age
6h
x-edge-location
DE-372
etag
W/"44725-66432c77-1c000b4a;;;"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-mserver
MNCDN-2137
expires
Tue, 21 May 2024 09:18:48 GMT
twitter-x.svg
cdn.busr.ag/assets/home-v2/images/ 		1 KB
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.busr.ag/assets/home-v2/images/twitter-x.svg
Requested by
Host: cdn.busr.ag
URL: https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
bd26c8f7b2b6a4e9755daa5b125131e729899f0f06c9c7e5dcfaf8b68cae4824

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 18:35:20 GMT
server
MNCDN-2131
x-mnrequest-id
c0ecd76332e4bf9b1db9419eccb9df85
age
26d
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 25 Apr 2024 00:02:13 GMT
lightspeed-v2.woff2
cdn.busr.ag/assets/fonts/lightspeed/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.busr.ag/assets/fonts/lightspeed/lightspeed-v2.woff2
Requested by
Host: cdn.busr.ag
URL: https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
49104bbf9d6c6ca89cabea1eac2f18e075a707a41700e212d34eb1f3b5b2af67

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Origin
https://www.busr.ag
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
last-modified
Tue, 16 Nov 2021 15:56:19 GMT
server
MNCDN-2131
x-mnrequest-id
39082c5b391b861ce7d52f1a376f796a
age
25d
x-edge-location
DE-372
x-cache-status
Edge : STALE,
vary
Accept-Encoding, Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 25 Apr 2024 00:02:21 GMT
busr_http_referer.php
www.busr.ag/includes/ 		7 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.busr.ag/includes/busr_http_referer.php
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/assets/js/opt/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 / PHP/7.4.24
Resource Hash
1aef939917215ce780284dd9047f170482753bbe40a0998b3decb2f02c2606ac
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 16:56:33 GMT
x-cache-age
10m
server
MNCDN-2131
x-mnrequest-id
53a7230804f0727bcbb6bcae6ceb9d44
x-edge-location
DE-372
x-powered-by
PHP/7.4.24
x-cache-status
Edge : ,
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache no-store
content-length
7
x-xss-protection
1; mode=block
x-mserver
102200
expires
Thu, 19 Nov 1981 08:52:00 GMT
login.html
www.busr.ag/templates/modal/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.busr.ag/templates/modal/login.html?v=1715705799
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/assets/js/opt/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
268353a667a55e569dc6b16c1c9bf92ad109160528c1ab103e879cb0eb1cf03f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : MISS, Midcache : MISS
content-length
1496
x-xss-protection
1; mode=block
x-cache-age
10m
last-modified
Wed, 05 Jul 2023 23:03:10 GMT
server
MNCDN-2131
x-mnrequest-id
f612501f4bc3f9c87d1838e433dd05ed
etag
"1669-64a5f6ae-619804;br"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache no-store
accept-ranges
bytes
x-mserver
102201
favicon.ico
www.busr.ag/ 		102 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.busr.ag/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
7d739c43dc4411bf457fcbe5607db46ec9cfc47b0f63498ad97ff54b7c74b6cc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
age
17h
x-edge-location
DE-372
x-cache-status
Edge : STALE,
content-length
11744
x-xss-protection
1; mode=block
x-cache-age
10m
last-modified
Tue, 16 Nov 2021 15:59:04 GMT
server
MNCDN-2131
x-mnrequest-id
6bae0db346a7821dfdc4c8eeb13098d7
etag
"19834-6193d548-60846e;br"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-mserver
102201
expires
Thu, 16 May 2024 00:44:33 GMT
api.js
www.google.com/recaptcha/ 		1 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=reCAPTCHALoginOnloadCallback&render=explicit
Requested by
Host: www.busr.ag
URL: https://www.busr.ag/assets/js/opt/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
a8bb48a04171ab74b932dbe8a34b0b1c5f3f6932a981f8886cd6beb51f8f5026
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 May 2024 16:56:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 		505 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=reCAPTCHALoginOnloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.busr.ag/
Origin
https://www.busr.ag
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206091
x-xss-protection
0
last-modified
Sun, 05 May 2024 20:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 May 2025 14:21:53 GMT
busr-join.ttf
cdn.busr.ag/assets/css/busr-join-v1.0/fonts/ 		3 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.busr.ag/assets/css/busr-join-v1.0/fonts/busr-join.ttf?r0xct4
Requested by
Host: cdn.busr.ag
URL: https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.196 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2131 /
Resource Hash
d411824621b42b078b9c250bb96fcf4a032cc8f2cba30d539fccd32ab689296c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.busr.ag/wp-content/litespeed/css/a4dc3177b0e28f4bef28e06798fa023c.css?ver=23411
Origin
https://www.busr.ag
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:56:33 GMT
content-encoding
br
last-modified
Tue, 16 Nov 2021 15:56:18 GMT
server
MNCDN-2131
x-mnrequest-id
35633f543aab6cd4e2982855c9d02dab
age
17d
x-edge-location
DE-372
x-cache-status
Edge : STALE,
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 25 Apr 2024 00:02:15 GMT
anchor
www.google.com/recaptcha/api2/ Frame F491 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP7OQjAAAAALVKhw5RDvFEDEwB6h7QX2U2JDUd&co=aHR0cHM6Ly93d3cuYnVzci5hZzo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=oj448pswhdsk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RYYZfKQXoQOAL6hYzHKNrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.busr.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RYYZfKQXoQOAL6hYzHKNrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 16:56:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame C0BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LcP7OQjAAAAALVKhw5RDvFEDEwB6h7QX2U2JDUd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sjt6sA5Kni4KQbW2UUZiZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.busr.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sjt6sA5Kni4KQbW2UUZiZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 16:56:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| LazyLoad function| loadLoginInfo function| getQueryStringData function| getRefCode function| setRedirectForLogin function| setPromoCode function| saveRefToCookie function| defaultPromocodeForUSRSignup function| analyticsTrackingSignupModalOpen function| getTimestampInSeconds function| openJoinModal function| openLoginModal function| openForgotPasswordModal function| getModalHTML function| getCookie_new function| bindEventAccountModal function| bindEventStickyHeader function| bindEventMobileMenu function| bindEventSlider function| setCookieWithoutBtoa function| bindEventOddsFormat function| bindEventPlaceBet function| bindEventSportsbook function| readCookie string| LineF string| OddsFormat string| TimeF string| TimeFormat function| getaffToken function| getParameterByName function| trim function| capitalizar function| removeCookie function| setCookie function| getCookie function| join_arr function| lockSignup function| generate_date_of_month function| generate_days object| validateModal object| validatedList function| validate_input_data function| validate_form_on_action function| validate_form function| read_input_data function| test_input_data function| contains function| test__name function| printStateMenu function| validatePostalCode function| validateEmail function| test__day function| test__month function| test__year function| toggle_dob_error_message undefined| validatePcodeInterval function| test__zipcode function| test__zipcode_bypass function| test__email function| test__string function| test__password function| test__password_checklist function| test__phone function| test__pin function| initSignupForm function| verify_step function| initSignupStep function| processLogin function| initLoginForm function| LogByPOST function| initForgotPasswordForm function| submit_signup function| SignupErroNotification function| LoginErroNotification function| internalTracking function| catchAllSignup function| analyticsTrackingForm function| cio_create_customer function| cio_add_event function| cio_identify function| cio_acquisition_update_customer function| checkBUSRUsePin function| initPhoneInput function| initPINInput function| journey_clubhouse_cookies function| pegasus_cookie function| acq_jny_cookie function| custom_cookie_basketball_insiders function| createCookieDomain function| getCookieDomain function| deleteCookieDomain function| Swiper function| Popper object| Util function| Dropdown function| Modal function| Collapse function| Carousel string| REF_CODE string| PROMO_CODE string| REDIRECT_TO function| sendEvent object| lazySizes object| webpackChunkMYBWP_SP string| BUSR_HTTP_REFERER object| remember_me_json object| remember_me_object function| onSubmitLogin function| reCAPTCHALoginOnloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_963856 number| reCAPTCHALoginID

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGaHCq8w-jsmwS-ZxpSb-1mIuQhOknClRliIK0812OuZ8v9UkYLAWdeKSRnL80Zr8_lGZbiV5jxtn1YK0ZqvQm8
.bit.ly/ Name: _bit
Value: o4egUC-b023a08eeb4c662fd0-005
.busr.ag/ Name: sportsbook_time_zone
Value: 51
www.busr.ag/ Name: PHPSESSID
Value: cnl4666f2i74bhra7sk5846du2

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.busr.ag/take-me?to=promotions-and-bonuses&login-modal=open&utm_source=promos-ml&utm_medium=ml&utm_campaign=ml
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdn.busr.ag
www.busr.ag
www.google.com
www.gstatic.com
142.250.186.100
2a00:1450:4001:812::2003
31.3.2.196
67.199.248.10
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
1aef939917215ce780284dd9047f170482753bbe40a0998b3decb2f02c2606ac
268353a667a55e569dc6b16c1c9bf92ad109160528c1ab103e879cb0eb1cf03f
26b9402f52d211025e4284686eb7e6e8e7f79a893215fd8bd7761273ef19085b
28b008881a42d19a10f3c0a1d9a12461049de28a3326ae9efd049818fdf77313
2b19ebb51b2cf6d22b860c8e867b679263c18116267dfe6fe4c2b48c6b92cacb
37c6edd88508d8ba4ac7f9dd0cc97526334d43ba71e200b847c5e6509d245180
39e6eeeee8c5a5a0ddb67971dcbcd624a387ca6832924fffed0a414b6646dd62
49104bbf9d6c6ca89cabea1eac2f18e075a707a41700e212d34eb1f3b5b2af67
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
7d739c43dc4411bf457fcbe5607db46ec9cfc47b0f63498ad97ff54b7c74b6cc
96d67c64e4c1e6e209b6984d060d6774ec778e5d37dc982783527a87e3dd4027
a8bb48a04171ab74b932dbe8a34b0b1c5f3f6932a981f8886cd6beb51f8f5026
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458
bd26c8f7b2b6a4e9755daa5b125131e729899f0f06c9c7e5dcfaf8b68cae4824
d411824621b42b078b9c250bb96fcf4a032cc8f2cba30d539fccd32ab689296c
dfa342b97b6acee767a3004efc92747408f998f7d76db22087ac0453163ede0f
f2be134788650124ceac0a53eef7f104719caa7dd0447a43543bd2de43b735f4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d